Solved: Re: Router configuration

prince.p · ‎09-24-2018

Hi friends

We are using Cisco 2911 series Router

our service provider IP address is 182.73*.*/30 they have provided 16 static WAN IP address ie 182.72*.*/28
we have configure the internet service provider IP address in Gi0/0

and WAN static IP Address in Gi0/1
and i configure local LAN in Gi0/2 ie 172.27.200.1/24
we need to access internet from the interface Gi0/2

below i attached the router configuration details

interface Loopback0
ip address 172.28.200.1 255.255.255.0
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description #WAN_INTERFACE#
ip address 182.73.*.** 255.255.255.252
ip accounting output-packets
ip accounting mac-address output
ip flow ingress
ip flow egress
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
ip address 182.72.**.** 255.255.255.240
ip accounting output-packets
ip flow ingress
ip flow egress
duplex auto
speed auto
!
interface GigabitEthernet0/2
ip address 172.27.200.2 255.255.0.0
ip accounting output-packets
ip flow ingress
ip flow egress
ip nat inside
ip nat enable
ip virtual-reassembly in
duplex auto
speed auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 182.73.**.**

can any one help me how to do routing with interface gi0/2

Deepak Kumar · ‎09-24-2018

Hi,

As I can see your configuration, you are missing NAT configuration on the router

add below configuration and check

access-list 1 permit 172.27.200.0 0.0.0.255

!

ip nat inside source list 1 interface Gi0/1 overload

!

interface GigabitEthernet0/0

IP nat outside

!

interface GigabitEthernet0/2

no ip nat enable
ip nat enable

!

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

View solution in original post

prince.p · ‎09-24-2018

Hi Deepak

this is my full router configuration

cisco 2911#show run
Building configuration...

Current configuration : 2147 bytes
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!

!
boot-start-marker
boot-end-marker

!
no aaa new-model
!
no ipv6 cef
ip source-route
ip cef
!
!
!
ip dhcp excluded-address 172.27.200.5 172.27.200.10
!
ip dhcp pool Voice
network 172.27.200.0 255.255.255.248
dns-server 8.8.8.8
default-router 172.27.200.2
!
!
ip name-server 4.2.2.2
multilink bundle-name authenticated
!
!
crypto pki token default removal timeout 0
!
!
license udi pid CISCO2911/K9
!
!

interface Loopback0
ip address 172.28.200.1 255.255.255.0
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description #WAN_INTERFACE#
ip address 182.73.*.** 255.255.255.252
ip accounting output-packets
ip accounting mac-address output
ip flow ingress
ip flow egress
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
description #Sonicwall Primary WAN#
ip address 182.72.*.** 255.255.255.240
ip accounting output-packets
ip flow ingress
ip flow egress
duplex auto
speed auto
!
interface GigabitEthernet0/2
ip address 172.27.200.2 255.255.0.0
ip accounting output-packets
ip flow ingress
ip flow egress
ip nat inside
ip nat enable
ip virtual-reassembly in
duplex auto
speed auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 182.73.*.** ( Airtel Mux IP)
!
!
!
!
control-plane
!
!
!
line con 0

line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4

login local
transport input all
!
scheduler allocate 20000 1000
end

other end of interface Gi0/0 is connected to airtel mux

other end of interface Gi0/1 is connected to firewall

other end of interface gi0/2 is connected to PC

View solution in original post

Georg Pauwen · ‎09-24-2018

Hello,

you haven't implemented any of the suggested changes. Make sure the parts in bold are identical:

Current configuration : 2147 bytes
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
no ipv6 cef
ip source-route
ip cef
!
ip dhcp excluded-address 172.27.200.2
ip dhcp excluded-address 172.27.200.5 172.27.200.10
!
ip dhcp pool Voice
network 172.27.200.0 255.255.255.0
dns-server 8.8.8.8
default-router 172.27.200.2
!
ip name-server 4.2.2.2
multilink bundle-name authenticated
!
crypto pki token default removal timeout 0
!
license udi pid CISCO2911/K9
!
interface Loopback0
ip address 172.28.200.1 255.255.255.0
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description #WAN_INTERFACE#
ip address 182.73.*.** 255.255.255.252
ip nat outside
ip accounting output-packets
ip accounting mac-address output
ip flow ingress
ip flow egress
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
description #Sonicwall Primary WAN#
ip address 182.72.*.** 255.255.255.240
ip accounting output-packets
ip flow ingress
ip flow egress
duplex auto
speed auto
!
interface GigabitEthernet0/2
ip address 172.27.200.2 255.255.0.0
ip accounting output-packets
ip flow ingress
ip flow egress
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 182.73.*.** ( Airtel Mux IP)
ip nat inside source list 1 interface GigabitEthernet0/0 overload
!
access-list 1 permit 172.27.200.0 0.0.0.255
control-plane
!
line con 0
!
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
!
login local
transport input all
!
scheduler allocate 20000 1000
end

View solution in original post

Deepak Kumar · ‎09-24-2018

Hi,

As I can see your configuration, you are missing NAT configuration on the router

add below configuration and check

access-list 1 permit 172.27.200.0 0.0.0.255

!

ip nat inside source list 1 interface Gi0/1 overload

!

interface GigabitEthernet0/0

IP nat outside

!

interface GigabitEthernet0/2

no ip nat enable
ip nat enable

!

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

Deepak Kumar · ‎09-24-2018

I am not sure about your route, is it correct or not. If it is not working then add one more command

ip route 0.0.0.0 0.0.0.0 gig0/1

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

paul driver · ‎09-24-2018

Hello

@Deepak Kumar wrote:

I am not sure about your route, is it correct or not. If it is not working then add one more command

ip route 0.0.0.0 0.0.0.0 gig0/1

Regards,

Deepak Kumar

It isn't really recommended to apply a static route towards the interface only, As then you are telling the router that everything in that route is directly connected , This can induce unnecessary arp traffic for any prefix reachable off that interface

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

prince.p · ‎09-24-2018

Hi Deepak

this is my full router configuration

cisco 2911#show run
Building configuration...

Current configuration : 2147 bytes
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!

!
boot-start-marker
boot-end-marker

!
no aaa new-model
!
no ipv6 cef
ip source-route
ip cef
!
!
!
ip dhcp excluded-address 172.27.200.5 172.27.200.10
!
ip dhcp pool Voice
network 172.27.200.0 255.255.255.248
dns-server 8.8.8.8
default-router 172.27.200.2
!
!
ip name-server 4.2.2.2
multilink bundle-name authenticated
!
!
crypto pki token default removal timeout 0
!
!
license udi pid CISCO2911/K9
!
!

interface Loopback0
ip address 172.28.200.1 255.255.255.0
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description #WAN_INTERFACE#
ip address 182.73.*.** 255.255.255.252
ip accounting output-packets
ip accounting mac-address output
ip flow ingress
ip flow egress
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
description #Sonicwall Primary WAN#
ip address 182.72.*.** 255.255.255.240
ip accounting output-packets
ip flow ingress
ip flow egress
duplex auto
speed auto
!
interface GigabitEthernet0/2
ip address 172.27.200.2 255.255.0.0
ip accounting output-packets
ip flow ingress
ip flow egress
ip nat inside
ip nat enable
ip virtual-reassembly in
duplex auto
speed auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 182.73.*.** ( Airtel Mux IP)
!
!
!
!
control-plane
!
!
!
line con 0

line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4

login local
transport input all
!
scheduler allocate 20000 1000
end

other end of interface Gi0/0 is connected to airtel mux

other end of interface Gi0/1 is connected to firewall

other end of interface gi0/2 is connected to PC

Georg Pauwen · ‎09-24-2018

Hello,

the below config should work (important parts marked in bold):

interface Loopback0
ip address 172.28.200.1 255.255.255.0
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description #WAN_INTERFACE#
ip address 182.73.*.** 255.255.255.252
ip nat outside
ip accounting output-packets
ip accounting mac-address output
ip flow ingress
ip flow egress
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
ip address 182.72.**.** 255.255.255.240
ip accounting output-packets
ip flow ingress
ip flow egress
duplex auto
speed auto
!
interface GigabitEthernet0/2
ip address 172.27.200.2 255.255.0.0
ip accounting output-packets
ip flow ingress
ip flow egress
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip nat inside source list 1 interface GigabitEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 182.73.**.**
!
access-list 1 permit 172.27.200.0 0.0.0.255

prince.p · ‎09-24-2018

hi Georg,

below is my router configuration

Hi Deepak

this is my full router configuration

cisco 2911#show run
Building configuration...

Current configuration : 2147 bytes
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!

!
boot-start-marker
boot-end-marker

!
no aaa new-model
!
no ipv6 cef
ip source-route
ip cef
!
!
!
ip dhcp excluded-address 172.27.200.5 172.27.200.10
!
ip dhcp pool Voice
network 172.27.200.0 255.255.255.248
dns-server 8.8.8.8
default-router 172.27.200.2
!
!
ip name-server 4.2.2.2
multilink bundle-name authenticated
!
!
crypto pki token default removal timeout 0
!
!
license udi pid CISCO2911/K9
!
!

interface Loopback0
ip address 172.28.200.1 255.255.255.0
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description #WAN_INTERFACE#
ip address 182.73.*.** 255.255.255.252
ip accounting output-packets
ip accounting mac-address output
ip flow ingress
ip flow egress
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
description #Sonicwall Primary WAN#
ip address 182.72.*.** 255.255.255.240
ip accounting output-packets
ip flow ingress
ip flow egress
duplex auto
speed auto
!
interface GigabitEthernet0/2
ip address 172.27.200.2 255.255.0.0
ip accounting output-packets
ip flow ingress
ip flow egress
ip nat inside
ip nat enable
ip virtual-reassembly in
duplex auto
speed auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 182.73.*.** ( Airtel Mux IP)
!
!
!
!
control-plane
!
!
!
line con 0

line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4

login local
transport input all
!
scheduler allocate 20000 1000
end

other end of interface Gi0/0 is connected to airtel mux

other end of interface Gi0/1 is connected to firewall

other end of interface gi0/2 is connected to PC

Georg Pauwen · ‎09-24-2018

Hello,

you haven't implemented any of the suggested changes. Make sure the parts in bold are identical:

Current configuration : 2147 bytes
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
no ipv6 cef
ip source-route
ip cef
!
ip dhcp excluded-address 172.27.200.2
ip dhcp excluded-address 172.27.200.5 172.27.200.10
!
ip dhcp pool Voice
network 172.27.200.0 255.255.255.0
dns-server 8.8.8.8
default-router 172.27.200.2
!
ip name-server 4.2.2.2
multilink bundle-name authenticated
!
crypto pki token default removal timeout 0
!
license udi pid CISCO2911/K9
!
interface Loopback0
ip address 172.28.200.1 255.255.255.0
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description #WAN_INTERFACE#
ip address 182.73.*.** 255.255.255.252
ip nat outside
ip accounting output-packets
ip accounting mac-address output
ip flow ingress
ip flow egress
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
description #Sonicwall Primary WAN#
ip address 182.72.*.** 255.255.255.240
ip accounting output-packets
ip flow ingress
ip flow egress
duplex auto
speed auto
!
interface GigabitEthernet0/2
ip address 172.27.200.2 255.255.0.0
ip accounting output-packets
ip flow ingress
ip flow egress
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 182.73.*.** ( Airtel Mux IP)
ip nat inside source list 1 interface GigabitEthernet0/0 overload
!
access-list 1 permit 172.27.200.0 0.0.0.255
control-plane
!
line con 0
!
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
!
login local
transport input all
!
scheduler allocate 20000 1000
end