Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6445
Views
40
Helpful
36
Replies

Configure a different DHCP pool on a 1921 Router for a VLAN 2960 switch

Go to solution
mquevedob
Level 1
Level 1

‎12-11-2014 09:41 AM - edited ‎03-07-2019 09:51 PM

Hello guys,

 

I have a cisco 1921 router with the LAN interface connected to a Cisco 2960 switch.

My 2960 switch is configured to work in VLANs

What I would like to do is create IP pools for each VLAN in my switch. 

This will allow a PC on a VLAN to get an IP in a different subnet as PCs connected in other VLANs

 

thanks!

Martin

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
mohammedsebbar
Level 1
Level 1

‎12-11-2014 10:11 AM

Hi,

 

First create your dhcp pools on your router :

 

!
ip dhcp pool VLAN10
   network 192.168.10.0 255.255.255.0
   default-router 192.168.10.1
!
ip dhcp pool VLAN20
   network 192.168.20.0 255.255.255.0
   default-router 192.168.20.1
!

 

Don't forget to put the parameters you need and set up exclusions.

Then configure your .1q sub interfaces

 

interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto

no shutdown


 !
!
interface FastEthernet0/0.1
 encapsulation dot1Q 1 native
 ip address 192.168.1.1 255.255.255.0
!
interface FastEthernet0/0.10
 encapsulation dot1Q 10
 ip address 192.168.10.1 255.255.255.0
!
interface FastEthernet0/0.20
 encapsulation dot1Q 20
 ip address 192.168.20.1 255.255.255.0
!

 

 

On your switch, create you vlans

vlan 10

vlan 20

 

on your switch configure the port connected to your router as a trunk port

interface f0/0

switchport mode trunk

no shutdown

That should be enough. Refine your config.

 

However, some 2960 platforms allow you to change the SDM template and let the switch act as "limited" layer 3 switch letting you create SVI's for instance and activate IP routing;

 

HTH

View solution in original post

0 Helpful
36 Replies 36

Go to solution
mohammedsebbar
Level 1
Level 1

‎12-11-2014 10:11 AM

Hi,

 

First create your dhcp pools on your router :

 

!
ip dhcp pool VLAN10
   network 192.168.10.0 255.255.255.0
   default-router 192.168.10.1
!
ip dhcp pool VLAN20
   network 192.168.20.0 255.255.255.0
   default-router 192.168.20.1
!

 

Don't forget to put the parameters you need and set up exclusions.

Then configure your .1q sub interfaces

 

interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto

no shutdown


 !
!
interface FastEthernet0/0.1
 encapsulation dot1Q 1 native
 ip address 192.168.1.1 255.255.255.0
!
interface FastEthernet0/0.10
 encapsulation dot1Q 10
 ip address 192.168.10.1 255.255.255.0
!
interface FastEthernet0/0.20
 encapsulation dot1Q 20
 ip address 192.168.20.1 255.255.255.0
!

 

 

On your switch, create you vlans

vlan 10

vlan 20

 

on your switch configure the port connected to your router as a trunk port

interface f0/0

switchport mode trunk

no shutdown

That should be enough. Refine your config.

 

However, some 2960 platforms allow you to change the SDM template and let the switch act as "limited" layer 3 switch letting you create SVI's for instance and activate IP routing;

 

HTH

0 Helpful

Go to solution
mquevedob
Level 1
Level 1
In response to mohammedsebbar

‎12-11-2014 10:52 AM

hi mohammedsebbar,

thanks for you reply.

I just tested your recommended commands but I couldnt make it work.

 

Please check my Switch and Router conf

 

 

CISCO 1921 Router conf

Current configuration : 1904 bytes
!
! Last configuration change at 18:39:17 UTC Thu Dec 11 2014
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname hrc_r01
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
ip cef
!
!
!
!
ip dhcp pool VLAN7
 network 10.10.10.0 255.255.255.0
 default-router 10.10.10.1
!
!
!
ip domain name hrc.com.py
ip name-server 190.104.163.57
ip name-server 200.3.250.1
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
license udi pid CISCO1921/K9 sn FGL1834240J
!
!
username xxxxxxxx privilege 15 password 0 xxxxxxxx
!
redundancy
!
!
!
!
!
ip ssh version 2
!
!
!
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
 no ip address
 shutdown
!
interface GigabitEthernet0/0
 description LAN
 no ip address
 ip nat inside
 no ip virtual-reassembly in
 duplex auto
 speed auto
!
interface GigabitEthernet0/0.10
 encapsulation dot1Q 1 native
 ip address 10.10.10.1 255.255.255.0
!
interface GigabitEthernet0/1
 description WAN
 ip address xxx.xxx.xxx.160 255.255.255.252
 ip nat outside
 no ip virtual-reassembly in
 duplex auto
 speed auto
!
interface GigabitEthernet0/0/0
 no ip address
!
interface GigabitEthernet0/0/1
 no ip address
!
interface GigabitEthernet0/0/2
 no ip address
!
interface GigabitEthernet0/0/3
 no ip address
!
interface Vlan1
 no ip address
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip dns server
ip nat inside source list 1 interface GigabitEthernet0/1 overload
ip route 0.0.0.0 0.0.0.0 xxx.xxx.xxx.165
!
access-list 1 permit 10.10.10.0 0.0.0.255
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line 2
 no activation-character
 no exec
 transport preferred none
 transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
 stopbits 1
line vty 0 4
 login local
 transport input all
line vty 5 15
 login local
 transport input all
!
scheduler allocate 20000 1000
!
end

 

CISCO 2960 Switch conf

Current configuration : 1488 bytes
!
version 12.2
service config
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Switch
!
boot-start-marker
boot-end-marker
!
!
!
!
no aaa new-model
switch 1 provision ws-c2960s-24ps-l
!
!
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet0
 no ip address
 shutdown
!
interface GigabitEthernet1/0/1
!
interface GigabitEthernet1/0/2
!
interface GigabitEthernet1/0/3
!
interface GigabitEthernet1/0/4
!
interface GigabitEthernet1/0/5
!
interface GigabitEthernet1/0/6
!
interface GigabitEthernet1/0/7
!
interface GigabitEthernet1/0/8
!
interface GigabitEthernet1/0/9
!
interface GigabitEthernet1/0/10
!
interface GigabitEthernet1/0/11
!
interface GigabitEthernet1/0/12
!
interface GigabitEthernet1/0/13
!
interface GigabitEthernet1/0/14
!
interface GigabitEthernet1/0/15
!
interface GigabitEthernet1/0/16
!
interface GigabitEthernet1/0/17
!
interface GigabitEthernet1/0/18
!
interface GigabitEthernet1/0/19
!
interface GigabitEthernet1/0/20
!
interface GigabitEthernet1/0/21
!
interface GigabitEthernet1/0/22
!
interface GigabitEthernet1/0/23
!
interface GigabitEthernet1/0/24
!
interface GigabitEthernet1/0/25
!
interface GigabitEthernet1/0/26
!
interface GigabitEthernet1/0/27
!
interface GigabitEthernet1/0/28
!
interface Vlan1
 ip address dhcp
!
ip http server
ip http secure-server
!
line con 0
line vty 5 15
!
end

 

 

 

thanks!

Martin

 

 

 

 

 

0 Helpful

Go to solution
mquevedob
Level 1
Level 1
In response to mquevedob

‎12-11-2014 11:47 AM

i sent the wrong switch configuration

here is the right one

 

Current configuration : 6892 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Switch
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$VuOI$5qvm59Nk9BBuIBqYRmAJW.
!
!
!
no aaa new-model
clock timezone UTC -4
switch 1 provision ws-c2960s-48lps-l
authentication mac-move permit
ip subnet-zero
!
!
vtp mode transparent
!
!

 

spanning-tree mode pvst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
!
!
!
!
vlan internal allocation policy ascending
!
vlan 2
 name Administracion
!
vlan 3
 name Micros
!
vlan 4
 name VoIP
!
vlan 5
 name WiFi-Publico
!
vlan 6
 name Otros
!
vlan 7
 name Libres
!
!
!
interface FastEthernet0
 description Management Port
 no ip address
!
interface GigabitEthernet1/0/1
 switchport mode trunk
!
interface GigabitEthernet1/0/2
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/3
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/4
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/5
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/6
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/7
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/8
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/9
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/10
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/11
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/12
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/13
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/14
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/15
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/16
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/17
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/18
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/19
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/20
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/21
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/22
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/23
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/24
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/25
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/26
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/27
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/28
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/29
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/30
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/31
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/32
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/33
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/34
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/35
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/36
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/37
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/38
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/39
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/40
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/41
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/42
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/43
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/44
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/45
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/46
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/47
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/48
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/49
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/50
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/51
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/52
 switchport access vlan 7
 switchport mode access
!
interface Vlan1
 no ip address
!
ip http server
ip http secure-server
ip sla enable reaction-alerts
!
!
line con 0
line vty 0 4
 login
line vty 5 15
 login
!
end

 

0 Helpful

Go to solution
daniel espinal
Level 1
Level 1
In response to mquevedob

‎12-11-2014 12:45 PM

try on the switch 

interface GigabitEthernet1/0/1
 switchport trunk encapsulation dot1q
 switchport mode trunk

 

on the 1921

interface GigabitEthernet0/0.7
 encapsulation dot1Q 7
 ip address 10.10.7.1 255.255.255.0

now anything on vlan 7 will have the ip 10.10.7.xxx

 

It's considered bad practice to use VLAN 1 as your native VLAN for security purposes. 

 

On your router you need to configure a corresponding sub interface for you all your VLANs, if you want routing to work between VLANs. 

 

It'd be helpful if you posted a topology so we can get a better idea of the best way to do it. 

 

Go to solution
mquevedob
Level 1
Level 1
In response to daniel espinal

‎12-11-2014 12:56 PM

hi Daniel,

 

when i try

Switch(config-if)#switchport trunk encapsulation dot1q
                                   ^
% Invalid input detected at '^' marker.

 

i get this error...

it seems like the encapsulation option is not available

 

my topology is like the router-on-a-stick topology

0 Helpful

Go to solution
mquevedob
Level 1
Level 1
In response to mquevedob

‎12-11-2014 01:10 PM

ok that is because the switch only has this encapsulation protocol, and it just uses it by default

0 Helpful

Go to solution
mquevedob
Level 1
Level 1
In response to mquevedob

‎12-11-2014 01:21 PM

about the topology

 

on the 1921 cisco router i have 2 interfaces configured

interface GigabitEthernet0/0 as LAN interface. This is connected to a 2960 cisco switch on interface GigabitEthernet1/0/1

on the other port of the router GigabitEthernet0/1 I have an Iinternet connection 

 

 

 

0 Helpful

Go to solution
mquevedob
Level 1
Level 1
In response to mquevedob

‎12-11-2014 01:28 PM

so, after modifying my conf with the recommended parameters, i still cannot get my PC configured by DHCP

so, here are my confs

 

Router

Current configuration : 1924 bytes
!
! Last configuration change at 21:14:10 UTC Thu Dec 11 2014
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname hrc_r01
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
ip cef
!
!
!
!
ip dhcp pool VLAN7
 network 10.10.7.0 255.255.255.0
 default-router 10.10.7.1
!
!
!
ip domain name hrc.com.py
ip name-server 190.104.163.57
ip name-server 200.3.250.1
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
license udi pid CISCO1921/K9 sn FGL1834240J
!
!
username xxxxxxxx privilege 15 password 0 xxxxxxxx
!
redundancy
!
!
!
!
!
ip ssh version 2
!
!
!
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
 no ip address
 shutdown
!
interface GigabitEthernet0/0
 description LAN
 no ip address
 ip nat inside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
interface GigabitEthernet0/0.7
 encapsulation dot1Q 1 native
 ip address 10.10.7.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
!
interface GigabitEthernet0/1
 description WAN
 ip address xxx.xxx.xxx.166 255.255.255.252
 ip nat outside
 no ip virtual-reassembly in
 duplex auto
 speed auto
!
interface GigabitEthernet0/0/0
 no ip address
!
interface GigabitEthernet0/0/1
 no ip address
!
interface GigabitEthernet0/0/2
 no ip address
!
interface GigabitEthernet0/0/3
 no ip address
!
interface Vlan1
 no ip address
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip nat inside source list 1 interface GigabitEthernet0/1 overload
ip route 0.0.0.0 0.0.0.0 xxx.xxx.xxx.165
!
access-list 1 permit 10.10.10.0 0.0.0.255
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line 2
 no activation-character
 no exec
 transport preferred none
 transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
 stopbits 1
line vty 0 4
 login local
 transport input all
line vty 5 15
 login local
 transport input all
!
scheduler allocate 20000 1000
!
end

 

Switch

Current configuration : 6951 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Switch
!
boot-start-marker
boot-end-marker
!
enable secret 5 xxxxxx
!
!
!
no aaa new-model
clock timezone UTC -4
switch 1 provision ws-c2960s-48lps-l
authentication mac-move permit
ip subnet-zero
!
!
vtp mode transparent
!
!

spanning-tree mode pvst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
!
!
!
!
vlan internal allocation policy ascending
!
vlan 2
 name Administracion
!
vlan 3
 name Micros
!
vlan 4
 name VoIP
!
vlan 5
 name WiFi-Publico
!
vlan 6
 name Otros
!
vlan 7
 name Libres
!
!
!
interface FastEthernet0
 description Management Port
 no ip address
!
interface GigabitEthernet1/0/1
 description Trunk-to-Router
 switchport mode trunk
 spanning-tree portfast trunk
!
interface GigabitEthernet1/0/2
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/3
 switchport access vlan 7
 switchport mode access
!

interface GigabitEthernet1/0/52
 switchport access vlan 7
 switchport mode access
!
interface Vlan1
 no ip address
!
ip http server
ip http secure-server
ip sla enable reaction-alerts
!
!
line con 0
line vty 0 4
 login
line vty 5 15
 login
!
end

 

 

 

0 Helpful

Go to solution
daniel espinal
Level 1
Level 1
In response to mquevedob

‎12-11-2014 02:52 PM

That's very interesting. I am on a 3560 so I have to tell it what the encaps is before I use a trunk.

here is your mistake

interface GigabitEthernet0/0.7
 encapsulation dot1Q 1 native  
 ip address 10.10.7.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in

 

it should be 

interface GigabitEthernet0/0.7
 encapsulation dot1Q 7 

 

that sub interface you have is on vlan 1 not vlan 7 as you want it. It's my fault because originally I made that mistake as well.

Go to solution
mquevedob
Level 1
Level 1
In response to daniel espinal

‎12-11-2014 03:39 PM

I realized that and changed it to 

encapsulation dot1Q 7 native 

and it didn't work. I have to test it without native

 

are the routing and access list ok?

0 Helpful

Go to solution
daniel espinal
Level 1
Level 1
In response to mquevedob

‎12-11-2014 03:54 PM

I think you should drop the native and test it. everything else looks OK. 

do a show ip int bri from the router. make sure all the interfaces are up.

Can you ping the 10.10.7.1 ip from the switch? 

 

Maybe we are missing something here.  

Go to solution
mquevedob
Level 1
Level 1
In response to daniel espinal

‎12-11-2014 03:57 PM

ok, thanks for the pointers.

I will test these things tomorrow first thing.

 

regards,

Martin

0 Helpful

Go to solution
mohammedsebbar
Level 1
Level 1
In response to mquevedob

‎12-12-2014 02:04 AM

Daniel is right. Your switch is tagging ethernet frames with dot1q for all vlans except vlan 1 (the default native vlan). That's the result of the following config section

 interface GigabitEthernet1/0/1
 description Trunk-to-Router
 switchport mode trunk
 spanning-tree portfast trunk

But the router is expecting to hear untagged packets on vlan 7. 

For what regards your dhcp setting, don't forget to put something like this 

ip dhcp excluded-address 10.10.7.1

Also you have to exclude all other statically assigned address within your subnet.

Go to solution
mquevedob
Level 1
Level 1
In response to mohammedsebbar

‎12-12-2014 05:10 AM

Hello guys,

 

I am getting back to business...

 

I included all the suggestions from last night and still can get my PC to get DHCP to configure my Ethernet Interface.

 

here are the confs

 

SWITCH

Current configuration : 6951 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Switch
!
boot-start-marker
boot-end-marker
!
enable secret 5 xxx
!
!
!
no aaa new-model
clock timezone UTC -4
switch 1 provision ws-c2960s-48lps-l
authentication mac-move permit
ip subnet-zero
!
!
vtp mode transparent
!
!
spanning-tree mode pvst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
!
!
!
!
vlan internal allocation policy ascending
!
vlan 2
 name Administracion
!
vlan 3
 name Micros
!
vlan 4
 name VoIP
!
vlan 5
 name WiFi-Publico
!
vlan 6
 name Otros
!
vlan 7
 name Libres
!
!
!
interface FastEthernet0
 description Management Port
 no ip address
!
interface GigabitEthernet1/0/1
 description Trunk-to-Router
 switchport mode trunk
 spanning-tree portfast trunk
!
interface GigabitEthernet1/0/2
 switchport access vlan 7
 switchport mode access
!
interface Vlan1
 no ip address
!
ip http server
ip http secure-server
ip sla enable reaction-alerts
!
!
line con 0
line vty 0 4
 login
line vty 5 15
 login
!
end

 

 

 

ROUTER

Current configuration : 1885 bytes
!
! Last configuration change at 12:52:57 UTC Fri Dec 12 2014
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname hrc_r01
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
ip cef
!
!
!
ip dhcp excluded-address 10.10.7.1 10.10.7.10
!
ip dhcp pool VLAN7
 network 10.10.7.0 255.255.255.0
 default-router 10.10.7.1
!
!
!
ip domain name hrc.com.py
ip name-server 190.104.163.57
ip name-server 200.3.250.1
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
license udi pid CISCO1921/K9 sn FGL1834240J
!
!
username xxxxxxxx privilege 15 password 0 xxxxxxxx
!
redundancy
!
!
!
!
!
ip ssh version 2
!
!
!
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
 no ip address
 shutdown
!
interface GigabitEthernet0/0
 description LAN
 no ip address
 ip nat inside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
interface GigabitEthernet0/0.7
 encapsulation dot1Q 7
 ip nat inside
 ip virtual-reassembly in
!
interface GigabitEthernet0/1
 description WAN
 ip address xxx.xxx.xxx.166 255.255.255.252
 ip nat outside
 no ip virtual-reassembly in
 duplex auto
 speed auto
!
interface GigabitEthernet0/0/0
 no ip address
!
interface GigabitEthernet0/0/1
 no ip address
!
interface GigabitEthernet0/0/2
 no ip address
!
interface GigabitEthernet0/0/3
 no ip address
!
interface Vlan1
 no ip address
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip nat inside source list 1 interface GigabitEthernet0/1 overload
ip route 0.0.0.0 0.0.0.0 xxx.xxx.xxx.165
!
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line 2
 no activation-character
 no exec
 transport preferred none
 transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
 stopbits 1
line vty 0 4
 login local
 transport input all
line vty 5 15
 login local
 transport input all
!
scheduler allocate 20000 1000
!
end

 

 

0 Helpful
Customers Also Viewed These Support Documents