Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
311
Views
0
Helpful
1
Replies

Cannot connect 1921 to Internet

zeefauna
Level 1
Level 1

‎05-18-2018 01:57 AM - edited ‎03-08-2019 03:03 PM

Hello.

Can I get some help with my Cisco 1921...

Please see my config below. My ISP requires VLANs settings to be able to access the internet (VLAN 10) and IPTV (VLAN 20).

~ I have set the switch to the VLANs via their respective ports.~

 

The WAN connection needs to be set to VLAN 10, which is why the setup is as below. I am able to get an IP address from my ISP (via DHCP) and the client PCs are able to get the DHCP address from the router.

 

I can't seem to access the internet from the PCs. I hope somebody can help look at my config and tell what's missing or wrongly configured.

-------------------------------------------------------------------------

ip dhcp excluded-address 192.168.10.250 192.168.10.255
ip dhcp excluded-address 192.168.20.250 192.168.20.255
!
ip dhcp pool VLAN10
 network 192.168.10.0 255.255.255.0
 default-router 192.168.10.254
!
ip dhcp pool VLAN20
 network 192.168.20.0 255.255.255.0
 default-router 192.168.20.254
!
!
!
ip cef
no ipv6 cef
multilink bundle-name authenticated

---------------------------------------------------------------

!
interface Embedded-Service-Engine0/0
 no ip address
 shutdown
!
interface GigabitEthernet0/0
 mac-address e43e.d757.57e2
 no ip address
 ip virtual-reassembly in
 duplex auto
 speed auto
!
interface GigabitEthernet0/0.1
 description WAN
 encapsulation dot1Q 10
 ip address dhcp client-id GigabitEthernet0/0
 ip virtual-reassembly in
!
interface GigabitEthernet0/1
 no ip address
 ip virtual-reassembly in
 duplex auto
 speed auto
!
interface GigabitEthernet0/1.10
 encapsulation dot1Q 10 native
 ip address 192.168.10.254 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
!
interface GigabitEthernet0/1.20
 encapsulation dot1Q 20
 ip address 192.168.20.254 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
!
ip forward-protocol nd
!
ip http server
ip http secure-server
!
ip nat inside source list 1 interface GigabitEthernet0/0.1 overload
ip route 0.0.0.0 0.0.0.0 dhcp
!
!
!
access-list 1 permit 192.168.0.0 0.0.0.255
!
control-plane
!
!
 vstack
!
line con 0
line aux 0
line 2
 no activation-character
 no exec
 transport preferred none
 transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
 stopbits 1
line vty 0 4
 password password
 login
 transport input none
!
scheduler allocate 20000 1000
!
end

 

Labels:
0 Helpful
1 Reply 1

chrihussey
VIP Alumni
VIP Alumni

‎05-18-2018 04:06 AM

Got a few things here:

1- Need to specify a DNS server in the DHCP pools

2- Not sure why you have a sub interface configured on the WAN G0/0 interface, but you need to have the "ip nat outside" configured on the appropriate interface.

3- Not sure if it can be configured, but if possible the default route should be "ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0.1 dhcp".

4- Your NAT access-list 1 is incorrect. It only allows 192.168.0.x and not the VLAN 10 & 20 networks. Should be:

access-list 1 permit 192.168.0.0 0.0.255.255

                    - or -

access-list 1 permit 192.168.10.0 0.0.0.255

access-list 1 permit 192.168.20.0 0.0.0.255

 

Might need some other tweaks, but a good start. Hope this is of some help.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card