cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1246
Views
0
Helpful
4
Replies

Issues with DHCP and NAT on Cisco 2611 Router

godemperor
Level 1
Level 1

Hi there, I've been having issues using a Cisco 2611 Router to replace my old linksys wireless router. Heres what I'm trying to do.

I have a wireless access point, I want to be able to hand out addresses via the Cisco router through DHCP on the interface eth0/1. The wireless users that get an IP I want then route out the eth0/0 interface to my statically assigned default gateway. Right now Im not concerned with setting up security measures once this works I'll go back in and add that. Here is my running-config. Right now nothing from the 10.0.0.0 is being routed out to the internet.

version 12.2
no service timestamps debug uptime
no service timestamps log uptime
no service password-encryption
!
hostname InternetOnly
!
!
ip subnet-zero
!
!
ip dhcp excluded-address 10.10.10.0 10.10.10.155
!
ip dhcp pool internetonly
   network 10.10.10.0 255.255.255.0
   default-router 10.10.10.1
   dns-server 8.8.4.4
!
!
interface Ethernet0/0
ip address 69.xxx.xxx.246 255.255.255.240
ip nat outside
half-duplex
!
interface Serial0/0
no ip address
shutdown
no fair-queue
!
interface Ethernet0/1
ip address 10.10.10.1 255.255.255.0
ip nat inside
half-duplex
!
interface Serial0/1
no ip address
shutdown
!
interface Serial0/2
no ip address
!
ip nat inside source list 1 interface Ethernet0/0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 69.xxx.xxx.241
ip http server
!
!
access-list 1 permit 10.10.10.0 0.0.0.255

!
line con 0
line aux 0
line vty 0 4
login
access-group 1 in
password service encryption
!
!
end

Thanks for everyone's help, I really appreciate it.

Added 10/8/12

I am able to ping from the internet to my default gateway.  I am able to ping from the router out to the internet through the static route.  I am unable to ping from the 10 network to my default gateway it times out.


InternetOnly#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
       * - candidate default, U - per-user static route, o - ODR
       P - periodic downloaded static route

Gateway of last resort is 69.xxx.xxx.241 to network 0.0.0.0

     69.0.0.0/28 is subnetted, 1 subnets
C       69.xxx.xxx.240 is directly connected, Ethernet0/0
     10.0.0.0/24 is subnetted, 1 subnets
C       10.10.10.0 is directly connected, Ethernet0/1
S*   0.0.0.0/0 [1/0] via 69.xxx.xxx.241

InternetOnly#show ip nat statistics
Total active translations: 0 (0 static, 0 dynamic; 0 extended)
Outside interfaces:
  Ethernet0/0
Inside interfaces:
  Ethernet0/1
Hits: 0  Misses: 0
Expired translations: 0
Dynamic mappings:
-- Inside Source
[Id: 8] access-list 1 interface Ethernet0/0 refcount 0

InternetOnly#show ip nat translations

EMPTY

It seems like its an access-list issue or something wrong with NAT any help would be appreciated.

4 Replies 4

John Blakley
VIP Alumni
VIP Alumni

Can you ping your provider from the router? If so, try sourcing the ping from e0/1 and see if that works. Try changing your default route to the next hop ip address instead of the interface.

HTH,

John

HTH, John *** Please rate all useful posts ***

Francis Garcia
Level 1
Level 1

Hello,

One good way to troubleshoot this issue is:

1- ping from the internet facing interace in the router to its default gateway.

2- Ping from a host machine to the default gateway and to the provider's gateway.

3- show ip nat translations to see if traffic from the lan is traslated to your public ip.

Sent from Cisco Technical Support iPhone App

cadet alain
VIP Alumni
VIP Alumni

Hi,

how was your linksys router connected to Internet? You had a static public address assigned by your provider ?

Regards.

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

AhmedSonba
Level 1
Level 1

Hello Ryan,

Can you try something for me , Just to check something can you remove your access list 1 and add the following one

access-list 1 permit 10.0.0.0 0.255.255.255

And do ping from your LAN to the interent like 8.8.8.8

And do  the following :

show ip nat statistics

show ip nat translations

and post the results here

Hope it will help

Ahmed Sonba

Review Cisco Networking for a $25 gift card