Solved: Connecting Cisco 2651 to the Internet through a Comcast Modem/Router

wheelerj1 · ‎01-24-2015

I am working on a Senior Design project for school, and have run into what should be a fairly simple issue. I did some work this past summer configuring Cisco switches and routers, but haven't touched it since, so I'm a little rusty.

My goal is to set up a Cisco 2651 router to connect to the internet through a standard Comcast Modem/Router. The Comcast Modem/Router is issuing IP addresses using DHCP in 10.0.0.0/24 (static IP assigned right now for simplicity in configuring). The system behind the Cisco 2651 should issue IP addresses using DHCP in 10.0.1.0/24.

Currently, I've gotten to the point that I can ping the Comcast Modem/Router at 10.0.0.1 on f0/0 from the 2651, and I can ping the 2651 from a computer connected to f0/1 at 10.0.1.1, but I can't get from the computer on f0/1 to the Comcast Modem/Router on f0/0.

Any help would be greatly appreciated. Below is my Show Run that I've managed to cobble together so far.

TACOS-ROUTER#show run
Building configuration...

Current configuration : 1417 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname TACOS-ROUTER
!
boot-start-marker
boot-end-marker
!
enable secret XXXXX
enable password XXXXX
!
no aaa new-model
no network-clock-participate slot 1
no network-clock-participate wic 0
no ip cef
!
!
!
!
no vlan accounting input
!
multilink bundle-name authenticated
!
!
!
!
!
username admin privilege 15 password 0 xxxxx
archive
log config
hidekeys
!
!
!
!
!
!
!
interface FastEthernet0/0
description internet port
ip address 10.0.0.31 255.255.255.0
ip broadcast-address 10.0.1.255
ip nat outside
ip virtual-reassembly
no ip route-cache
duplex auto
speed auto
no mop enabled
!
interface Serial0/0
no ip address
no ip route-cache
shutdown
!
interface FastEthernet0/1
description intranet
ip address 10.0.1.1 255.255.255.0
ip broadcast-address 0.0.0.0
ip nat inside
ip virtual-reassembly
no ip route-cache
duplex auto
speed auto
!
interface Serial0/1
no ip address
no ip route-cache
shutdown
!
no ip classless
ip forward-protocol nd
!
!
ip http server
no ip http secure-server
ip nat pool ISP 10.0.0.31 10.0.0.31 netmask 255.255.255.0
ip nat inside source list 1 pool isp overload
!
!
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line vty 0 4
password tacos
login
!
!
end

Jon Marshall · ‎01-24-2015

You need to add/modify a few things -

1) you have not defined your acl that you are using for NAT. You can use a standard acl but personally I always use an extended acl and as you have to modify your NAT statement anyway -

access-list 101 permit ip 10.0.1.0 0.0.0.255 any

but if you want to you can use a standard acl.

Whichever you choose do not add the "log" keyword to the acl lines.

2) you need to modify your NAT statement because you are translating to the outside interface of your router so you don't need a NAT pool -

no ip nat inside source list 1 pool isp overload
no ip nat pool 10.0.0.31 10.0.0.31 netmask 255.255.255.0
ip nat inside source list 101 interface fa0/0 overload

if you have used a standard acl use that acl number in the above line instead.

3) you need a default route pointing to the Comcast router -

ip route 0.0.0.0 0.0.0.0 10.0.0.1

That should get it all working.

However can you also remove the "no ip classless command" ie.

ip classless

and finally can you remove the "ip broadcast-address ..." commands from both interfaces as I have never seen them used and don't think you need them.

Then retest.

Jon

View solution in original post

Jon Marshall · ‎01-24-2015