cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3340
Views
0
Helpful
21
Replies

ip

pcfreak49
Level 7
Level 7

i have a question i have 2960 switchs this is directly connected to a cable modem on this switch i always get public ips instead of my dhcp and vlan, does somebody know a solution?

21 Replies 21

You need to reverse the connections:

 

DOCSIS --> Router --> Switches

 

Post the configuration of the router so the necessary additions can be made...

This is not because DOCSIS has only 1 port

Hello,

 

connect the router to the DOCSIS, and the switches to the router...


!
version 15.6
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
!
aaa new-model
!
!
!
!
!
!
!
aaa session-id common
service-module wlan-ap 0 bootimage autonomous
!
crypto pki trustpoint TP-self-signed-3945582034
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3945582034
revocation-check none
rsakeypair TP-self-signed-3945582034
!
!
crypto pki certificate chain TP-self-signed-3945582034
certificate self-signed 01
30820249 308201B2 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33393435 35383230 3334301E 170D3138 30343238 31303434
31345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 39343535
38323033 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
810094B5 47748D82 AA443DA8 34ABBE88 D772779A A04A200E 38BDFAA7 F7820491
61C6EEB6 555A478C 13C01479 86690824 2226674A 99E5B613 D7144CCE A9D3E835
78E072BA 65BEBEDE 554D4051 EFB0C97A 3B739EB0 9E8B8DF0 471BD509 BB7B8A66
06B9F908 4C8F8161 5DC2DEE0 50046794 AC40CC76 F8538846 4519682D 083F5733
4DB70203 010001A3 71306F30 0F060355 1D130101 FF040530 030101FF 301C0603
551D1104 15301382 1152312E 796F7572 646F6D61 696E2E63 6F6D301F 0603551D
23041830 168014F8 C0D89A7A 7202B4CD 6AAA1730 8A1C9B75 D2255B30 1D060355
1D0E0416 0414F8C0 D89A7A72 02B4CD6A AA17308A 1C9B75D2 255B300D 06092A86
4886F70D 01010405 00038181 0010F6FC 4E97FD12 AAB24A5A CA538135 D54BE30E
12F52DDE 8F7268AE 7C6D4B26 DD041A1B 080FFC03 8A73365B B5C0F6B9 0B718E8A
AEC11BCF B121E79D DA1C0AB1 682BB263 4FB5FC31 6A03E07B 1A1CD185 717F74EE
2F637EEE 1956FF12 FEAF3D86 1954FCFE 7DAA420B 55848A2B F358A98F 332F45B4
6A3773AC F612A2E3 78A8CB72 5F
quit
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!


!
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool ccp-pool
import all
network 10.10.10.0 255.255.255.248
default-router 10.10.10.1
dns-server 195.130.130.4 195.130.131.4
lease 0 2
!
!
!
ip domain name yourdomain.com
ip cef
no ipv6 cef
!
!
!
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
username Tim privilege 15 secret 5 $1$C6Oa$l.Kn5N/2jFi6BcbnMDcNV.
!
redundancy
!
!
!
!
no cdp run
!
!
!
!
!
!
!
!
!
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
isdn termination multidrop
!
interface FastEthernet0
no ip address
!
interface FastEthernet1
no ip address
!
interface FastEthernet2
no ip address
!
interface FastEthernet3
no ip address
!
interface FastEthernet4
no ip address
!
interface FastEthernet5
no ip address
!
interface FastEthernet6
no ip address
!
interface FastEthernet7
no ip address
!
interface FastEthernet8
ip address 84.62.53.51 255.255.240.0
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0
ip address dhcp
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface wlan-ap0
description Service module interface to manage the embedded AP
ip unnumbered Vlan1
!
interface Wlan-GigabitEthernet0
description Internal switch interface connecting to the embedded AP
switchport mode trunk
no ip address
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-FE 1$
ip address 10.10.10.1 255.255.255.248
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1452
!
ip forward-protocol nd
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
ip nat inside source list 23 interface GigabitEthernet0 overload
ip nat inside source static tcp 10.10.10.1 22 interface GigabitEthernet0 20000
ip ssh rsa keypair-name R1.cursist.local
ip ssh version 2
ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr
ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr
!
ipv6 ioam timestamp
!
!
access-list 23 permit 10.10.10.0 0.0.0.7
!
!
!
control-plane
!
!
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
!
mgcp profile default
!
!
!
!
!
!
!
alias exec dot11radio service-module wlan-ap 0 session
banner exec 
% Password expiration warning.
-----------------------------------------------------------------------

Cisco Configuration Professional (Cisco CP) is installed on this device
and it provides the default username "cisco" for one-time use. If you have
already used the username "cisco" to login to the router and your IOS image
supports the "one-time" user option, then this username has already expired.
You will not be able to login to the router with this username after you exit
this session.

It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.

username <myuser> privilege 15 secret 0 <mypassword>

Replace <myuser> and <mypassword> with the username and password you want to
use.

-----------------------------------------------------------------------

banner login 
-----------------------------------------------------------------------
Cisco Configuration Professional (Cisco CP) is installed on this device.
This feature requires the one-time use of the username "cisco" with the
password "cisco". These default credentials have a privilege level of 15.

YOU MUST USE CISCO CP or the CISCO IOS CLI TO CHANGE THESE PUBLICLY-KNOWN
CREDENTIALS

Here are the Cisco IOS commands.

username <myuser> privilege 15 secret 0 <mypassword>
no username cisco

Replace <myuser> and <mypassword> with the username and password you want
to use.

IF YOU DO NOT CHANGE THE PUBLICLY-KNOWN CREDENTIALS, YOU WILL NOT BE ABLE
TO LOG INTO THE DEVICE AGAIN AFTER YOU HAVE LOGGED OFF.

For more information about Cisco CP please follow the instructions in the
QUICK START GUIDE for your router or go to http://www.cisco.com/go/ciscocp
-----------------------------------------------------------------------

!
line con 0
line 2
activation-character 1
no exec
transport preferred telnet
transport input all
transport output all
line aux 0
line vty 0 4
privilege level 15
transport input telnet ssh
line vty 5 15
privilege level 15
transport input telnet ssh
!
scheduler max-task-time 5000
!
end

Hello,

 

assuming that GigabitEthernet0 is connected to the DOCSIS, use the configuration below (important parts marked in bold). You don't need an IP address on FastEthernet8.

 

version 15.6
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
aaa new-model
!
aaa session-id common
service-module wlan-ap 0 bootimage autonomous
!
crypto pki trustpoint TP-self-signed-3945582034
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3945582034
revocation-check none
rsakeypair TP-self-signed-3945582034
!
crypto pki certificate chain TP-self-signed-3945582034
certificate self-signed 01
30820249 308201B2 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33393435 35383230 3334301E 170D3138 30343238 31303434
31345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 39343535
38323033 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
810094B5 47748D82 AA443DA8 34ABBE88 D772779A A04A200E 38BDFAA7 F7820491
61C6EEB6 555A478C 13C01479 86690824 2226674A 99E5B613 D7144CCE A9D3E835
78E072BA 65BEBEDE 554D4051 EFB0C97A 3B739EB0 9E8B8DF0 471BD509 BB7B8A66
06B9F908 4C8F8161 5DC2DEE0 50046794 AC40CC76 F8538846 4519682D 083F5733
4DB70203 010001A3 71306F30 0F060355 1D130101 FF040530 030101FF 301C0603
551D1104 15301382 1152312E 796F7572 646F6D61 696E2E63 6F6D301F 0603551D
23041830 168014F8 C0D89A7A 7202B4CD 6AAA1730 8A1C9B75 D2255B30 1D060355
1D0E0416 0414F8C0 D89A7A72 02B4CD6A AA17308A 1C9B75D2 255B300D 06092A86
4886F70D 01010405 00038181 0010F6FC 4E97FD12 AAB24A5A CA538135 D54BE30E
12F52DDE 8F7268AE 7C6D4B26 DD041A1B 080FFC03 8A73365B B5C0F6B9 0B718E8A
AEC11BCF B121E79D DA1C0AB1 682BB263 4FB5FC31 6A03E07B 1A1CD185 717F74EE
2F637EEE 1956FF12 FEAF3D86 1954FCFE 7DAA420B 55848A2B F358A98F 332F45B4
6A3773AC F612A2E3 78A8CB72 5F
quit
!
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool ccp-pool
import all
network 10.10.10.0 255.255.255.248
default-router 10.10.10.1
dns-server 195.130.130.4 195.130.131.4
lease 0 2
!
ip domain name yourdomain.com
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
username Tim privilege 15 secret 5 $1$C6Oa$l.Kn5N/2jFi6BcbnMDcNV.
!
redundancy
!
no cdp run
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
isdn termination multidrop
!
interface FastEthernet0
no ip address
!
interface FastEthernet1
no ip address
!
interface FastEthernet2
no ip address
!
interface FastEthernet3
no ip address
!
interface FastEthernet4
no ip address
!
interface FastEthernet5
no ip address
!
interface FastEthernet6
no ip address
!
interface FastEthernet7
no ip address
!
interface FastEthernet8
no ip adddress
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0
ip address dhcp
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface wlan-ap0
description Service module interface to manage the embedded AP
ip unnumbered Vlan1
!
interface Wlan-GigabitEthernet0
description Internal switch interface connecting to the embedded AP
switchport mode trunk
no ip address
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-FE 1$
ip address 10.10.10.1 255.255.255.248
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1452
!
ip forward-protocol nd
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip nat inside source list 23 interface GigabitEthernet0 overload
ip nat inside source static tcp 10.10.10.1 22 interface GigabitEthernet0 20000
!
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0 dhcp
!
ip ssh rsa keypair-name R1.cursist.local
ip ssh version 2
ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr
ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr
!
ipv6 ioam timestamp
!
access-list 23 permit 10.10.10.0 0.0.0.7
!
control-plane

The interface GigabitEthernet0 enters the internet

Hello,

 

understood. The main thing you were missing was the static default route, can you add that ?

 

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0 dhcp