Solved: connected two routers together, but can't connect internet from second router

David H Lee · ‎04-13-2017

hello all! With help from other network gurus, I was able to configure my 1841 router and 1142N AP, and they are running pretty well now. So, as for my next challenge, I decided to connect two 1841 routers together, and with Cisco book's help, I was able to ping each other. However, I can ping between two routers, but can't ping anything outside of network, I.e any internet sites. Two routers are connected with serial port, and Eigrp is the protocol I used to connect two routers, and the first router is directly connected to cable modem. Do I have to add first router's routing table? or NAT trans pool? thank you in advance.

paul driver · ‎04-14-2017

Hello

example of basic NAT ( or in this case PAT)

1) internal networks are: 10.10.10.0/24 and 20.20.20.0/24

2) your receiving dynamic IP address or static addressing from cable modem isp

On the router connected to cable modem-

conf t

Ip route 0.0.0.0 0.0.0.0 dhcp <--- if you are receive dynamic addressing - use this

Or

Ip route 0.0.0.0 0.0.0.0 x.x.x.x <--- if you have been provided with public addressing subnet and this will be the ip of the cable modem - use this

access-list 10 permit 10.10.10.0 0.0.0.255

access-list 10 permit 20.20.20.0 0.0.0.255

ip nat inside source-list 10 interface < cable modem interface) overload

int x/x

description Cable modem interface

ip nat outside

int x/x

Description interface connecting to your internal networks

ip nat inside < assign to all interfaces that you required nat to be used

Res

paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

Julio E. Moisa · ‎04-14-2017

Hi

Paul has provided the information about the network changes required. Between the routers you need to use: A) a dynamic routing protocol or B) a static routing.

As you mentioned the first router 1841 is working fine, so you should have something like that on your routers, also check if the interface between these routers are UP. Please remember the ping is reciprocal so it works on both ways if a icmp packet go to a destination the destination must know how to reach the source.

This is just an example, because I dont know about you IP plan:

ROUTER 1

int fa0/0
description INTERNET
ip add 1.1.1.2 255.255.255.252
ip nat outside
no shutdown

int fa0/1
description TO-ROUTER-2
ip add 172.16.1.1 255.255.255.252
ip nat inside
no shutdown

ip access-list standard PRIVATE-NETWORKS <--- your internal networks
permit 192.168.0.0 0.0.0.255
permit 192.168.1.0 0.0.0.255
permit 192.168.2.0 0.0.0.255

ip nat inside source list PRIVATE-NETWORKS interface g0/0 overload

ip route 0.0.0.0 0.0.0.0 1.1.1.1 <---- a static default route

* One way to advertise a default route through EIGRP is using redistribution static.

router eigrp 100
no auto-summary
redistribute static metric 10000 10 255 1 1500
network 0.0.0.0 255.255.255.255 <-- it is optional, I use it to advertise all networks directly connected but you can make it like in R2

Other way is sending a summarized network:

int fa0/1
description TO-ROUTER-2
ip add 172.16.1.1 255.255.255.252
Ip summary-address eigrp 100 0.0.0.0 0.0.0.0
ip nat inside
no shutdown

ROUTER2

int fa0/1
description TO-ROUTER-2
ip add 172.16.1.2 255.255.255.252
no shutdown

int fa0/0
no shutdown

int fa0/0.10
encapsulation dot1q 10
ip add 192.168.0.1 255.255.255.0

int fa0/0.20
encapsulation dot1q 20
ip add 192.168.1.1 255.255.255.0

int fa0/0.30
encapsulation dot1q 30
ip add 192.168.2.1 255.255.255.0

router eigrp 100
no auto-summary
network 172.16.1.0 0.0.0.3
network 192.168.0.0 0.0.0.255
network 192.168.1.0 0.0.0.255
network 192.168.2 0.0.0.0.255

This router should receive a default route from Router 1, you should see an entry on the routing table for the 0.0.0.0

sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override

Gateway of last resort is 172.16.1.1 to network 0.0.0.0

D* 0.0.0.0/0 [90/307200] via 172.16.1.1, 00:00:04 <--- using summary-address

Now if you are redistributing the default route on R1 you will something like that on R2 through show ip route:

D*EX 0.0.0.0/0 [170/284160] via 172.16.1.1, 00:00:05,

The first entry example has an administrative distance of 90 because it is generated by EIGRP and the second entry example has a AD of 170 because it is assumed as learned by a external protocol

Please rate the comment if it is useful

:-)

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

View solution in original post

Georg Pauwen · ‎04-23-2017

Hello,

here are the configs, Router 1 looks good, on Router 2, you don't need NAT and EIGRP:

interface Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface FastEthernet0/0
ip address dhcp
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface Serial0/0/0
description Link to Router2
ip address 10.0.0.2 255.255.255.252
!
ip forward-protocol nd
ip http server
ip http port 2000
ip http secure-server
ip http path flash:
!
ip nat inside source list 101 interface FastEthernet0/0 overload
ip nat inside source static tcp 192.168.0.6 85 interface FastEthernet0/0 85
ip nat inside source static tcp 192.168.0.6 2000 interface FastEthernet0/0 2000
ip nat inside source static tcp 192.168.0.6 8000 interface FastEthernet0/0 8000
ip nat inside source static tcp 192.168.0.6 8001 interface FastEthernet0/0 8001
ip nat inside source static tcp 192.168.0.6 34599 interface FastEthernet0/0 34599
ip nat inside source static tcp 192.168.0.6 34567 interface FastEthernet0/0 34567
ip nat inside source static tcp 192.168.0.6 554 interface FastEthernet0/0 554
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
!
access-list 101 permit ip 192.168.0.0 0.0.255.255 any
!

Router 2

ip dhcp pool LOCAL1
network 192.168.10.0 255.255.255.0
default-router 192.168.10.1
dns-server 8.8.8.8
!
interface Loopback2
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.10.1 255.255.0.0
ip access-group 101 out
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0/0
description Link to Router1
ip address 10.0.0.2 255.255.255.252
!
ip forward-protocol nd
ip http server
ip http port 2000
ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 10.0.0.1

View solution in original post

Georg Pauwen · ‎04-13-2017

Hello,

post the configs of both 1841 routers. You only need NAT on the router connected to the cable modem, but you need to include the subnet(s) from the second router in any NAT statements...

David H Lee · ‎04-17-2017

I kinda get it. can you provide me some example though? thank you very much, btw.

Georg Pauwen · ‎04-17-2017

Hello,

since you can ping between both routers, the thing left to do is configure the Internet connection.

As stated before, post the configs of both routers, so we can add the necessary bits and pieces...

David H Lee · ‎04-19-2017

I will try to do that. however, one router currently have an access to the internet. I was assuming that I might needed to add something in NAT to connect routers. I'll try to post it tomorrow. thank you.

Georg Pauwen · ‎04-23-2017

Hello,

here are the configs, Router 1 looks good, on Router 2, you don't need NAT and EIGRP:

interface Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface FastEthernet0/0
ip address dhcp
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface Serial0/0/0
description Link to Router2
ip address 10.0.0.2 255.255.255.252
!
ip forward-protocol nd
ip http server
ip http port 2000
ip http secure-server
ip http path flash:
!
ip nat inside source list 101 interface FastEthernet0/0 overload
ip nat inside source static tcp 192.168.0.6 85 interface FastEthernet0/0 85
ip nat inside source static tcp 192.168.0.6 2000 interface FastEthernet0/0 2000
ip nat inside source static tcp 192.168.0.6 8000 interface FastEthernet0/0 8000
ip nat inside source static tcp 192.168.0.6 8001 interface FastEthernet0/0 8001
ip nat inside source static tcp 192.168.0.6 34599 interface FastEthernet0/0 34599
ip nat inside source static tcp 192.168.0.6 34567 interface FastEthernet0/0 34567
ip nat inside source static tcp 192.168.0.6 554 interface FastEthernet0/0 554
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
!
access-list 101 permit ip 192.168.0.0 0.0.255.255 any
!

Router 2

ip dhcp pool LOCAL1
network 192.168.10.0 255.255.255.0
default-router 192.168.10.1
dns-server 8.8.8.8
!
interface Loopback2
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.10.1 255.255.0.0
ip access-group 101 out
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0/0
description Link to Router1
ip address 10.0.0.2 255.255.255.252
!
ip forward-protocol nd
ip http server
ip http port 2000
ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 10.0.0.1

David H Lee · ‎04-24-2017

when I had deleted eigrp, I couldn't ping Router1, so I needed to added it again.
!
!
interface Loopback2
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.10.1 255.255.0.0
ip access-group 101 out
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0/0
description Link to Router1
ip address 10.0.0.2 255.255.255.252
ip access-group 101 out
!
!
router eigrp 100
network 0.0.0.0
!
!
router eigrp 10
network 0.0.0.0
!
ip forward-protocol nd
ip http server
ip http port 2000
ip http secure-server
!
!
ip nat inside source list 101 interface Serial0/0/0 overload
ip route 0.0.0.0 0.0.0.0 Serial0/0/0
!
access-list 101 permit ip 192.168.10.0 0.0.0.255 any
!

ateway of last resort is 0.0.0.0 to network 0.0.0.0

here is the current IP route on Router2. It sees default router and ISP address too.

S*    0.0.0.0/0 is directly connected, Serial0/0/0
      1.0.0.0/24 is subnetted, 1 subnets
D        1.1.1.0 [90/2306560] via 10.0.0.1, 01:32:39, Serial0/0/0
      2.0.0.0/32 is subnetted, 1 subnets
C        2.2.2.2 is directly connected, Loopback2
      10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        10.0.0.0/30 is directly connected, Serial0/0/0
L        10.0.0.2/32 is directly connected, Serial0/0/0
      ISP address is subnetted, 1 subnets
D        ISP address via 10.0.0.1, 01:32:39, Serial0/0/0
C     192.168.0.0/16 is directly connected, FastEthernet0/0
D     192.168.0.0/24 [90/2181120] via 10.0.0.1, 01:32:39, Serial0/0/0
      192.168.10.0/32 is subnetted, 1 subnets
L        192.168.10.1 is directly connected, FastEthernet0/0

let me know what's I need to do more. still can't see anything on internet browser. thank you for you help again.

David H Lee · ‎04-20-2017

Router 1 config:

interface Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface FastEthernet0/0
ip address dhcp
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface Serial0/0/0
description Link to Router2
ip address 10.0.0.2 255.255.255.252
!
ip forward-protocol nd
ip http server
ip http port 2000
ip http secure-server
ip http path flash:
!
!
ip nat inside source list 101 interface FastEthernet0/0 overload
ip nat inside source static tcp 192.168.0.6 85 interface FastEthernet0/0 85
ip nat inside source static tcp 192.168.0.6 2000 interface FastEthernet0/0 2000
ip nat inside source static tcp 192.168.0.6 8000 interface FastEthernet0/0 8000
ip nat inside source static tcp 192.168.0.6 8001 interface FastEthernet0/0 8001
ip nat inside source static tcp 192.168.0.6 34599 interface FastEthernet0/0 34599
ip nat inside source static tcp 192.168.0.6 34567 interface FastEthernet0/0 34567
ip nat inside source static tcp 192.168.0.6 554 interface FastEthernet0/0 554
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
!
access-list 101 permit ip 192.168.0.0 0.0.0.255 any
!

and this is router 2 config

interface Loopback2
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
ip address dhcp
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0/0
description Link to Router1
ip address 10.0.0.5 255.255.255.0
ip access-group 101 out
!
ip forward-protocol nd
ip http server
ip http port 2000
ip http secure-server
!
!
ip nat inside source list 101 interface Serial0/0/0 overload
!
access-list 101 permit ip 192.168.3.0 0.0.0.255 any
!

let me know what's missing, and what needs to be added

thank you in advance

Georg Pauwen · ‎04-20-2017

Hello,

I have made some changes to your configuration, can you give these a try ?

Router 1

interface Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface FastEthernet0/0
ip address dhcp
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface Serial0/0/0
description Link to Router2
ip address 10.0.0.2 255.255.255.252
!
ip forward-protocol nd
ip http server
ip http port 2000
ip http secure-server
ip http path flash:
!
ip nat inside source list 101 interface FastEthernet0/0 overload
ip nat inside source static tcp 192.168.0.6 85 interface FastEthernet0/0 85
ip nat inside source static tcp 192.168.0.6 2000 interface FastEthernet0/0 2000
ip nat inside source static tcp 192.168.0.6 8000 interface FastEthernet0/0 8000
ip nat inside source static tcp 192.168.0.6 8001 interface FastEthernet0/0 8001
ip nat inside source static tcp 192.168.0.6 34599 interface FastEthernet0/0 34599
ip nat inside source static tcp 192.168.0.6 34567 interface FastEthernet0/0 34567
ip nat inside source static tcp 192.168.0.6 554 interface FastEthernet0/0 554
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
!
access-list 101 permit ip 192.168.0.0 0.0.0.255 any
!

Router 2

interface Loopback2
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
ip address dhcp
duplex auto
speed auto
!
interface Serial0/0/0
description Link to Router1
ip address 10.0.0.1 255.255.255.252
ip forward-protocol nd
ip http server
ip http port 2000
ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 10.0.0.2

David H Lee · ‎04-22-2017

thank you. I made some changes on my config on Router 2. Router 1's setting is the same, so didn't put it on here. let me know what you think.

ip dhcp pool LOCAL1
network 192.168.10.0 255.255.255.0
default-router 192.168.10.1
dns-server 8.8.8.8
!

!
!
!
interface Loopback2
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.10.1 255.255.0.0
ip access-group 101 out
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0/0
description Link to Router1
ip address 10.0.0.2 255.255.255.252
ip access-group 101 out
!
!
router eigrp 100
network 0.0.0.0
!
ip forward-protocol nd
ip http server
ip http port 2000
ip http secure-server
!
!
ip nat inside source list 101 interface Serial0/0/0 overload
ip route 0.0.0.0 0.0.0.0 10.0.0.1

One more thing I'd like to ask you. That is, how come I can't apply DHCP command on serial port? I think if I connect two routers via FastEthernet, I think all things will be easier. however, I really want to know how to use serial port. Please enlighten me about this particular matters. thank you!

Georg Pauwen · ‎04-23-2017

Hello,

you actually can assign a DHCP address to a serial interface. The configuration would look like this:

ip dhcp pool SERIAL
network 172.16.1.0 255.255.255.0
!
interface Serial1/0
ip address pool SERIAL

However, keep in mind that serial interface IP addresses are usually fixed addresses because they are next hop addresses in routing. So it is not really advisable to use DHCP on a serial interface.

David H Lee · ‎04-23-2017

thank you for you help. I just wanted to know it is possible or not. I'm not sure what other things I needed to do. I forgot to give ip address on fa0/0 in Router2, so I set DHCP pool and gave ip address on Fa0/0. Please let me know what other mod is needed on my routers. thank you once again.

paul driver · ‎04-14-2017

Hello

example of basic NAT ( or in this case PAT)

1) internal networks are: 10.10.10.0/24 and 20.20.20.0/24

2) your receiving dynamic IP address or static addressing from cable modem isp

On the router connected to cable modem-

conf t

Ip route 0.0.0.0 0.0.0.0 dhcp <--- if you are receive dynamic addressing - use this

Or

Ip route 0.0.0.0 0.0.0.0 x.x.x.x <--- if you have been provided with public addressing subnet and this will be the ip of the cable modem - use this

access-list 10 permit 10.10.10.0 0.0.0.255

access-list 10 permit 20.20.20.0 0.0.0.255

ip nat inside source-list 10 interface < cable modem interface) overload

int x/x

description Cable modem interface

ip nat outside

int x/x

Description interface connecting to your internal networks

ip nat inside < assign to all interfaces that you required nat to be used

Res

paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

David H Lee · ‎04-17-2017

does it matter which port I use? My routers are connected via T-1 serial ports. I think Fa0/0 would have worked well, but I wanted to experiment with serial ports. Thank you for your answer though.

Julio E. Moisa · ‎04-14-2017

Hi

Paul has provided the information about the network changes required. Between the routers you need to use: A) a dynamic routing protocol or B) a static routing.

As you mentioned the first router 1841 is working fine, so you should have something like that on your routers, also check if the interface between these routers are UP. Please remember the ping is reciprocal so it works on both ways if a icmp packet go to a destination the destination must know how to reach the source.

This is just an example, because I dont know about you IP plan:

ROUTER 1

int fa0/0
description INTERNET
ip add 1.1.1.2 255.255.255.252
ip nat outside
no shutdown

int fa0/1
description TO-ROUTER-2
ip add 172.16.1.1 255.255.255.252
ip nat inside
no shutdown

ip access-list standard PRIVATE-NETWORKS <--- your internal networks
permit 192.168.0.0 0.0.0.255
permit 192.168.1.0 0.0.0.255
permit 192.168.2.0 0.0.0.255

ip nat inside source list PRIVATE-NETWORKS interface g0/0 overload

ip route 0.0.0.0 0.0.0.0 1.1.1.1 <---- a static default route

* One way to advertise a default route through EIGRP is using redistribution static.

router eigrp 100
no auto-summary
redistribute static metric 10000 10 255 1 1500
network 0.0.0.0 255.255.255.255 <-- it is optional, I use it to advertise all networks directly connected but you can make it like in R2

Other way is sending a summarized network:

int fa0/1
description TO-ROUTER-2
ip add 172.16.1.1 255.255.255.252
Ip summary-address eigrp 100 0.0.0.0 0.0.0.0
ip nat inside
no shutdown

ROUTER2

int fa0/1
description TO-ROUTER-2
ip add 172.16.1.2 255.255.255.252
no shutdown

int fa0/0
no shutdown

int fa0/0.10
encapsulation dot1q 10
ip add 192.168.0.1 255.255.255.0

int fa0/0.20
encapsulation dot1q 20
ip add 192.168.1.1 255.255.255.0

int fa0/0.30
encapsulation dot1q 30
ip add 192.168.2.1 255.255.255.0

router eigrp 100
no auto-summary
network 172.16.1.0 0.0.0.3
network 192.168.0.0 0.0.0.255
network 192.168.1.0 0.0.0.255
network 192.168.2 0.0.0.0.255

This router should receive a default route from Router 1, you should see an entry on the routing table for the 0.0.0.0

sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override

Gateway of last resort is 172.16.1.1 to network 0.0.0.0

D* 0.0.0.0/0 [90/307200] via 172.16.1.1, 00:00:04 <--- using summary-address

Now if you are redistributing the default route on R1 you will something like that on R2 through show ip route:

D*EX 0.0.0.0/0 [170/284160] via 172.16.1.1, 00:00:05,

The first entry example has an administrative distance of 90 because it is generated by EIGRP and the second entry example has a AD of 170 because it is assumed as learned by a external protocol

Please rate the comment if it is useful

:-)

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<