Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
873
Views
5
Helpful
7
Replies

No internet access from LAN through 3845 ISR to cable modem

Go to solution
John Horvat
Level 1
Level 1

‎07-02-2017 07:57 AM - edited ‎03-08-2019 11:10 AM

Hi, I'm new to the forums and just obtained my CCENT and have a year left to obtain my CCNP. Here's my situation. I recently acquired a 3845 ISR with IOS c3845-adventerprisek9-m 15.1(3)T2. It also has CME 8.5 and IPS signatures installed but I'm not using those yet, I'm trying to get the routing functional first. The only additional hardware installed in an NM-1GE module with a WS-5483 1000BASE-T GBIC in slot 0 which is recognized as G1/0. Physical topology of network is "end device=>unmanaged switch=router=>cable modem". If I statically assign the IP addresses of the LAN between the modem and the router and then the router to the end devices, I can ping from the end device to the ingress port of the modem but cannot ping the egress port/public IP address of the modem. If I enable DHCP on the modem LAN section and set the router interface connected to the modem to receive its IP dynamically, I can only ping to the egress port of the router connected to the modem. However, from the router CLI, I can ping all interfaces in the LAN from the end device to the egress/public IP of the modem and can ping devices on the internet. The end result is no internet connection for the end device. The only configuration on the router at this time is the static assignment of an IP address to the router interface to the LAN and the DHCP or static IP address configuration of the router interface to the modem. What am I missing. Thanks.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎07-02-2017 10:45 AM

The modem needs a route to the internal subnet and it also needs to be setup to do NAT for that subnet as well.

If you can't add routes to the modem then you need to use NAT on the router and translate all internal IPs to the router interface IP connecting to the modem.

Jon

View solution in original post

0 Helpful
7 Replies 7

Go to solution
Julio E. Moisa
VIP
VIP

‎07-02-2017 10:00 AM

Hi

Could you please provide the configuration of the router?

Thank you 




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful

Go to solution
John Horvat
Level 1
Level 1
In response to Julio E. Moisa

‎07-02-2017 01:28 PM

Please refer to my reply post above for the pertinent configuration data. Adding NAT overload and using DHCP from the modem to the router corrected the problem. Thank you for your response.

0 Helpful

Go to solution
Julio E. Moisa
VIP
VIP
In response to John Horvat

‎07-02-2017 01:38 PM

You are welcome,

Happy to know the issue was resolved.

:-)




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎07-02-2017 10:45 AM

The modem needs a route to the internal subnet and it also needs to be setup to do NAT for that subnet as well.

If you can't add routes to the modem then you need to use NAT on the router and translate all internal IPs to the router interface IP connecting to the modem.

Jon

0 Helpful

Go to solution
John Horvat
Level 1
Level 1
In response to Jon Marshall

‎07-02-2017 11:47 AM

I will try this later today and post back the results. I did try configuring a quad zero default route with the exit interface of the router to the modem but that did not work. Was curious why that did not work but using NAT translation should?

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to John Horvat

‎07-02-2017 11:55 AM

It's not the router that is the problem although yes you will need a default route pointing to the modem.

It is the modem not knowing how to route to the internal LAN subnet which is nothing to do with the default route.

Using NAT on the router just means the modem doesn't need a route for the LAN subnet anymore.

Jon

Go to solution
John Horvat
Level 1
Level 1
In response to John Horvat

‎07-02-2017 01:27 PM

This did work by setting up a simple ACL associated with NAT Overload on the egress router interface to the modem. Config below:

Router(config)# access-list 1 permit 192.168.1.0 0.0.0.255

Router(config)# ip nat inside source list 1 interface g1/0 overload

Router(config)# int g1/0

Router(config-if)# ip nat outside

Router(config-if)# int g0/0

Router(config-if)# ip nat inside

Of note, if I configured the g1/0 interface ip address statically and turned DHCP off in the modem for the LAN interface to the router, I could not ping the outside interface public IP of the modem. Yes, I verified the LAN ip was in the same subnet. I could connect to the modem GUI interface and log into the modem though, I could not do this before. So, the final setting that enabled internet access was setting the router G1/0 interface to a DHCP client with the ip add dhcp (deleting the static ip address first of course) and turning DHCP back on in the modem for LAN interface to the router.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card