Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1014
Views
0
Helpful
7
Replies

Router basic configuration 877M

JukkaKahkonen46953
Level 1
Level 1

‎04-09-2020 09:50 AM

I try configure old Cisco 877M. Yes, I know, it is old product. But, no idea byu new and make just same steps and found same problem. 

I want use 877M as router. WAN is 4G-modem. LAN is my home-office-mini-network. 

4G modem is connected to FE0. Configuration is, in nutcell, "VLAN 1000, named WAN, switchport FE0. IP DHCP". This step tested and work. This 4G modem is really hole to internet and I can configure it and router show it. 

 

BUT. LAN I does not understand. This I want: FE1, 2, 3 are LAN-port. IP Address is 100.0.0.0/16, DHCP I want 100.0.1.0/24. Default gateway (eg.) 100.0.0.1. SO: I want LAN static ip addresses 100.0.0.1...100.0.0.255, and DHCP share ip addresses 100.0.1.0 ... 100.0.1.255. Simply, printers etc "fixed" devices use this static area 100.0.0.1-255 and computers use 100.0.1.0-255. (Eg. my other network is 10.15.10.0/24, gateway is 10.15.10.1, static ip:s are 10.15.10.1...10.15.10.20 and dynamic ip:s 10.15.10.21...255. I want same but larger.)

 

Reason I want use FE1, 2, 3 as LAN-ports, I make "VLAN 123" and connect FE1,2,3 to this VLAN. Cannot know is this right way, but I cannot know... 

 

Here is my configuration. In my opinion no any error, but this not work. All is ok, but not work. 

 

!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname elkesan-router
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
!
no aaa new-model
clock timezone EST 2
!
!
dot11 syslog
ip source-route
!
!
!
ip dhcp pool JUKANDHCPPOOLI
import all
network 100.0.1.0 255.255.255.0
default-router 100.0.0.1
dns-server 8.8.8.8
domain-name elkesanverkkohalli
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
no spanning-tree vlan 1000
vtp mode transparent
!
!
!
archive
log config
hidekeys
!
!
vlan 123
name PORTIT123
!
vlan 1000
name WAN
!
!
!
!
interface ATM0
no ip address
shutdown
no atm ilmi-keepalive
!
interface FastEthernet0
switchport access vlan 1000
no cdp enable
!
interface FastEthernet1
switchport access vlan 123
no cdp enable
!
interface FastEthernet2
switchport access vlan 123
no cdp enable
!
interface FastEthernet3
switchport access vlan 123
no cdp enable
!
interface Vlan1
no ip address
!
interface Vlan123
ip address 100.0.0.1 255.255.0.0
ip nat enable
!
interface Vlan1000
ip address dhcp
ip nat enable
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat source list NATTILISTAJUKKA interface Vlan1000 overload
!
ip access-list standard NATTILISTAJUKKA
permit 100.0.0.0 0.0.255.255
!
no cdp run

!
!
!
!
!
control-plane
!
!
line con 0
no modem enable
line aux 0
line vty 0 4
login
!
scheduler max-task-time 5000
end

 

Labels:
0 Helpful
7 Replies 7

Steven Case, MBA-ITM
Level 1
Level 1

‎04-09-2020 10:01 AM

One of the things I'm not seeing here is the NAT zone designations. Specify your "ip nat ouside" on your egress interface.

 

Next, I'm not seeing a default route. Specify your 0.0.0.0 0.0.0.0 {ISP gateway}.

 

 

0 Helpful

JukkaKahkonen46953
Level 1
Level 1
In response to Steven Case, MBA-ITM

‎04-09-2020 11:05 AM

Hmm... in my opinion in my configuration contain NAT. Using google I cannot found any other configurations for NAT. Maybe this configuration is "out of Cisco documents"? So, in my opinion, in my config NAT is ok. Or... any secret link in internet tell this :)?

"Default route". It is not possible. WAN is dynamic ip. As any normal internet provider, IP is dynamic. 4G modem: no static ip. ADSL: no static ip. etc etc etc. SO: If I want add default route it is not clever way. "whatismyip", ok, today it is 192.xxx. Oh, today internet not work... I must solve my ip. SO: If I take any 4G modem, IP is dynamic. If I program it, today it is ok, but tomorrow... not. THIS IS REASON why my configuration contain it "VLAN 1000, ip address dhcp". So: this "default route" is possible only if I buy static ip from ISP. OR??? Is this any "general" ip, as... eg. dns, "8.8.8.8"? Any "google dns 8.8.8.8, google default route for cisco routers 12.12.12.12"?
0 Helpful

Steven Case, MBA-ITM
Level 1
Level 1
In response to JukkaKahkonen46953

‎04-09-2020 11:49 AM - edited ‎04-09-2020 11:51 AM

For IP Route, you can specify an interface, so long as it's not a virtual router you are using (like VRF). The configuration is:

 

ip route 0.0.0.0 0.0.0.0 {Interface, such as Gi 0/1}.

 

Again, the NAT configuration for an interface specifies which direction NAT is being performed. On your egress interface, the configuration "ip nat outside" tells the router that this is the egress interface, and that NAT translations will occur this way.

 

To this end, as you are using DHCP and interface routing, you need your NAT to state:

ip nat inside source list {YOUR LIST} {Interface, such as Gi 0/1} overload 

 

 

 

Hope this helps.

 

0 Helpful

JukkaKahkonen46953
Level 1
Level 1
In response to Steven Case, MBA-ITM

‎04-09-2020 12:16 PM

ip route ip route 0.0.0.0 0.0.0.0 100.0.0.1: "Invalid next hop address, it is this router". 100.0.0.0 ok, but really cannot know work it or not.

ip nat inside source list {YOUR LIST} {Interface, such as Gi 0/1} overload ... instead this:
interface Vlan123
ip address 100.0.0.1 255.255.0.0
ip nat enable
ip nat source list NATTILISTAJUKKA interface Vlan1000 overload
ip access-list standard NATTILISTAJUKKA
permit 100.0.0.0 0.0.255.255

So this is this direction. I understand here is two way, "inside/outside" or this new way. But: Interface I use "Vlan 123" reason if I want it three FE1,2,3 work. Instead this I must make three times "interface FE1, ip address 100" so this same to three, FE1, 2, 3. VLAN 1000 it is it wan-port.

Anyway: Looks work, BUT. Is it any jinx how to configure dhcp and non-dchp-lan? Easy example: "10.15.10.0/24, gw 10.15.10.1, static ip 10.15.10.1-10.15.10.20, dhcp 10.15.10.21-10.15.10.255". I want same but 100.0.0.0/16, gw 100.0.0.1, static this 100.0.1.0-255. I connect computer to router: Internet work, BUT router share ip-adress 100.0.0.2. I want dhcp is 100.0.1.... I try also this: dhcp pool 100.0.0.0/24, ip dhcp excluded-address 100.0.0.0 100.0.0.255. Not work. dhcp pool 100.0.1.0 not work.

So: maybe it is not possible with Cisco routers? It is not possible make any area static ip, any area dhcp? Look this type config is not possible?
0 Helpful

Steven Case, MBA-ITM
Level 1
Level 1
In response to JukkaKahkonen46953

‎04-09-2020 11:58 AM

I want to add that you really should use a physical interface as your egress interface, and not a VLAN. I would configure the physical interface like this, pretending that your egress interface (because I don't know what it is) is FastEthernet 0/0, or just fa0/0 for the example, realizing that you said it was 4G this doesn't matter: specify the interface connecting to your ISP:

 

interface fa 0/0

  ip address dhcp

  ip nat outside

 

Then, in global configuration:

 

ip route 0.0.0.0 0.0.0.0 fa 0/0

ip nat inside source list NATTILISTAJUKKA int fa0/0 overload

 

 

0 Helpful

JukkaKahkonen46953
Level 1
Level 1
In response to Steven Case, MBA-ITM

‎04-09-2020 01:18 PM

Thanks. Connection to internet work.
One important: 877M is old ADSL router. This is important: IT IS NOT POSSIBLE USE FASTETHERNET-PORTS AS WAN-PORT. Only acceptable WAN-port is adsl-hole. https://www.experts-exchange.com/questions/27869898/Configure-Switch-Port-as-WAN-port-Cisco-877.html
But: Connection to internet work properly. ip route 0.0.0.0 0.0.0.0 FastEthernet0: no difference with or without this.
So, connection to internet work now, with or without this "ip route". Reason is a) this link (expert etc). FE0 is inside VLAN 1000, and this ip nat inside source list nattilistajukka interface vlan 1000 work. So: When I connect my pc FE1, 2 or 3, it computer connection work. "IPconfig -all" say: ip 100.0.0.2, gw 100.0.0.1. (On it computer, of course, tcp/ip-settings auto). Also I can use browsers etc, internet work.

ONLY BIG PROBLEM IS, I CAN USE ONLY DHCP-ADDRESSES!
interface Vlan123
ip address 100.0.0.1 255.255.0.0
ip nat enable
ip nat source list NATTILISTAJUKKA interface Vlan1000 overload
ip access-list standard NATTILISTAJUKKA
permit 100.0.0.0 0.0.255.255
Ok. This is allways same.
But then:
ip dhcp pool JUKANDHCPPOOLI
network 100.0.0.0 255.255.0.0
default-router 100.0.0.1
dns-server 8.8.8.8
domain-name elkesanverkkohalli
HERE I tested "network 100.0.0.0 255.255.0.0": ipconfig -all in windows say "100.0.0.2". Internet works.
Then: 100.0.1.0 255.255.0.0: ipconfig -all in windows say "100.0.0.2". Internet works.
And now: 100.0.1.0 255.255.255.0 (so /24), ipconfig -all say "169.254.155.186" and internet not work.
And I want... 100.0.0.0-100.0.0.255 I want this is static ip area and 100.0.1.0-100.0.1.255 is dhcp.

SO. Most big problem is yet this.
AS I WROTE, this really not work: dhcp pool = 100.0.1.0 255.255.0.0. And this really not work: 100.0.1.0 255.255.255.0.
THIS MUST WORK BUT NOT WORK!
dhcp pool = 100.0.0.0 255.255.0.0
and
ip dhcp excluded-address 100.0.0.0 100.0.0.255

I am very sure this work and this must work. DHCP pool is 100.0.0.0/16. Excluded address is 100.0.0.0 - 100.0.0.255. So, using this combination "ipconfig -all" MUST say "100.0.1.2".

BUT NOT. SO, maybe this type configuration is not possible in Cisco router? Only in any new version? Eg. on my home I have ISP locked Cisco and it is 10.15.10.0/24, gw. 10.15.10.1, static ip area 10.15.10.1-20 and 21-255 dhcp. This type configuration is not possible with 877M? (It is no difference 10.15.10.0/24 static 1-20 dhcp 21-255 and 100.0.0.0/16 static 0.1-0.255 dhcp 100.0.1.0 - 100.0.1.255- mechanism is same).
So, this type dhcp is not possible? It is possible only in very new routers? This my router is too old?

0 Helpful

JukkaKahkonen46953
Level 1
Level 1
In response to JukkaKahkonen46953

‎04-09-2020 02:24 PM

OKAY! NOW it works!
It important point was subnet mask. It was so simple: dhcp pool 100.0.1.0/23. Mask is 255.255.254.0 and... now when I use dhcp, "ipconfig -all" show it as it must, 100.0.1.2 etc. Manually I can put 100.0.0.2. JUST as I want :).

!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname elkesan-router
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
!
no aaa new-model
clock timezone EST 2
!
!
dot11 syslog
ip source-route
!
!
!
ip dhcp pool JUKANDHCPPOOLI
network 100.0.1.0 255.255.254.0
default-router 100.0.0.1
dns-server 8.8.8.8
domain-name elkesanverkkohalli
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
no spanning-tree vlan 1000
vtp mode transparent
!
!
!
archive
log config
hidekeys
!
!
vlan 123
name PORTIT123
!
vlan 1000
name WAN
!
!
!
!
interface ATM0
no ip address
shutdown
no atm ilmi-keepalive
!
interface FastEthernet0
switchport access vlan 1000
no cdp enable
!
interface FastEthernet1
switchport access vlan 123
no cdp enable
!
interface FastEthernet2
switchport access vlan 123
no cdp enable
!
interface FastEthernet3
switchport access vlan 123
no cdp enable
!
interface Vlan1
no ip address
!
interface Vlan123
ip address 100.0.0.1 255.255.0.0
ip nat enable
!
interface Vlan1000
ip address dhcp
ip nat enable
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat source list NATTILISTAJUKKA interface Vlan1000 overload
!
ip access-list standard NATTILISTAJUKKA
permit 100.0.0.0 0.0.255.255
!
no cdp run

!
!
!
!
!
control-plane
!
!
line con 0
no modem enable
line aux 0
line vty 0 4
login
!
scheduler max-task-time 5000
end
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card