Hi Richard.
Thanks in advance for your attention.
I am a bit confused about between default-route and static-route in my scenario.
I want to forward the internet traffic generated on vlan1 (192.168.5.0/24) to the network 192.168.1.0/24 which gateway is 192.168.1.254 (this is a router with nat).

I ask you:

the address 192.168.5.1/24 on interface VLAN1 and the address 192.168.1.66/24 on Wan port are right?

I tried to define a default-route so but is not run:

ip route 0.0.0.0 0.0.0.0 192.168.1.254

Thanks

Hi

A static route is basically a method to specify manually the way to reach a known host or network (destinations), this entry is added to the routing table if it has a valid next hop IP. Example of a static route: 

ip route 10.10.5.0 255.255.255.0 172.16.240.20 

A default (static or not) route is an entry into the routing table to reach any unknown host or network (destinations), why static or not? because you could have a default route (0.0.0.0/0) entry into the routing table via static route (manually) or learnt via a routing protocol (dynamic).

Example of a static default route:

ip route 0.0.0.0 0.0.0.0 172.16.240.20

Now if you want to provide Internet access to your internal networks you have to configure as Richard mentioned:

- NAT

- Default route.

So your configuration should be:

ip dhcp pool NETPOOL
   network 192.168.5.0 255.255.255.0
   default-router 192.168.5.1
   dns-server 8.8.8.8 8.8.4.4
!
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
multilink bundle-name authenticated
!
!
!
!
archive
 log config
  hidekeys
!
!
!
!
!
interface FastEthernet0
description (INTERNET)
ip nat outside
 ip address 192.168.1.66 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface BRI0
 no ip address
 encapsulation hdlc
 shutdown
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
!
interface FastEthernet9
!
interface Dot11Radio0
 no ip address
 shutdown
 speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
 station-role root
!
interface Dot11Radio1
 no ip address
 shutdown
 speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
 station-role root
!
interface Vlan1
description (MY INTERNAL NETWORK)
ip nat inside
 ip address 192.168.5.1 255.255.255.0
!
ip forward-protocol nd
no ip route 192.168.5.0 255.255.255.0 192.168.1.0
ip route 0.0.0.0 0.0.0.0 192.168.1.x (the IP 192.168.1.x is the IP of the next hop, basically is the IP or gateway or your ISP)

ip access-list standard MY-INTERNAL-NETWORKS
permit 192.168.5.0 0.0.0.255

ip nat inside source list MY-INTERNAL-NETWORKS interface fa0 overload

If your interface fa0 is connected to your ISP and they are providing the network 192.168.1.0/24 so the next hop probably is the IP 192.168.1.1 in the ISP side. Connect a PC to the ISP router o modem and verify the default gateway.

Hope it is useful

:-)

Julio offers a good explanation of static routing and of default route. The original poster says that he configured a default route but that it did not run. I do not understand in what sense did it not run? The syntax looks ok so what did not work? Did it not get entered into the routing table? Did access to Internet not work and he believes that is because of default route not working? or what?

I would offer one correction to the config that Julio proposes. The ACL for address translation points to the wrong network. It should be

ip access-list standard MY-INTERNAL-NETWORKS
permit 192.168.5.0 0.0.0.255

HTH

Rick

Hi Richards,

You are correct! thanks for fixing it. 

:-)

Julio

You are welcome. It was a good response with one small mistake. And an easy mistake to make since there was reference to the network 192.168.1.0 in the config. One of the advantages of these forums is that we have multiple people looking at these discussions and one of us sees something that someone else did not.

HTH

Rick

Totally agree, thank you so much again

:-)

Hi Richard, Hi Julio.

The router with the configuration you suggested me works.
I thank you very much. I do not write very well in English.
I want to tell you that you have been very useful to me.
But I have to study your solution because it is full of news for me.
I have to go deep.
The first thing I understand is this: Cisco routers are not like ISP routers that work almost alone.
they are very complex devices.
This is why Cisco certifications are so difficult to obtain.

Tnaks again.

I show the final configuration. it could be useful to someone.

I do not close the discussion.

After the study I will have many questions

Current configuration : 1761 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname mioRouter
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
!
dot11 syslog
!
!
ip cef
no ip dhcp use vrf connected
!
ip dhcp pool NETPOOL
   network 192.168.5.0 255.255.255.0
   default-router 192.168.5.1
   dns-server 8.8.8.8 8.8.4.4
!
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
multilink bundle-name authenticated
!
!
!
!
archive
 log config
  hidekeys
!
!
!
!
!
interface FastEthernet0
 description (INTERNET)
 ip address 192.168.1.66 255.255.255.0
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface BRI0
 no ip address
 encapsulation hdlc
 shutdown
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
!
interface FastEthernet9
!
interface Dot11Radio0
 no ip address
 shutdown
 speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
 station-role root
!
interface Dot11Radio1
 no ip address
 shutdown
 speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
 station-role root
!
interface Vlan1
 ip address 192.168.5.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 192.168.1.254
!
!
no ip http server
no ip http secure-server
ip nat inside source list MY-INTERNAL-NETWORKS interface FastEthernet0 overload
!
ip access-list standard MY-INTERNAL-NETWORKS
 permit 192.168.5.0 0.0.0.255
!
!
!
!
!
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
 login
!
end

Hi

It was a pleasure to us and we are happy to see it was resolved.

Have a great day!

:-)

I agree with Julio that it has been a pleasure helping you to understand what needed to be done. Perhaps you do not write well in English but you do communicate clearly and effectively. I am glad that you have learned a lot from it (and still have much to learn). These forums are excellent places to ask questions and to learn about networking. I hope to see you continue to be active in the forums.

HTH

Rick

Thanks, Richard. Internetworking is very interesting but learning alone is not easy. This forum will help me a lot.:-)