How to configure Cisco router 1941 as Internet Gateway

bradyxscisco · ‎09-30-2015

Please I need some help.

I was task to configure our cisco router to act as internet gateway.

This work perfectly fine as DHCP server. The problem was is does not act as internet gateway.

I cannot use the dns server ip given by ISP since we have our own DNS server.

Please provide additional information/configuration.

My Configuration:

version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname routerGateway
!
boot-start-marker
boot-end-marker
!

no aaa new-model
!
no ipv6 cef
ip source-route
ip cef
!
ip dhcp excluded-address 192.168.10.253
!
ip dhcp pool NetGateway
network 192.168.10.0 255.255.255.0
dns-server 223.107.3.100 223.107.255.10
default-router 192.168.10.253
!
no ip domain lookup
ip domain name mydomain.com
multilink bundle-name authenticated
!
crypto pki token default removal timeout 0
!
license udi pid CISCO1941/K9 sn FGL1605203A
!
username cisco privilege 15 password 7 114353151B32051854040471DRB5
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description **from WAN**
ip address 223.107.216.21 255.255.255.248
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
description **to LAN
ip address 192.168.10.253 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
ip forward-protocol nd
!
ip http server
ip http authentication local
no ip http secure-server
!
ip nat inside source route-map ISP01 interface GigabitEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 223.107.216.17
!
ip access-list extended ISP_01
permit icmp host 223.107.216.21 host 223.107.216.17
!
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
!
route-map ISP01 permit 10
match ip address 101
match interface GigabitEthernet0/0
!

control-plane
!
line con 0
exec-timeout 60 0
privilege level 15
logging synchronous
login local
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
exec-timeout 60 0
privilege level 15
logging synchronous
login local
transport input all
!
scheduler allocate 20000 1000
end

Mark Malone · ‎09-30-2015

Hi what do you mean by this ....The problem was is does not act as internet gateway.

Nat doesn't look right your translating everything from lan 192.168.10.0 but ACL 101 is set to 192.168.1.0 and that's what your matching against in your route-map

bradyxscisco · ‎10-01-2015

sorry my error. its supposed to be 10

paul driver · ‎09-30-2015

Hello

ip dhcp pool NetGateway
network 192.168.10.0 255.255.255.0
dns-server (your internal dns servers)
default-router 192.168.10.253

In your local dns server you can have a forwarder for external dns resolution pointingtowards your internet dns servers

res

paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

bradyxscisco · ‎10-01-2015

Thanks its now working.

Since we are using static ip address, is there a way to stop dhcp server giving ip address. I might have ip conflict in the future. or, do i have to manually excludes the ip addresses we use?

Thank u for the patience i am new in actual configuration of router..Thanks...

Mark Malone · ‎10-01-2015

to prevent the scope form giving the ip out it needs to be excluded,use this command below and you can exclude a single ip or a range from low to high

sw(config)#ip dhcp excluded-address 192.168.10.84 ?
A.B.C.D High IP address