03-05-2014 07:44 AM - edited 03-07-2019 06:32 PM
Hello, I recently purchased some used Cisco routers and switches to learn with. My first goal was to try and setup a small network that would connect back to my home network.
The setup, I am currently using is 2 2610 Cisco Routers and 1 2950 Switch, the following is the topology I have setup
I have Router1 connected via its single Ethernet port back to my home Aris Home Modem / Router. I then have Router1 connected via Serial0 to Router2, and Router2 Ethernet is connected to Switch1 on port fa0/1. And the PC is connected to the switch.
I have configured the follow IP address
Router1
Ethernet0
ip address 192.168.0.125 255.255.255.0 (This is an IP address on my home network, the Arris router is 192.168.0.1)
Serial0
ip address 192.168.1.1 255.255.255.0
DCE with Clock Rate 64000
Router2
Serial0
ip address 192.168.1.2 255.255.255.0
Ethernet0
ip address 192.168.3.1 255.255.255.0
Switch1
VLAN
ip address 192.168.3.10 255.255.255.0
Default-Gateway 192.168.3.1
PC1
ip address 192.168.3.10 255.255.255.0
Default-Gateway 192.168.3.1
I then have the following IP Routes setup
On Router1 Static Route
ip route 192.168.3.0 255.255.255.0 192.168.1.2
On Router2 Static Route
ip route 192.168.0.0.255.255.255.0 192.168.1.1
With this setup, I get traffic through all the devices I.E. PC can ping back to Router1 and Router1 can ping PC
But I cannot ping domain names, and the PC cannot browse the web.
I am thinking I need to setup DNS servers, but I tried that with
ip name-server 209.18.47.61 (DNS my home PC gets from Time Warner)
I had at one point had Routes such as
ip route 0.0.0.0 0.0.0.0
But that didnt seem to help, I think at one point I was able to ping domain names, but still couldnt browse, not sure what I had changed or setup that made that work but I undid everything also.
I think I am just missing something that I need to configure on the Routers but not sure what, to make it so that the Laptop could browse the web. My goal once I at least work that out is to play more with different Vlans, and such but want to get this first hurdle out of the way.
Any Assistance would be greatly appreciated.
Solved! Go to Solution.
03-05-2014 05:13 PM
You should only need a default route on Router2.
So can you post a "sh ip route" from Router1 and Router2 please.
Jon
03-05-2014 05:50 PM
Here you go
Router1
TestRouter1#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
U - per-user static route, o - ODR
Gateway of last resort is 192.168.0.1 to network 0.0.0.0
C 192.168.0.0/24 is directly connected, Ethernet0/0
C 192.168.1.0/24 is directly connected, Serial0/0
S 192.168.3.0/24 is directly connected, Serial0/0
S* 0.0.0.0/0 [1/0] via 192.168.0.1
Router2
TestRouter2#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is 192.168.1.1 to network 0.0.0.0
C 192.168.1.0/24 is directly connected, Serial0/0
S* 0.0.0.0/0 [1/0] via 192.168.1.1
03-05-2014 06:32 PM
It is configured that way, R1 is connected to my modem and R2 is Serial connected to R1.
Here are some ip interface brief from Router1 and Router2
Router1
TestRouter1#show ip interface brief
Interface IP-Address OK? Method Status Protocol
Ethernet0/0 192.168.0.125 YES manual up up
Serial0/0 192.168.1.1 YES manual up up
Serial0/1 unassigned YES unset administratively down down
Router2
TestRouter2#show ip interface br
TestRouter2#show ip interface brief
Interface IP-Address OK? Method Status Protocol
Ethernet0/0 192.168.3.1 YES manual up up
Serial0/0 192.168.1.2 YES NVRAM up up
Serial0/1 unassigned YES manual administratively down down
I did find while checking this though that for some reason Ethernet0/0 on R2 was down, once bringing it back up,
After this the laptop is still failing to ping but just timeouts now not the destination unreachable errors.
03-05-2014 06:41 PM
Andrew
From the PC can you ping each IP from 192.168.3.1 through to 192.168.0.1 and tell me where it fails.
Also Router1 is seeing a route to 192.168.3.0/24 via the s0/0 interface but the config you posted for Router1 has no such route.
Can you post Router1 and Router2 configurations again please.
Jon
03-05-2014 07:41 PM
Ping Results (All Successful)
Pinging 192.168.0.1 with 32 bytes of data: (Internet Router IP Address)
Reply from 192.168.0.1: bytes=32 time=19ms TTL=62
Reply from 192.168.0.1: bytes=32 time=19ms TTL=62
Reply from 192.168.0.1: bytes=32 time=19ms TTL=62
Reply from 192.168.0.1: bytes=32 time=19ms TTL=62
Pinging 192.168.1.1 with 32 bytes of data: (Router1 Serial Interface)
Reply from 192.168.1.1: bytes=32 time=20ms TTL=254
Reply from 192.168.1.1: bytes=32 time=19ms TTL=254
Reply from 192.168.1.1: bytes=32 time=19ms TTL=254
Reply from 192.168.1.1: bytes=32 time=19ms TTL=254
Pinging 192.168.1.2 with 32 bytes of data: (Router2 Serial Interface)
Reply from 192.168.1.2: bytes=32 time=1ms TTL=255
Reply from 192.168.1.2: bytes=32 time=1ms TTL=255
Reply from 192.168.1.2: bytes=32 time=1ms TTL=255
Reply from 192.168.1.2: bytes=32 time=1ms TTL=255
Pinging 192.168.3.1 with 32 bytes of data: (Router2 Ethernet Interface)
Reply from 192.168.3.1: bytes=32 time=1ms TTL=255
Reply from 192.168.3.1: bytes=32 time=1ms TTL=255
Reply from 192.168.3.1: bytes=32 time=1ms TTL=255
Reply from 192.168.3.1: bytes=32 time=1ms TTL=255
Pinging 192.168.0.125 with 32 bytes of data: (Router1 Ethernet Interface)
Reply from 192.168.0.125: bytes=32 time=19ms TTL=254
Reply from 192.168.0.125: bytes=32 time=19ms TTL=254
Reply from 192.168.0.125: bytes=32 time=19ms TTL=254
Reply from 192.168.0.125: bytes=32 time=19ms TTL=254
Pinging 75.178.6.145 with 32 bytes of data: (Internet Router Outside Address)
Reply from 75.178.6.145: bytes=32 time=21ms TTL=62
Reply from 75.178.6.145: bytes=32 time=19ms TTL=62
Reply from 75.178.6.145: bytes=32 time=19ms TTL=62
Reply from 75.178.6.145: bytes=32 time=19ms TTL=62
And here are the 2 Running Configs
Router1
TestRouter1#show running-config
Building configuration...
Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname TestRouter1
!
enable secret 5 $1$6hFo$XZoYSHmIaUdUSReMw4h5l.
enable password D0r2e2w4#
!
ip subnet-zero
ip name-server 209.18.47.61
!
!
!
!
!
interface Ethernet0/0
description Broadband Internet
ip address 192.168.0.125 255.255.255.0
no ip directed-broadcast
ip nat outside
!
interface Serial0/0
description Home Lan
ip address 192.168.1.1 255.255.255.0
no ip directed-broadcast
ip nat inside
no ip mroute-cache
no fair-queue
clockrate 64000
!
interface Serial0/1
no ip address
no ip directed-broadcast
shutdown
!
ip nat inside source list 1 interface Ethernet0/0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.0.1
ip route 192.168.3.0 255.255.255.0 Serial0/0
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 101 permit ip 192.168.3.0 0.0.0.255 any
!
line con 0
password drew0224
login
transport input none
line aux 0
line vty 0 4
password drew0224
login
!
no scheduler allocate
end
Router2
TestRouter2#show running-config
Building configuration...
Current configuration : 763 bytes
!
version 12.1
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname TestRouter2
!
enable secret 5 $1$v7rI$VvodDIcoDfDEobMA2vOmi.
enable password ********
!
!
!
!
!
ip subnet-zero
ip name-server 209.18.47.61
!
!
!
!
interface Ethernet0/0
description Ethernet Connection to Switch
ip address 192.168.3.1 255.255.255.0
!
interface Serial0/0
description Serial Connection to TestRouter1
ip address 192.168.1.2 255.255.255.0
!
interface Serial0/1
no ip address
shutdown
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.1.1
ip http server
!
access-list 1 permit 192.168.1.0 0.0.0.255
!
line con 0
password ******
login
line aux 0
line vty 0 4
password ******
login
!
end
Thanks
03-05-2014 07:44 PM
Andrew
So all pings successful.
What about out to the internet ie. with an IP and then a URL ?
Jon
03-05-2014 07:51 PM
Those still fail
Note the PC is connected to the Routers Ethernet0/0 port currently
But pings fail to google.com saying it couldnt find the host, no DNS basically it things
Pinging the IP Addresses I get via NSLookup
74.125.228.225
74.125.228.226
74.125.228.227
They all fail with Request Timed out
Thanks
03-05-2014 07:59 PM
Andrew
Sorry, it's been a long day here. Your NAT statement on Router1.
Can you remove the current NAT statement and add this -
ip nat inside source list 101 interface e0/0 overload
then retest.
Jon
03-06-2014 02:27 AM
Hello
It wouldnt let me remove the current keeps saying
%Dynamic mapping in use, cannot remove
But after adding the one you posted
ip nat inside source list 101 interface Ethernet0/0 overload
PC1 can now browse via internet to google.com and is getting most pings to it.
Time to study and try to understand how those nat commands work, as the only difference I see is between being source list 1 and source list 101
03-06-2014 03:44 AM
Andrew
1) "clear ip nat translations *"
2) remove old NAT config
The difference between them is the acl they were using.
You were not matching 192.168.3.x addresses.
Jon
03-06-2014 05:15 AM
Ahhh thanks much for the clarification, now I see it in the running config. The
ip nat inside source list 101 matches to the access-list 101 permit ip 192.168.3.0 to go
While the
ip nat inside source list 1 was matched to the access-list 1 permit 192.168.1.0
So along with trying to remove the ip nat inside source list 1 should I also remove that access-list or leave it.
Thanks very much for all your help.
03-06-2014 05:25 AM
Andrew
You can remove it.
Glad to have helped.
Jon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide