09-30-2015 02:07 AM - edited 03-08-2019 02:00 AM
Please I need some help.
I was task to configure our cisco router to act as internet gateway.
This work perfectly fine as DHCP server. The problem was is does not act as internet gateway.
I cannot use the dns server ip given by ISP since we have our own DNS server.
Please provide additional information/configuration.
My Configuration:
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname routerGateway
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
no ipv6 cef
ip source-route
ip cef
!
ip dhcp excluded-address 192.168.10.253
!
ip dhcp pool NetGateway
network 192.168.10.0 255.255.255.0
dns-server 223.107.3.100 223.107.255.10
default-router 192.168.10.253
!
no ip domain lookup
ip domain name mydomain.com
multilink bundle-name authenticated
!
crypto pki token default removal timeout 0
!
license udi pid CISCO1941/K9 sn FGL1605203A
!
username cisco privilege 15 password 7 114353151B32051854040471DRB5
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description **from WAN**
ip address 223.107.216.21 255.255.255.248
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
description **to LAN
ip address 192.168.10.253 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
ip forward-protocol nd
!
ip http server
ip http authentication local
no ip http secure-server
!
ip nat inside source route-map ISP01 interface GigabitEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 223.107.216.17
!
ip access-list extended ISP_01
permit icmp host 223.107.216.21 host 223.107.216.17
!
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
!
route-map ISP01 permit 10
match ip address 101
match interface GigabitEthernet0/0
!
control-plane
!
line con 0
exec-timeout 60 0
privilege level 15
logging synchronous
login local
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
exec-timeout 60 0
privilege level 15
logging synchronous
login local
transport input all
!
scheduler allocate 20000 1000
end
09-30-2015 04:03 AM
Hi what do you mean by this ....The problem was is does not act as internet gateway.
Nat doesn't look right your translating everything from lan 192.168.10.0 but ACL 101 is set to 192.168.1.0 and that's what your matching against in your route-map
10-01-2015 06:30 AM
sorry my error. its supposed to be 10
09-30-2015 04:34 AM
Hello
ip dhcp pool NetGateway
network 192.168.10.0 255.255.255.0
dns-server (your internal dns servers)
default-router 192.168.10.253
In your local dns server you can have a forwarder for external dns resolution pointingtowards your internet dns servers
res
paul
10-01-2015 06:29 AM
Thanks its now working.
Since we are using static ip address, is there a way to stop dhcp server giving ip address. I might have ip conflict in the future. or, do i have to manually excludes the ip addresses we use?
Thank u for the patience i am new in actual configuration of router..Thanks...
10-01-2015 06:41 AM
to prevent the scope form giving the ip out it needs to be excluded,use this command below and you can exclude a single ip or a range from low to high
sw(config)#ip dhcp excluded-address 192.168.10.84 ?
A.B.C.D High IP address
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide