08-01-2011 08:18 AM - edited 03-07-2019 01:29 AM
Hi everyone,
I'm trying to change my office's router (a D-Link) for a Cisco 1841.
The current router works for internet access but I need to do some new things which are too tricky to achieve on D-Link's user interface.
The network diagram is attached.
I need to assign the local server as our DHCP & DNS server.
So, I have been testing and trying to give LAN access to the internet with the following configuration:
*******
Router#sh run
Building configuration...
Current configuration : 1173 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
ip cef
!
!
no ip dhcp use vrf connected
!
ip dhcp pool OFFICE
next-server 192.168.0.70
dns-server 192.168.0.70
!
!
!
!
!
!
interface FastEthernet0/0
ip address 192.168.0.3 255.255.255.0
ip nat inside
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 172.10.16.64 255.255.0.0
ip nat outside
duplex auto
speed auto
!
interface Serial0/0/0
no ip address
shutdown
clockrate 2000000
!
interface Serial0/0/1
no ip address
shutdown
clockrate 2000000
!
ip classless
!
ip http server
ip nat pool ISP 172.10.16.64 172.10.16.70 prefix-length 24
ip nat inside source list 1 pool ISP
!
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 101 permit icmp 192.168.0.0 0.0.0.255 any echo-reply
access-list 101 permit ip any any
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
login
!
end
*******
But so far, It hasn't worked.
I can't even receive any ping responses from f0/0.
What really worries me it's the fact that I know this should be a very easy set-up.
What am I doing wrong?
Thanks in advance.
Solved! Go to Solution.
08-01-2011 04:31 PM
I'm setting to every host the exact configuration I have on my PC and test Laptop (DNS servers & DHCP auto).
So, how could somebody explain that two hosts, on the same network, on the same domain, with the same server, with a "working" DNS server configuration, cannot work the same way?
Sorry for asking too much but I just can't understand this.
Thanks,
RA.
08-01-2011 04:38 PM
Raul
Sorry, i misunderstood. I thought you were saying the only devices that worked were the ones that you manually setup DNS on. If these are windows PCs can you post the output of this command from a DOS prompt -
"ipconfig /all"
can you post from a PC that works and one that doesn't.
Jon
08-01-2011 05:08 PM
I issued "ipconfig /all" on 7 machines: 2 working, 5 not.
All the same:
DHCP Enabled: No.
Autoconfig Enabled: Yes.
IP Address: 192.168.0.X
Subnet Mask: 255.255.255.0
Default Gateway: 192.168.0.3
DHCP Server: 192.168.0.70
DNS Servers: X.X.X.X --> First ISP DNS
Y.Y.Y.Y --> Second ISP DNS
192.168.0.70
08-01-2011 05:10 PM
Raul
Does 192.168.0.70 server have forwarding setup to the ISP DNS servers ?
Jon
08-01-2011 05:17 PM
Raul
One more test. From a PC that doesn't work can you try accessing a website using the IP address in the web browser rather than an URL.
Jon
08-01-2011 05:57 PM
It had 8.8.8.8 and 8.8.4.4.
I erased that and set the two ISP DNS servers IP addresses.
DNS administrator screen says "cannot resolve server's FQDN" on each of them.
Anyway, I still have access to the internet & intranet only through my PC and my test laptop.
Thanks,
RA.
08-01-2011 05:58 PM
Can you try the web browser test i asked about ?
Jon
08-01-2011 06:13 PM
Already tried, same thing.
PC & Test Laptop .... OK.
Rest of hosts ........... Nothing
Thanks,
RA.
08-01-2011 06:18 PM
So just recap -
you have a PC and laptop that are cofigured in exactly the same way as other hosts - yes/no
the other hosts are in the same subnet as the PC and laptop - yes/no
all devices are in the same vlan on the switch - yes/no
you have tried accessing a web site using "http://
if so can you -
1) from either the pc or laptop do a traceroute to an IP address on the internet
2) from one of the machines that doesn't work can you do the same ie. traceroute to the same IP on the internet
Jon
08-01-2011 06:34 PM
Yes
Yes
To tell you the truth, I'm not sure.
Yes
1) Everything OK (13 hops until reaching yahoo.com server)
2) Not working:
1 <1 ms <1ms <1ms 192.168.0.3
2 192.168.0.3 reports: destination host unreachable
PD: I don't know if those are the correct words (I'm translating from spanish).
Thanks,
RA.
08-01-2011 10:21 PM
I belive you need to add "overload" in the end of you source list configuration.
I hope it helps.
Sincerely,
GRinch
08-01-2011 10:45 PM
I've simulated your situation with cisco 1841 router. I changed addresses just for make configuration faster. Everything works perfect.
Here an configuration example.
version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Router
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 192.168.10.1 255.255.255.0
ip nat outside
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 172.16.1.1 255.255.255.0
ip nat inside
duplex auto
speed auto
!
interface Vlan1
no ip address
shutdown
!
ip nat pool Inet 192.168.10.1 192.168.10.1 netmask 255.255.255.0
ip nat inside source list 1 pool Inet overload
ip classless
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
!
!
access-list 1 permit 172.16.1.0 0.0.0.255
!
!
!
!
!
line con 0
line vty 0 4
login
!
!
!
end
08-02-2011 08:55 AM
Almost there...!!!
I added "overload" and after testing 12 machines here are the results:
a) 8 PCs have internet & intranet access
b) 4 PCs have internet access but no intranet.
Thank you very much for your help..!!!
RA.
08-02-2011 08:57 AM
Raul
What do you mean by intranet access ?
Jon
08-02-2011 09:15 AM
Hi Jon,
I mean access to our local / office website where we put our files and some other stuff.
A simple website located on our local server.
Thanks,
RA.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide