ā09-24-2018 03:50 AM - edited ā03-08-2019 04:13 PM
Hi friends
We are using Cisco 2911 series Router
our service provider IP address is 182.73*.*/30 they have provided 16 static WAN IP address ie 182.72*.*/28
we have configure the internet service provider IP address in Gi0/0
and WAN static IP Address in Gi0/1
and i configure local LAN in Gi0/2 ie 172.27.200.1/24
we need to access internet from the interface Gi0/2
below i attached the router configuration details
interface Loopback0
ip address 172.28.200.1 255.255.255.0
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description #WAN_INTERFACE#
ip address 182.73.*.** 255.255.255.252
ip accounting output-packets
ip accounting mac-address output
ip flow ingress
ip flow egress
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
ip address 182.72.**.** 255.255.255.240
ip accounting output-packets
ip flow ingress
ip flow egress
duplex auto
speed auto
!
interface GigabitEthernet0/2
ip address 172.27.200.2 255.255.0.0
ip accounting output-packets
ip flow ingress
ip flow egress
ip nat inside
ip nat enable
ip virtual-reassembly in
duplex auto
speed auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 182.73.**.**
can any one help me how to do routing with interface gi0/2
Solved! Go to Solution.
ā09-24-2018 03:58 AM
Hi,
As I can see your configuration, you are missing NAT configuration on the router
add below configuration and check
access-list 1 permit 172.27.200.0 0.0.0.255
!
ip nat inside source list 1 interface Gi0/1 overload
!
interface GigabitEthernet0/0
IP nat outside
!
!
interface GigabitEthernet0/2
no ip nat enable
ip nat enable
!
!
Regards,
Deepak Kumar
ā09-24-2018 06:19 AM
Hi Deepak
this is my full router configuration
cisco 2911#show run
Building configuration...
Current configuration : 2147 bytes
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
no ipv6 cef
ip source-route
ip cef
!
!
!
ip dhcp excluded-address 172.27.200.5 172.27.200.10
!
ip dhcp pool Voice
network 172.27.200.0 255.255.255.248
dns-server 8.8.8.8
default-router 172.27.200.2
!
!
ip name-server 4.2.2.2
multilink bundle-name authenticated
!
!
crypto pki token default removal timeout 0
!
!
license udi pid CISCO2911/K9
!
!
interface Loopback0
ip address 172.28.200.1 255.255.255.0
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description #WAN_INTERFACE#
ip address 182.73.*.** 255.255.255.252
ip accounting output-packets
ip accounting mac-address output
ip flow ingress
ip flow egress
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
description #Sonicwall Primary WAN#
ip address 182.72.*.** 255.255.255.240
ip accounting output-packets
ip flow ingress
ip flow egress
duplex auto
speed auto
!
interface GigabitEthernet0/2
ip address 172.27.200.2 255.255.0.0
ip accounting output-packets
ip flow ingress
ip flow egress
ip nat inside
ip nat enable
ip virtual-reassembly in
duplex auto
speed auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 182.73.*.** ( Airtel Mux IP)
!
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
login local
transport input all
!
scheduler allocate 20000 1000
end
other end of interface Gi0/0 is connected to airtel mux
other end of interface Gi0/1 is connected to firewall
other end of interface gi0/2 is connected to PC
ā09-24-2018 07:03 AM
Hello,
you haven't implemented any of the suggested changes. Make sure the parts in bold are identical:
Current configuration : 2147 bytes
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
no ipv6 cef
ip source-route
ip cef
!
ip dhcp excluded-address 172.27.200.2
ip dhcp excluded-address 172.27.200.5 172.27.200.10
!
ip dhcp pool Voice
network 172.27.200.0 255.255.255.0
dns-server 8.8.8.8
default-router 172.27.200.2
!
ip name-server 4.2.2.2
multilink bundle-name authenticated
!
crypto pki token default removal timeout 0
!
license udi pid CISCO2911/K9
!
interface Loopback0
ip address 172.28.200.1 255.255.255.0
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description #WAN_INTERFACE#
ip address 182.73.*.** 255.255.255.252
ip nat outside
ip accounting output-packets
ip accounting mac-address output
ip flow ingress
ip flow egress
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
description #Sonicwall Primary WAN#
ip address 182.72.*.** 255.255.255.240
ip accounting output-packets
ip flow ingress
ip flow egress
duplex auto
speed auto
!
interface GigabitEthernet0/2
ip address 172.27.200.2 255.255.0.0
ip accounting output-packets
ip flow ingress
ip flow egress
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 182.73.*.** ( Airtel Mux IP)
ip nat inside source list 1 interface GigabitEthernet0/0 overload
!
access-list 1 permit 172.27.200.0 0.0.0.255
control-plane
!
line con 0
!
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
!
login local
transport input all
!
scheduler allocate 20000 1000
end
ā09-24-2018 03:58 AM
Hi,
As I can see your configuration, you are missing NAT configuration on the router
add below configuration and check
access-list 1 permit 172.27.200.0 0.0.0.255
!
ip nat inside source list 1 interface Gi0/1 overload
!
interface GigabitEthernet0/0
IP nat outside
!
!
interface GigabitEthernet0/2
no ip nat enable
ip nat enable
!
!
Regards,
Deepak Kumar
ā09-24-2018 04:00 AM
I am not sure about your route, is it correct or not. If it is not working then add one more command
ip route 0.0.0.0 0.0.0.0 gig0/1
Regards,
Deepak Kumar
ā09-24-2018 05:07 AM
Hello
@Deepak Kumar wrote:
I am not sure about your route, is it correct or not. If it is not working then add one more command
ip route 0.0.0.0 0.0.0.0 gig0/1
Regards,
Deepak Kumar
It isn't really recommended to apply a static route towards the interface only, As then you are telling the router that everything in that route is directly connected , This can induce unnecessary arp traffic for any prefix reachable off that interface
ā09-24-2018 06:19 AM
Hi Deepak
this is my full router configuration
cisco 2911#show run
Building configuration...
Current configuration : 2147 bytes
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
no ipv6 cef
ip source-route
ip cef
!
!
!
ip dhcp excluded-address 172.27.200.5 172.27.200.10
!
ip dhcp pool Voice
network 172.27.200.0 255.255.255.248
dns-server 8.8.8.8
default-router 172.27.200.2
!
!
ip name-server 4.2.2.2
multilink bundle-name authenticated
!
!
crypto pki token default removal timeout 0
!
!
license udi pid CISCO2911/K9
!
!
interface Loopback0
ip address 172.28.200.1 255.255.255.0
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description #WAN_INTERFACE#
ip address 182.73.*.** 255.255.255.252
ip accounting output-packets
ip accounting mac-address output
ip flow ingress
ip flow egress
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
description #Sonicwall Primary WAN#
ip address 182.72.*.** 255.255.255.240
ip accounting output-packets
ip flow ingress
ip flow egress
duplex auto
speed auto
!
interface GigabitEthernet0/2
ip address 172.27.200.2 255.255.0.0
ip accounting output-packets
ip flow ingress
ip flow egress
ip nat inside
ip nat enable
ip virtual-reassembly in
duplex auto
speed auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 182.73.*.** ( Airtel Mux IP)
!
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
login local
transport input all
!
scheduler allocate 20000 1000
end
other end of interface Gi0/0 is connected to airtel mux
other end of interface Gi0/1 is connected to firewall
other end of interface gi0/2 is connected to PC
ā09-24-2018 04:06 AM
Hello,
the below config should work (important parts marked in bold):
interface Loopback0
ip address 172.28.200.1 255.255.255.0
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description #WAN_INTERFACE#
ip address 182.73.*.** 255.255.255.252
ip nat outside
ip accounting output-packets
ip accounting mac-address output
ip flow ingress
ip flow egress
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
ip address 182.72.**.** 255.255.255.240
ip accounting output-packets
ip flow ingress
ip flow egress
duplex auto
speed auto
!
interface GigabitEthernet0/2
ip address 172.27.200.2 255.255.0.0
ip accounting output-packets
ip flow ingress
ip flow egress
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip nat inside source list 1 interface GigabitEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 182.73.**.**
!
access-list 1 permit 172.27.200.0 0.0.0.255
ā09-24-2018 06:20 AM
hi Georg,
below is my router configuration
Hi Deepak
this is my full router configuration
cisco 2911#show run
Building configuration...
Current configuration : 2147 bytes
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
no ipv6 cef
ip source-route
ip cef
!
!
!
ip dhcp excluded-address 172.27.200.5 172.27.200.10
!
ip dhcp pool Voice
network 172.27.200.0 255.255.255.248
dns-server 8.8.8.8
default-router 172.27.200.2
!
!
ip name-server 4.2.2.2
multilink bundle-name authenticated
!
!
crypto pki token default removal timeout 0
!
!
license udi pid CISCO2911/K9
!
!
interface Loopback0
ip address 172.28.200.1 255.255.255.0
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description #WAN_INTERFACE#
ip address 182.73.*.** 255.255.255.252
ip accounting output-packets
ip accounting mac-address output
ip flow ingress
ip flow egress
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
description #Sonicwall Primary WAN#
ip address 182.72.*.** 255.255.255.240
ip accounting output-packets
ip flow ingress
ip flow egress
duplex auto
speed auto
!
interface GigabitEthernet0/2
ip address 172.27.200.2 255.255.0.0
ip accounting output-packets
ip flow ingress
ip flow egress
ip nat inside
ip nat enable
ip virtual-reassembly in
duplex auto
speed auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 182.73.*.** ( Airtel Mux IP)
!
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
login local
transport input all
!
scheduler allocate 20000 1000
end
other end of interface Gi0/0 is connected to airtel mux
other end of interface Gi0/1 is connected to firewall
other end of interface gi0/2 is connected to PC
ā09-24-2018 07:03 AM
Hello,
you haven't implemented any of the suggested changes. Make sure the parts in bold are identical:
Current configuration : 2147 bytes
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
no ipv6 cef
ip source-route
ip cef
!
ip dhcp excluded-address 172.27.200.2
ip dhcp excluded-address 172.27.200.5 172.27.200.10
!
ip dhcp pool Voice
network 172.27.200.0 255.255.255.0
dns-server 8.8.8.8
default-router 172.27.200.2
!
ip name-server 4.2.2.2
multilink bundle-name authenticated
!
crypto pki token default removal timeout 0
!
license udi pid CISCO2911/K9
!
interface Loopback0
ip address 172.28.200.1 255.255.255.0
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description #WAN_INTERFACE#
ip address 182.73.*.** 255.255.255.252
ip nat outside
ip accounting output-packets
ip accounting mac-address output
ip flow ingress
ip flow egress
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
description #Sonicwall Primary WAN#
ip address 182.72.*.** 255.255.255.240
ip accounting output-packets
ip flow ingress
ip flow egress
duplex auto
speed auto
!
interface GigabitEthernet0/2
ip address 172.27.200.2 255.255.0.0
ip accounting output-packets
ip flow ingress
ip flow egress
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 182.73.*.** ( Airtel Mux IP)
ip nat inside source list 1 interface GigabitEthernet0/0 overload
!
access-list 1 permit 172.27.200.0 0.0.0.255
control-plane
!
line con 0
!
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
!
login local
transport input all
!
scheduler allocate 20000 1000
end
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide