10-15-2012 04:13 PM - edited 03-07-2019 09:28 AM
Hi All,
I have been trying to get my new Cisco 1941 configured to my Cable Modem and have my local network(DHCP on this router) able to access the internet.
I have spent quite a bit of time trying to getthis up and need some assistance. Here is my running config. Any help would be greatly appreciated!
username RPF privilege 15 secret 4 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description Outside World
ip address 67.53.54.252 255.255.255.248
ip access-group to-lan in
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
description Inside Lan
ip address 192.168.64.254 255.255.255.0
ip access-group from-lan in
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
ip forward-protocol nd
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip nat inside source list 199 interface GigabitEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0
!
ip access-list extended nat-list
permit ip 192.168.64.0 0.0.0.255 any
permit tcp 192.168.64.0 0.0.0.255 any
!
access-list 199 permit ip any any
!
!
!
control-plane
!
!
!
line con 0
login local
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
end
Solved! Go to Solution.
10-15-2012 04:22 PM
What part isn't working? I usually use standard access lists for my NAT configurations.
IP access-list standard (name)
Permit (network) (wildcard bits)
Sent from Cisco Technical Support iPhone App
10-15-2012 09:44 PM
Hello
Kindly, use the standard access-list for natting. as it is recommended from cisco.
Rest is fine with your config.
exa:
access-lits 1 permit ip any any
ip nat inside source list 1 interface GigabitEthernet0/0 overload
Regards,
srikanth
10-15-2012 10:58 PM
Hi,
Can you post the output of show access-list and also can you change your default route:
no ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0
ip route 0.0.0.0 0.0.0.0 x.x.x.x where x.x.x.x is the next-hop IP( default gateway provided by ISP)
also don't use a permit ip any any for NAT ACL
Regards.
Alain
Don't forget to rate helpful posts.
10-15-2012 04:22 PM
What part isn't working? I usually use standard access lists for my NAT configurations.
IP access-list standard (name)
Permit (network) (wildcard bits)
Sent from Cisco Technical Support iPhone App
10-15-2012 09:44 PM
Hello
Kindly, use the standard access-list for natting. as it is recommended from cisco.
Rest is fine with your config.
exa:
access-lits 1 permit ip any any
ip nat inside source list 1 interface GigabitEthernet0/0 overload
Regards,
srikanth
10-15-2012 10:58 PM
Hi,
Can you post the output of show access-list and also can you change your default route:
no ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0
ip route 0.0.0.0 0.0.0.0 x.x.x.x where x.x.x.x is the next-hop IP( default gateway provided by ISP)
also don't use a permit ip any any for NAT ACL
Regards.
Alain
Don't forget to rate helpful posts.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide