cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2115
Views
5
Helpful
8
Replies

Problem with givin internet access to users using cisco 871 router

icefisherman
Level 1
Level 1

Hi,

I'm currently undergoing CCNa academy so I got a "job" from  my boss to configure Cisco 871 router.  Unfortunately we just finished  first semester at academy so there are some things that I'm still having  hard time to understand.

I managed to configure router so it connect to internet or to be  exact it has internet access through  another adsl modem that is in  bridge mode.

Here is picture of setup

http://www.pohrani.com/f/3m/EI/gxiOrOu/network.jpg

The problem is that users are not able to use internet when connected  to this router.  I'm able to access router through telnet  ( ip  192.168.13.10)  but that's it.

Here is the config from router  http://pastebin.com/8JaMmqdT

192.168.13.0 255.255.255.128 is network that we use at work.   192.168.13.5 is IP address that is assigned to zyxel adsl modem ( If I'm  correct, we could have used any address here since we are connecting  this directly to router ? )

Zyxel adsl modem  is connected to FA4 port on Cisco router.   LAN  cable is connected to FA0 port and from there it goes to switch ( it's  some  asus switch with 50 ports).

Here is routing table

Router-Cisco#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP        D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2        E1 - OSPF external type 1, E2 - OSPF external type 2        i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2        ia - IS-IS inter area, * - candidate default, U - per-user static route        o - ODR, P - periodic downloaded static route

Gateway of last resort is 192.168.13.5 to network 0.0.0.0

          192.168.13.0/24 is variably subnetted, 2 subnets, 2 masks
  S       192.168.13.5/32 is directly connected, Dialer1
  C       192.168.13.0/25 is directly connected, Vlan1
          172.29.0.0/32 is subnetted, 1 subnets
  C       172.29.252.89 is directly connected, Dialer1
          93.0.0.0/32 is subnetted, 1 subnets
  C       93.139.143.80 is directly connected, Dialer1
          10.0.0.0/24 is subnetted, 1 subnets
  C       10.10.10.0 is directly connected, Loopback0
  S*      0.0.0.0/0 [1/0] via 192.168.13.5

And here is IP interface brief

Router-Cisco#show ip interface brief Interface                  IP-Address      OK? Method Status                Protocol Dialer0                    unassigned      YES manual administratively down down
Dialer1                    93.139.143.80   YES IPCP   up                    up
FastEthernet0              unassigned      YES unset  up                    up
FastEthernet1              unassigned      YES unset  administratively down down
FastEthernet2              unassigned      YES unset  administratively down down
FastEthernet3              unassigned      YES unset  administratively down down
FastEthernet4              unassigned      YES manual up                    up
Loopback0                  10.10.10.100    YES manual up                    up
Virtual-Access1            unassigned      YES unset  up                    up
Vlan1                      192.168.13.10   YES manual up                    up

If I ping google dns from router e.g. ping 8.8.8.8 it works.  If I ping www.google.com it doesn't work.
Also I'm able to access router via 192.168.13.10 but if I use router as  default gateway then I'm not able to access the internet.
Can anyone point me in right direction here or tell me what I missed out ?

p.s.  From where is network   172.29.0.0/32 is subnetted, 1 subnets       C       172.29.252.89 is directly connected, Dialer1 comming from ?  I cleared router config before starting and I don't  remember configuring this one or that we use something like this at  work.

p.p.s

One more thing  that is bugging my head.  If I  understand correctly, I can have more vlan's using same port ?  E.g. that I have vlan 1 to 5 using FA0 port ?  

I'm asking this because we have 3 more  internet connections/adsl modems. So I'm interested if  I could use remaining 3 LAN ports on router ( Fa1 to 3) and connect each of them to one of the adsl modems that are in bridge mode. Then I would assign each of this "internet" connections to one of the vlans.   E.g. vlan1( on FA0) would use FA4 which is connected to adsl modem in bridge mode, vlan2(FA0) would use FA3 which is connected to ads modem in bridge mode and so on.

Is something like this possible ?

2 Accepted Solutions

Accepted Solutions

ErickBCCNA
Level 1
Level 1

Hi.

It looks like you enabled NAT on the interfaces, but you don't actually have any NAT configuration on your router?

access-list 1 permit 192.168.113.0 0.0.0.127

!

ip nat inside source list 1 interface dialer1 overload

There may be other things missing, but that's what I saw what I took a brief look at your configuration.

View solution in original post

cadet alain
VIP Alumni
VIP Alumni

Hi,

you got an incorrect default-gateway in your dhcp pool, it should be the interface vlan 1 Which is your nat inside interface.

default-router 192.168.13.5 -----> change to 192.168.13.10

also do NAT overload on dialer1  interface: ip nat inside source list 1 interface dialer 1

if you want to ping google.com from the router:

ip domain-lookup

ip name-server  8.8.8.8

no ip name-server 192.168.13.3

no ip name-server 195.29.150.3

if the zyxel is in bridged mode then why have a static route to it as it is not routing anymore.

change your default route to point to dialer1 interface

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

View solution in original post

8 Replies 8

ErickBCCNA
Level 1
Level 1

Hi.

It looks like you enabled NAT on the interfaces, but you don't actually have any NAT configuration on your router?

access-list 1 permit 192.168.113.0 0.0.0.127

!

ip nat inside source list 1 interface dialer1 overload

There may be other things missing, but that's what I saw what I took a brief look at your configuration.

cadet alain
VIP Alumni
VIP Alumni

Hi,

you got an incorrect default-gateway in your dhcp pool, it should be the interface vlan 1 Which is your nat inside interface.

default-router 192.168.13.5 -----> change to 192.168.13.10

also do NAT overload on dialer1  interface: ip nat inside source list 1 interface dialer 1

if you want to ping google.com from the router:

ip domain-lookup

ip name-server  8.8.8.8

no ip name-server 192.168.13.3

no ip name-server 195.29.150.3

if the zyxel is in bridged mode then why have a static route to it as it is not routing anymore.

change your default route to point to dialer1 interface

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

Hi,

It's working now. thank you.

But  internet connection is very slow. It measuers   around 0.38Mbps and it should be around 20Mbit/s

Googling didn't gave me any lead regarding this so could you tell me what and where to look ?

thank you

Hi

could you issue a Show Interface and post the output?

Plus, how many nat translations are there in use?

Could you also post

Show ip nat statistics?

Regards

icefisherman
Level 1
Level 1

Hi,

Here is show interface

Dialer1 is up, line protocol is up (spoofing)

  Hardware is Unknown

  Description: ADSL WAN dialer

  Internet address is 93.139.219.92/32

  MTU 1492 bytes, BW 20480 Kbit, DLY 20000 usec,

     reliability 255/255, txload 1/255, rxload 1/255

  Encapsulation PPP, loopback not set

  Keepalive set (10 sec)

  DTR is pulsed for 1 seconds on reset

  Interface is bound to Vi1

  Last input never, output never, output hang never

  Last clearing of "show interface" counters 1d05h

  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

  Queueing strategy: weighted fair

  Output queue: 0/1000/64/0 (size/max total/threshold/drops)

     Conversations  0/0/16 (active/max active/max total)

     Reserved Conversations 0/0 (allocated/max allocated)

     Available Bandwidth 15360 kilobits/sec

  5 minute input rate 0 bits/sec, 0 packets/sec

  5 minute output rate 0 bits/sec, 0 packets/sec

     24887 packets input, 13155487 bytes

     24198 packets output, 4015667 bytes

Bound to:

Virtual-Access1 is up, line protocol is up

  Hardware is Virtual Access interface

  MTU 1492 bytes, BW 56 Kbit, DLY 20000 usec,

     reliability 255/255, txload 1/255, rxload 1/255

  Encapsulation PPP, LCP Open

  Open: IPCP

  PPPoE vaccess, cloned from Dialer1

  Vaccess status 0x44, loopback not set

  Keepalive set (10 sec)

  Interface is bound to Di1 (Encapsulation PPP)

  Last input 00:02:18, output never, output hang never

  Last clearing of "show interface" counters 02:41:22

  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

  Queueing strategy: fifo

  Output queue: 0/40 (size/max)

  5 minute input rate 0 bits/sec, 0 packets/sec

  5 minute output rate 0 bits/sec, 0 packets/sec

     16135 packets input, 12913614 bytes, 0 no buffer

     Received 0 broadcasts, 0 runts, 0 giants, 0 throttles

     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort

     15518 packets output, 3661938 bytes, 0 underruns

     0 output errors, 0 collisions, 0 interface resets

     0 output buffer failures, 0 output buffers swapped out

     0 carrier transitions

FastEthernet0 is up, line protocol is up

  Hardware is Fast Ethernet, address is 0016.c78e.5cf3 (bia 0016.c78e.5cf3)

  Description: LAN izlaz

  MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,

     reliability 255/255, txload 1/255, rxload 1/255

  Encapsulation ARPA, loopback not set

  Keepalive set (10 sec)

  Full-duplex, 100Mb/s

  ARP type: ARPA, ARP Timeout 04:00:00

  Last input never, output never, output hang never

  Last clearing of "show interface" counters never

  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 3

  Queueing strategy: fifo

  Output queue: 0/40 (size/max)

  5 minute input rate 5000 bits/sec, 5 packets/sec

  5 minute output rate 1000 bits/sec, 1 packets/sec

     479715 packets input, 44165054 bytes, 0 no buffer

     Received 409065 broadcasts, 0 runts, 0 giants, 0 throttles

     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

     0 input packets with dribble condition detected

     78393 packets output, 17893837 bytes, 0 underruns

     0 output errors, 0 collisions, 3 interface resets

     0 babbles, 0 late collision, 0 deferred

     0 lost carrier, 0 no carrier

     0 output buffer failures, 0 output buffers swapped out

FastEthernet1 is administratively down, line protocol is down

  Hardware is Fast Ethernet, address is 0016.c78e.5cf4 (bia 0016.c78e.5cf4)

  MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,

     reliability 255/255, txload 1/255, rxload 1/255

  Encapsulation ARPA, loopback not set

  Keepalive set (10 sec)

  Auto-duplex, Auto-speed

  ARP type: ARPA, ARP Timeout 04:00:00

  Last input never, output never, output hang never

  Last clearing of "show interface" counters never

  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

  Queueing strategy: fifo

  Output queue: 0/40 (size/max)

  5 minute input rate 0 bits/sec, 0 packets/sec

  5 minute output rate 0 bits/sec, 0 packets/sec

     0 packets input, 0 bytes, 0 no buffer

     Received 0 broadcasts, 0 runts, 0 giants, 0 throttles

     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

     0 input packets with dribble condition detected

     0 packets output, 0 bytes, 0 underruns

     0 output errors, 0 collisions, 2 interface resets

     0 babbles, 0 late collision, 0 deferred

     0 lost carrier, 0 no carrier

     0 output buffer failures, 0 output buffers swapped out

FastEthernet2 is administratively down, line protocol is down

  Hardware is Fast Ethernet, address is 0016.c78e.5cf5 (bia 0016.c78e.5cf5)

  MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,

     reliability 255/255, txload 1/255, rxload 1/255

  Encapsulation ARPA, loopback not set

  Keepalive set (10 sec)

  Auto-duplex, Auto-speed

  ARP type: ARPA, ARP Timeout 04:00:00

  Last input never, output never, output hang never

  Last clearing of "show interface" counters never

  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

  Queueing strategy: fifo

  Output queue: 0/40 (size/max)

  5 minute input rate 0 bits/sec, 0 packets/sec

  5 minute output rate 0 bits/sec, 0 packets/sec

     0 packets input, 0 bytes, 0 no buffer

     Received 0 broadcasts, 0 runts, 0 giants, 0 throttles

     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

     0 input packets with dribble condition detected

     0 packets output, 0 bytes, 0 underruns

     0 output errors, 0 collisions, 2 interface resets

     0 babbles, 0 late collision, 0 deferred

     0 lost carrier, 0 no carrier

     0 output buffer failures, 0 output buffers swapped out

FastEthernet3 is administratively down, line protocol is down

  Hardware is Fast Ethernet, address is 0016.c78e.5cf6 (bia 0016.c78e.5cf6)

  MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,

     reliability 255/255, txload 1/255, rxload 1/255

  Encapsulation ARPA, loopback not set

  Keepalive set (10 sec)

  Auto-duplex, Auto-speed

  ARP type: ARPA, ARP Timeout 04:00:00

  Last input never, output never, output hang never

  Last clearing of "show interface" counters never

  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

  Queueing strategy: fifo

  Output queue: 0/40 (size/max)

  5 minute input rate 0 bits/sec, 0 packets/sec

  5 minute output rate 0 bits/sec, 0 packets/sec

     0 packets input, 0 bytes, 0 no buffer

     Received 0 broadcasts, 0 runts, 0 giants, 0 throttles

     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

     0 input packets with dribble condition detected

     0 packets output, 0 bytes, 0 underruns

     0 output errors, 0 collisions, 2 interface resets

     0 babbles, 0 late collision, 0 deferred

     0 lost carrier, 0 no carrier

     0 output buffer failures, 0 output buffers swapped out

FastEthernet4 is up, line protocol is up

  Hardware is PQUICC_FEC, address is 0016.c78e.5cfd (bia 0016.c78e.5cfd)

  Description: WAN veza - Cisco-router  <-> zyxel

  MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,

     reliability 255/255, txload 1/255, rxload 1/255

  Encapsulation ARPA, loopback not set

  Keepalive set (10 sec)

  Full-duplex, 100Mb/s, 100BaseTX/FX

  ARP type: ARPA, ARP Timeout 04:00:00

  Last input 02:41:02, output 00:00:04, output hang never

  Last clearing of "show interface" counters never

  Input queue: 0/75/15/0 (size/max/drops/flushes); Total output drops: 0

  Queueing strategy: fifo

  Output queue: 0/40 (size/max)

  5 minute input rate 0 bits/sec, 0 packets/sec

  5 minute output rate 0 bits/sec, 0 packets/sec

     31533 packets input, 13984553 bytes

     Received 0 broadcasts, 0 runts, 0 giants, 13 throttles

     15 input errors, 0 CRC, 0 frame, 0 overrun, 15 ignored

     0 watchdog

     0 input packets with dribble condition detected

     28623 packets output, 4932451 bytes, 0 underruns

     0 output errors, 0 collisions, 4 interface resets

     0 babbles, 0 late collision, 0 deferred

     0 lost carrier, 0 no carrier

     0 output buffer failures, 0 output buffers swapped out

Loopback0 is up, line protocol is up

  Hardware is Loopback

  Description: Loopback interface

  Internet address is 10.10.10.100/24

  MTU 1514 bytes, BW 8000000 Kbit, DLY 5000 usec,

     reliability 255/255, txload 1/255, rxload 1/255

  Encapsulation LOOPBACK, loopback not set

  Last input 1d02h, output never, output hang never

  Last clearing of "show interface" counters never

  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

  Queueing strategy: fifo

  Output queue: 0/0 (size/max)

  5 minute input rate 0 bits/sec, 0 packets/sec

  5 minute output rate 0 bits/sec, 0 packets/sec

     0 packets input, 0 bytes, 0 no buffer

     Received 0 broadcasts, 0 runts, 0 giants, 0 throttles

     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort

     9 packets output, 516 bytes, 0 underruns

     0 output errors, 0 collisions, 0 interface resets

     0 output buffer failures, 0 output buffers swapped out

Virtual-Access1 is up, line protocol is up

  Hardware is Virtual Access interface

  MTU 1492 bytes, BW 56 Kbit, DLY 20000 usec,

     reliability 255/255, txload 1/255, rxload 1/255

  Encapsulation PPP, LCP Open

  Open: IPCP

  PPPoE vaccess, cloned from Dialer1

  Vaccess status 0x44, loopback not set

  Keepalive set (10 sec)

  Interface is bound to Di1 (Encapsulation PPP)

  Last input 00:02:20, output never, output hang never

  Last clearing of "show interface" counters 02:41:23

  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

  Queueing strategy: fifo

  Output queue: 0/40 (size/max)

  5 minute input rate 0 bits/sec, 0 packets/sec

  5 minute output rate 0 bits/sec, 0 packets/sec

     16135 packets input, 12913614 bytes, 0 no buffer

     Received 0 broadcasts, 0 runts, 0 giants, 0 throttles

     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort

     15518 packets output, 3661938 bytes, 0 underruns

     0 output errors, 0 collisions, 0 interface resets

     0 output buffer failures, 0 output buffers swapped out

     0 carrier transitions

Vlan1 is up, line protocol is up

  Hardware is EtherSVI, address is 0016.c78e.5cf3 (bia 0016.c78e.5cf3)

  Internet address is 192.168.13.10/25

  MTU 1500 bytes, BW 100000 Kbit, DLY 1000000 usec,

     reliability 255/255, txload 1/255, rxload 1/255

  Encapsulation ARPA, loopback not set

  ARP type: ARPA, ARP Timeout 04:00:00

  Last input 00:00:00, output never, output hang never

  Last clearing of "show interface" counters never

  Input queue: 1/75/0/0 (size/max/drops/flushes); Total output drops: 0

  Queueing strategy: fifo

  Output queue: 0/40 (size/max)

  5 minute input rate 4000 bits/sec, 5 packets/sec

  5 minute output rate 1000 bits/sec, 2 packets/sec

     463284 packets input, 39651545 bytes, 103 no buffer

     Received 431213 broadcasts, 0 runts, 0 giants, 0 throttles

     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

     31344 packets output, 14228416 bytes, 0 underruns

     0 output errors, 1 interface resets

     0 output buffer failures, 0 output buffers swapped out

I tried setting bandwith for dialer1 but it didn't help.

show ip nat statistic

Total active translations: 67 (0 static, 67 dynamic; 67 extended)

Outside interfaces:

  Dialer1, Virtual-Access1

Inside interfaces:

  Vlan1

Hits: 28993  Misses: 858

CEF Translated packets: 29450, CEF Punted packets: 370

Expired translations: 943

Dynamic mappings:

-- Inside Source

[Id: 3] access-list 1 interface Dialer1 refcount 0

[Id: 1] access-list 10 interface Dialer1 refcount 67

Queued Packets: 0

As for nat translations. Don't know if this is what you asked for but I did show ip nat translations and this is what I get

http://pastebin.com/rEZ6G4TT

Hi,

int vlan 1

ip tcp adjust-mss 1452

ip mtu 1492

Regards.

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

icefisherman
Level 1
Level 1

Hi,

Now it got to 0.66 Mbps but that is still not even close to real speed. 

Reloading configuration helped. It's working at full speed now. Should have tried that right away

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco