Solved: Re: Can't access internet from lan

mohammed asif suleman · ‎12-18-2012

I am setting up a new router for my Internet connection.

the configuration for the router is :

ISP gateway : 172.18.4.129 255.255.255.252

my router gateway :172.18.4.130 255.255.255.252

local lan gateway : 10.10.10.100 255.255.255.0

system Ip : 10.10.10.99 255.255.255.0

------------------------------------------------------------------------------------------

interface GigabitEthernet0/0

ip address 172.18.4.130 255.255.255.252

ip nat outside

ip virtual-reassembly in

duplex auto

speed auto

!

interface GigabitEthernet0/1

ip address 10.10.10.100 255.255.255.0

ip nat inside

duplex auto

speed auto

!

router eigrp 200

network 10.0.0.0

network 172.18.4.128 0.0.0.3

!

router bgp 65412

bgp log-neighbor-changes

neighbor 172.18.4.129 remote-as 65000

!

ip forward-protocol nd

!

ip http server

ip http access-class 10

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

ip nat pool p1 172.18.4.130 172.18.4.130 netmask 255.255.255.0

ip nat inside source list 10 interface GigabitEthernet0/0 overload

ip route 0.0.0.0 0.0.0.0 172.18.4.129

!

access-list 10 permit 10.10.10.0 0.0.0.255

!

-------------------------------------------------------------------------------------------------------------------------

I can ping the ISP gateway that is 172.18.4.129 from my system.but i cannot go beyond that.

can any one help me please....

Abzal · ‎12-18-2012

Hi,
Router configuration looks fine. How is your system connected with router? Try to sniff packets with wireshark when you access to the Internet? Could you ping something like 8.8.8.8? Is there DNS sever configured? Try to ping any Internet web site by hostname? Is there any proxy?

Abzal

Sent from Cisco Technical Support iPhone App

Best regards,
Abzal

View solution in original post

bharat.rajwanshi · ‎12-18-2012

Please ask your ISP about what DNS to be used? use same DNS on System to access the internet.

View solution in original post

Abzal · ‎12-18-2012

Then check what ISPs BGP router advertising:

show ip bgp

It should be at least advertising default route.

Check if bgp neighborship is eatablished

show ip bgp summary

From router

Sent from Cisco Technical Support iPhone App

Best regards,
Abzal

View solution in original post

cadet alain · ‎12-18-2012

Hi,

in this case it should be worth trying to get rid of the static default route and see if a BGP default route gets installed in the RIB.

A question I've got is why use BGP and not advertise any network ?

Regards.

Alain

Don't forget to rate helpful posts.

View solution in original post

cadet alain · ‎12-18-2012

Hi,

Can you reenter your sdtatic default once again and do this:

en

conf t

logging on

logging buffered 100000 debug

access-list 199 permit icmp any any

do clear log

do debug ip pack det 199

do ping 8.8.8.8 repeat 2

do sh log

Post the output here please

Regards.

Alain

Don't forget to rate helpful posts.

View solution in original post

shillings · ‎12-18-2012

To view what you're actually receiving from the ISP, you need to configure the following:

router bgp 65412

neighbor 172.18.4.129 soft-reconfiguration inbound

Then, once you've cleared the BGP neighborship, you should be able to enter show ip bgp neighbors 172.18.4.129 received-routes to see the received prefixes.

Obviously, if you're ever learning the entire Internet routing table, then this is a bad idea due to the huge memory requirement placed on the router, but for situations like this it is very useful.

Has this service ever worked? Are you simply swapping out the router - i.e. the old one was working fine?

Also, if you stick with BGP, then you should apply inbound and outbound filters once it's all working.

View solution in original post

Abzal · ‎12-18-2012

Hi,
Router configuration looks fine. How is your system connected with router? Try to sniff packets with wireshark when you access to the Internet? Could you ping something like 8.8.8.8? Is there DNS sever configured? Try to ping any Internet web site by hostname? Is there any proxy?

Abzal

Sent from Cisco Technical Support iPhone App

Best regards,
Abzal

bharat.rajwanshi · ‎12-18-2012

Please ask your ISP about what DNS to be used? use same DNS on System to access the internet.

mohammed asif suleman · ‎12-18-2012

thank you for your response......

all they given is vlan 2435

ip and BGP configuration

mohammed asif suleman · ‎12-18-2012

i can't ping to any external dns or website from my laptop or router.

i can only ping from router to the bgp nighbor 172.31.16.3

Abzal · ‎12-18-2012

Then check what ISPs BGP router advertising:

show ip bgp

It should be at least advertising default route.

Check if bgp neighborship is eatablished

show ip bgp summary

From router

Sent from Cisco Technical Support iPhone App

Best regards,
Abzal

cadet alain · ‎12-18-2012

Hi,

in this case it should be worth trying to get rid of the static default route and see if a BGP default route gets installed in the RIB.

A question I've got is why use BGP and not advertise any network ?

Regards.

Alain

Don't forget to rate helpful posts.

mohammed asif suleman · ‎12-18-2012

i removed it but no change.... here i am attaching the details

ASIC-SADAD#sh ip bgp

BGP table version is 31, local router ID is 172.18.4.130

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale, m multipath, b backup-path, x best-external, f RT-Filter

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 62.149.110.28/30 172.18.4.129 0 65000 ?

r> 172.18.4.128/30 172.18.4.129 0 0 65000 ?

*> 172.31.3.16/30 172.18.4.129 0 0 65000 ?

*> 172.31.197.16/30 172.18.4.129 0 65000 ?

*> 172.31.217.200/30

172.18.4.129 0 65000 ?

*> 172.31.229.128/30

172.18.4.129 0 65000 ?

ASIC-SADAD#sh ip bgp summary

BGP router identifier 172.18.4.130, local AS number 65412

BGP table version is 31, main routing table version 31

6 network entries using 816 bytes of memory

6 path entries using 336 bytes of memory

2/2 BGP path/bestpath attribute entries using 256 bytes of memory

1 BGP AS-PATH entries using 24 bytes of memory

0 BGP route-map cache entries using 0 bytes of memory

0 BGP filter-list cache entries using 0 bytes of memory

BGP using 1432 total bytes of memory

BGP activity 12/6 prefixes, 18/12 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

172.18.4.129 4 65000 130 130 31 0 0 01:54:30 6

cadet alain · ‎12-18-2012

Hi,

Can you reenter your sdtatic default once again and do this:

en

conf t

logging on

logging buffered 100000 debug

access-list 199 permit icmp any any

do clear log

do debug ip pack det 199

do ping 8.8.8.8 repeat 2

do sh log

Post the output here please

Regards.

Alain

Don't forget to rate helpful posts.

shillings · ‎12-18-2012

To view what you're actually receiving from the ISP, you need to configure the following:

router bgp 65412

neighbor 172.18.4.129 soft-reconfiguration inbound

Then, once you've cleared the BGP neighborship, you should be able to enter show ip bgp neighbors 172.18.4.129 received-routes to see the received prefixes.

Obviously, if you're ever learning the entire Internet routing table, then this is a bad idea due to the huge memory requirement placed on the router, but for situations like this it is very useful.

Has this service ever worked? Are you simply swapping out the router - i.e. the old one was working fine?

Also, if you stick with BGP, then you should apply inbound and outbound filters once it's all working.

mohammed asif suleman · ‎12-18-2012

sorry......and thankyou

sorry for making you guys worried on this issue....

i was wrongly informed by our outside co-ordinator as it is an internet connection

later i came to know when i spoke to my isp that this is a mpls connection for a perticular organization.

thaknyou for your valueble support.