Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2381
Views
0
Helpful
4
Replies

Configuring A cisco 881 behind Telstra Gateway

Go to solution
Sean Coleman
Level 1
Level 1

‎06-20-2017 12:38 AM - edited ‎03-08-2019 11:02 AM

Hi All, 

Having some trouble and need some help if possible. 

Scenario:

Client has just upgraded to FTTN with VDSL and Telstra DOT. Have been informed that we cannot remove the telstra gateway modem and it has to stay. Parent company of client has issued a Cisco 867 (although for the purposes of today i am using a 881 in the workshop to test before configuring the 867) to be setup and used for VPN connections. 

Issue:

The telstra gateway device has an internal IP Address of 192.168.0.1 and a DMZ server address of 192.168.0.2.

We are unable to bridge the current modem due to telstra DOT hence DMZ. 

Cisco router IP: 192.168.199.1 (SVI/VLAN1)

WAN port IP: 192.168.0.2

Static Route 0.0.0.0 0.0.0.0 192.168.0.1

IP routing Enabled

I am unable to ping or get internet connection from a pc attached to port 1. 

from the PC i can ping .199.1, 0.2 but not .0.1.

I am able to ping 8.8.8.8 & 8.8.4.4 from the router and it succeeds and i can ping the computer on 192.168.199.11 (DG 192.168.199.1)

Any Assistance would be appreciated, Please see config attached below.

Router(config)#do show run
Building configuration...

Current configuration : 903 bytes
!
! Last configuration change at 07:20:55 UTC Tue Jun 20 2017
!
version 15.0
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 10
!
!
ip source-route
!
!
ip cef
no ipv6 cef
!
!
license udi pid CISCO881-K9 sn FHK13437387
!
!
vtp version 2
!
!
!
!
!
!
!
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
ip address 192.168.0.2 255.255.255.0
duplex auto
speed auto
!
interface Vlan1
ip address 192.168.199.1 255.255.255.0
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 192.168.0.1
!
!
!
!
!
!
control-plane
!
!
line con 0
no modem enable
line aux 0
line vty 0 4
login
!
scheduler max-task-time 5000
end

Router(config)#exit
Router#wr
Building configuration...
[OK]
Router#
*Jun 20 07:42:55.203: %SYS-5-CONFIG_I: Configured from console by console

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Mark Malone
VIP Alumni
VIP Alumni

‎06-20-2017 12:56 AM

Hi

your config looks ok as your just punting your traffic up to the Telstra gateway which is in control of the NAT I presume and the routing too

couple of things to check

make sure the Telstra has a route back to your local network a static setup for return traffic this is important  

make sure Telstra is setup for NAT correctly as that's the edge facing device and all subnets on the local router are natted when trying to reach the internet

you may not be able to ping a DMZ device as per security policy depending on the device it may be blocking icmp so you may want to try another test

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Mark Malone
VIP Alumni
VIP Alumni

‎06-20-2017 12:56 AM

Hi

your config looks ok as your just punting your traffic up to the Telstra gateway which is in control of the NAT I presume and the routing too

couple of things to check

make sure the Telstra has a route back to your local network a static setup for return traffic this is important  

make sure Telstra is setup for NAT correctly as that's the edge facing device and all subnets on the local router are natted when trying to reach the internet

you may not be able to ping a DMZ device as per security policy depending on the device it may be blocking icmp so you may want to try another test

0 Helpful

Go to solution
Sean Coleman
Level 1
Level 1
In response to Mark Malone

‎06-20-2017 03:50 PM

Hi Mark, 

Thanks for your reply. The Telstra modem works perfectly fine for all devices plugged into it directly, NATing appears to be working as any device connected can get out and back in. 

I am able to ping the Modem from the cisco router no hassles, i can ping its interface of 192.168.0.1 and get full response. 

ill have a look at putting in a route back to the device.

Kind Regards, 

Sean. 

0 Helpful

Go to solution
Sean Coleman
Level 1
Level 1
In response to Mark Malone

‎06-20-2017 06:58 PM

Hi Mark, 

Looks like its resolved now, 

i put in a static route on the modem as follows:

DEST 192.168.199.1
SN: 255.255.255.0
GW: 192.168.0.2

and it is now working.

thank you very much.

0 Helpful

Go to solution
Mark Malone
VIP Alumni
VIP Alumni
In response to Sean Coleman

‎06-21-2017 12:59 AM

Good stuff

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card