Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1306
Views
1
Helpful
3
Replies

Problem Connecting to Internet from LAN Behind 2811 VDSL

Go to solution
Adam_S
Level 1
Level 1

‎08-31-2017 12:00 AM - edited ‎03-08-2019 11:53 AM

Hi All,

 

Was hoping someone could help me here. I'm trying to connect a Netcomm (NF8AC VDSL) modem to a cisco 2811 and route internet through it but not having much luck with it. This is my first post so i apologise if something is amiss.

 

I've connected the netcomm to FA0/0 (80.80.80.1) and assigned it IP 80.80.80.2 connected to ethernet 4. I can ping from the modem to Fa0/0 and vice versa, but I cannot ping from my internal subnets to the netcomm (80.80.80.2).

 

I've tried RIP routing (which worked on a previous huawei modem). No luck

I've tried adding a static route pointing to to the netcomm (ip route 0.0.0.0 0.0.0.0 fa 0/0). No luck.

If I add static routes to the netcomm i can gain access to the internal subnets and even telnet to cisco router, but still no internet access.

 

I've attached a basic diagram and the config is in thread.

 

Amel#show ip route

 

Gateway of last resort is not set

 

     80.0.0.0/24 is subnetted, 1 subnets

C       80.80.80.0 is directly connected, FastEthernet0/0

     172.17.0.0/24 is subnetted, 1 subnets

C       172.17.0.0 is directly connected, Vlan17

     172.16.0.0/24 is subnetted, 1 subnets

C       172.16.0.0 is directly connected, Vlan16

     10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks

C       10.12.0.0/24 is directly connected, Vlan12

C       10.112.0.0/24 is directly connected, Vlan112

C       10.212.0.0/24 is directly connected, Vlan212

C       10.213.0.0/24 is directly connected, Vlan213

C       10.255.255.255/32 is directly connected, Loopback0

C    192.168.0.0/24 is directly connected, Vlan10

 

Amel#show run

Building configuration...

 

Current configuration : 8267 bytes

!

version 12.4

service timestamps debug datetime localtime show-timezone

service timestamps log datetime localtime show-timezone

service password-encryption

!

hostname Amel

!

boot-start-marker

boot system flash:c2800nm-advipservicesk9-mz.124-15.T9.bin

boot-end-marker

!

logging buffered 4096 informational

enable secret 5 $1$ZFe8$g4l2RoRNxgxEw.lD.QLYY0

!

no aaa new-model

clock timezone AEST 10

clock summer-time AEDT recurring last Sun Oct 2:00 last Sun Mar 3:00

dot11 syslog

!

!

ip cef

no ip dhcp use vrf connected

ip dhcp excluded-address 192.168.0.1 192.168.0.100

ip dhcp excluded-address 10.212.0.1 10.212.0.100

ip dhcp excluded-address 10.12.0.1 10.12.0.100

ip dhcp excluded-address 10.112.0.1 10.112.0.100

ip dhcp excluded-address 10.213.0.1 10.213.0.100

ip dhcp excluded-address 172.16.0.1 172.16.0.100

ip dhcp excluded-address 192.168.20.1 192.168.20.100

!

ip dhcp pool VLAN10_MANAGEMENT

   network 192.168.0.0 255.255.255.0

   default-router 192.168.0.1

   lease 24

!

ip dhcp pool VLAN212_W_DATA

   network 10.212.0.0 255.255.255.0

   default-router 10.212.0.1

   dns-server 203.12.160.35

   lease 24

!

ip dhcp pool VLAN213_Wireless_Voice

   network 10.213.0.0 255.255.255.0

   default-router 10.213.0.1

   dns-server 203.12.160.35

   lease 24

!

ip dhcp pool VLAN12_DATA

   network 10.12.0.0 255.255.255.0

   default-router 10.12.0.1

   dns-server 203.12.160.35

   lease 24

!

ip dhcp pool VLAN16_WIRELESS_N

   network 172.16.0.0 255.255.255.0

   default-router 172.16.0.1

   dns-server 203.12.160.35

   lease 24

!

ip dhcp pool VLAN112_Voice

   network 10.112.0.0 255.255.255.0

   default-router 10.112.0.1

   dns-server 203.12.160.35

   lease 24

!

!

no ip domain lookup

ip name-server 8.8.8.8

ip multicast-routing

!

multilink bundle-name authenticated

!

!

voice-card 0

 no dspfarm

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

vtp domain home

vtp mode transparent

archive

 log config

  hidekeys

!

!

!

!

vlan 10

 name Managemet

!

vlan 12

 name DataVlan

!

vlan 16

 name WIRELESS_N

!

vlan 17

 name Home_Automation

!

vlan 20

 name Guest

!

vlan 112

 name VoiceVlan

!

vlan 212

 name Wireless

!

vlan 213

 name WirelessPhones

!

!

!

!

!

interface Loopback0

 ip address 10.255.255.255 255.255.255.255

 ip broadcast-address 0.0.0.0

 h323-gateway voip interface

 h323-gateway voip bind srcaddr 10.255.255.255

!

interface FastEthernet0/0

 description Internet

 ip address 80.80.80.1 255.255.255.0

 ip broadcast-address 0.0.0.0

 ip nat outside

 ip virtual-reassembly

 duplex full

 speed 100

!

interface FastEthernet0/1

 no ip address

 ip broadcast-address 0.0.0.0

 ip virtual-reassembly

 duplex auto

 speed auto

!

interface FastEthernet0/1/0

 switchport trunk native vlan 10

 switchport mode trunk

 duplex full

 speed 100

 spanning-tree portfast

!

interface FastEthernet0/1/1

 switchport trunk native vlan 10

 switchport mode trunk

 duplex full

 speed 100

 spanning-tree portfast

!

interface FastEthernet0/1/2

 description AP1

 switchport trunk native vlan 10

 switchport mode trunk

 duplex full

 speed 100

 spanning-tree portfast

!

interface FastEthernet0/1/3

 switchport access vlan 16

 duplex full

 speed 100

!

interface FastEthernet0/1/4

 description Alarm

 switchport access vlan 17

 duplex full

 speed 100

!

interface FastEthernet0/1/5

!

interface FastEthernet0/1/6

!

interface FastEthernet0/1/7

 switchport mode trunk

 duplex full

 speed 100

 spanning-tree portfast

!

interface FastEthernet0/1/8

 switchport trunk native vlan 10

 switchport mode trunk

 duplex full

 speed 100

!

interface Serial0/3/0

 no ip address

 ip broadcast-address 0.0.0.0

 encapsulation frame-relay

 clock rate 2000000

!

interface Vlan1

 no ip address

 ip broadcast-address 0.0.0.0

 shutdown

!

interface Vlan10

 description Management

 ip address 192.168.0.1 255.255.255.0

 ip broadcast-address 0.0.0.0

!

interface Vlan12

 description Data

 ip address 10.12.0.1 255.255.255.0

 ip broadcast-address 0.0.0.0

 ip nat inside

 ip virtual-reassembly

!

interface Vlan16

 description Wirless_N

 ip address 172.16.0.1 255.255.255.0

 ip broadcast-address 0.0.0.0

 ip helper-address 10.12.0.2

 ip directed-broadcast

!

interface Vlan17

 description Home_Automation

 ip address 172.17.0.1 255.255.255.0

 ip broadcast-address 0.0.0.0

 ip nat inside

 ip virtual-reassembly

!

interface Vlan112

 description Voice

 ip address 10.112.0.1 255.255.255.0

 ip broadcast-address 0.0.0.0

!

interface Vlan212

 description Wireless_G

 ip address 10.212.0.1 255.255.255.0

 ip broadcast-address 0.0.0.0

 ip helper-address 10.12.0.2

!

interface Vlan213

 description Wireless_Voice

 ip address 10.213.0.1 255.255.255.0

 ip broadcast-address 0.0.0.0

!

router rip

 version 2

 network 10.0.0.0

 network 80.0.0.0

 network 172.16.0.0

 network 172.17.0.0

 network 192.168.0.0

 no auto-summary

!

no ip forward-protocol nd

!

!

no ip http server

no ip http secure-server

ip nat inside source static tcp 10.12.0.2 443 80.80.80.1 443 extendable

ip nat inside source static udp 10.12.0.2 443 80.80.80.1 443 extendable

ip nat inside source static tcp 10.12.0.2 8000 80.80.80.1 8000 extendable

ip nat inside source static udp 10.12.0.2 8000 80.80.80.1 8000 extendable

ip nat inside source static tcp 10.12.0.2 8001 80.80.80.1 8001 extendable

ip nat inside source static udp 10.12.0.2 8001 80.80.80.1 8001 extendable

ip nat inside source static tcp 172.17.0.2 10000 80.80.80.1 10000 extendable

ip nat inside source static udp 172.17.0.2 10000 80.80.80.1 10000 extendable

ip nat inside source static tcp 172.17.0.2 10001 80.80.80.1 10001 extendable

ip nat inside source static udp 172.17.0.2 10001 80.80.80.1 10001 extendable

ip nat inside source static tcp 10.12.0.2 55555 80.80.80.1 55555 extendable

ip nat inside source static udp 10.12.0.2 55555 80.80.80.1 55555 extendable

!

!

!

!

!

!

tftp-server flash:/c7921/APPS-1.0.4.SBN alias APPS-1.0.4.SBN

tftp-server flash:/c7921/CP7921G-1.0.4.LOADS alias CP7921G-1.0.4.LOADS

tftp-server flash:/c7921/GUI-1.0.4.SBN alias GUI-1.0.4.SBN

tftp-server flash:/c7921/SYS-1.0.4.SBN alias SYS-1.0.4.SBN

tftp-server flash:/c7921/TNUX-1.0.4.SBN alias TNUX-1.0.4.SBN

tftp-server flash:/c7921/TNUXR-1.0.4.SBN alias TNUXR-1.0.4.SBN

tftp-server flash:/c7921/WLAN-1.0.4.SBN alias WLAN-1.0.4.SBN

tftp-server flash:/c7911new/c7911/apps11.8-3-2-27.sbn alias apps11.8-3-2-27.sbn

tftp-server flash:/c7911new/c7911/cnu11.8-3-2-27.sbn alias cnu11.8-3-2-27.sbn

tftp-server flash:/c7911new/c7911/cvm11sccp.8-3-2-27.sbn alias cvm11sccp.8-3-2-27.sbn

tftp-server flash:/c7911new/c7911/dsp11.8-3-2-27.sbn alias dsp11.8-3-2-27.sbn

tftp-server flash:/c7911new/c7911/jar11sccp.8-3-2-27.sbn alias jar11sccp.8-3-2-27.sbn

tftp-server flash:/c7911new/c7911/SCCP11.8-3-3S.loads alias SCCP11.8-3-3S.loads

tftp-server flash:/c7911new/c7911/term06.default.loads alias term06.default.loads

tftp-server flash:/c7911new/c7911/term11.default.loads alias term11.default.loads

!

control-plane

!

!

!

voice-port 0/2/0

!

voice-port 0/2/1

!

ccm-manager redundant-host 10.12.0.21

ccm-manager mgcp

no ccm-manager fax protocol cisco

ccm-manager music-on-hold bind Loopback0

ccm-manager config server 10.12.0.21

ccm-manager config

!

mgcp

mgcp call-agent 10.12.0.25 2427 service-type mgcp version 0.1

mgcp rtp unreachable timeout 1000 action notify

mgcp modem passthrough voip mode nse

mgcp package-capability rtp-package

mgcp package-capability sst-package

mgcp package-capability pre-package

no mgcp package-capability res-package

no mgcp timer receive-rtcp

mgcp sdp simple

mgcp rtp payload-type g726r16 static

mgcp bind control source-interface Loopback0

mgcp bind media source-interface Loopback0

mgcp behavior g729-variants static-pt

!

mgcp profile default

!

!

!

dial-peer voice 999020 pots

 service mgcpapp

 port 0/2/0

!

dial-peer voice 999021 pots

 service mgcpapp

 port 0/2/1

!

dial-peer voice 999030 pots

 service mgcpapp

!

dial-peer voice 1 voip

 destination-pattern 10924

 session target ipv4:10.255.255.255

!

!

!

!

call-manager-fallback

 max-conferences 8 gain -6

 transfer-system full-consult

 ip source-address 10.255.255.255 port 2000

 max-ephones 5

 max-dn 5

!

!

line con 0

line aux 0

line vty 0 4

 exec-timeout 0 0

 password 7 10620C0A111606

 login

line vty 5

 exec-timeout 0 0

 password 7 00071A150754

 login

!

scheduler allocate 20000 1000

ntp clock-period 17180095

ntp update-calendar

ntp server 216.239.38.15

!

end

 

Labels:
Preview file
12 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni
In response to Adam_S

‎08-31-2017 03:37 AM

No problem, just mark this post as helpful and solved ;)

 

cheers,

Seb.

View solution in original post

3 Replies 3

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni

‎08-31-2017 12:31 AM - edited ‎08-31-2017 12:35 AM

Hi Adam,

You are missing a default route on your router:

 

!
ip route 0.0.0.0 0.0.0.0 80.80.80.2
!

However it looks to me like you NAT setup is also only partialy configured.

Remove your existing ip nat commands, and use the following:

!
ip access-list NAT-ACL
  permit ip 10.12.0.0 0.0.0.255
  permit ip 172.17.0.0 0.0.0.255
!
ip nat inside source list NAT-ACL interface fa0/0 overload
!

The contents of the NAT-ACL is based on the interfaces which you have marked as ip nat inside . Add to this ACL if you want to NAT more interfaces (and add the ip nat inside command too). this will ensure that all NAT'd traffic has a global-outside address of 80.80.80.1 (fa0/0) which your Netcomm has a directly attached interface too and will know how to return packets to.

As a sainity check please provide the output of :

 

sh ip nat statistics

 

cheers,

Seb.

0 Helpful

Go to solution
Adam_S
Level 1
Level 1
In response to Seb Rupik

‎08-31-2017 03:07 AM

Hi,

Thank you x Inifinity. I was going out of my mind trying to get this going.
YOU SIR DESERVE A RAISE!
After tweaking the ACL you suggested and correcting my DNS. everything is
working.


0 Helpful

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni
In response to Adam_S

‎08-31-2017 03:37 AM

No problem, just mark this post as helpful and solved ;)

 

cheers,

Seb.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card