Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
27092
Views
5
Helpful
7
Replies

Routing from g0/0 to g0/1 for cisco 1941

Go to solution
phuayhow01
Level 1
Level 1

‎03-12-2013 02:40 AM - edited ‎03-07-2019 12:11 PM

Hi All,

     I am new to the routing configuration. Below is the setup diagram:

                                   PC1 (10.10.10.4)

                                             |

                                             |

                                  (g0/0 - 10.10.10.1)

                                       Cisco 1941

                                 (g0/1 - 192.168.5.87)

                                             |

                                             |

                                   PC2 (192.168.5.88)

     What i am trying to achieve here is that PC1 could access to PC2's shared folder.

     Below is my router configuration:

interface GigabitEthernet0/0

description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$

ip address 10.10.10.1 255.255.255.248

ip nat inside

ip virtual-reassembly in

duplex auto

speed auto

!

interface GigabitEthernet0/1

ip address 192.168.5.87 255.255.255.0

ip nat outside

ip virtual-reassembly in

duplex auto

speed auto

!

ip forward-protocol nd

!

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

ip nat inside source list 101 interface GigabitEthernet0/0 overload

ip route 0.0.0.0 0.0.0.0 192.168.5.88

!

access-list 23 permit 10.10.10.0 0.0.0.7

             

     Could anyone enlighten me what go wrong?

Thank and Regards

Raymond

Labels:
0 Helpful
3 Accepted Solutions

Accepted Solutions

Go to solution
alexander.milyar
Level 1
Level 1

‎03-12-2013 03:17 AM

1)

You need to overload g0/1 interface - external interface.

ip nat inside source list 101 interface GigabitEthernet0/1 overload

2)

You need to make access-list 101 and add there IP, that you need to NAT.

access-list 101 permit ip host 10.10.10.4 any


View solution in original post

0 Helpful

Go to solution
jawad-mukhtar
Level 4
Level 4
In response to alexander.milyar

‎03-12-2013 03:46 AM

interface GigabitEthernet0/0

description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$

ip address 10.10.10.1 255.255.255.248

no ip nat inside

ip virtual-reassembly in

duplex auto

speed auto

!

interface GigabitEthernet0/1

ip address 192.168.5.87 255.255.255.0

no ip nat outside

ip virtual-reassembly in

duplex auto

speed auto

!

ip forward-protocol nd

!

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

no ip nat inside source list 101 interface GigabitEthernet0/0 overload

no ip route 0.0.0.0 0.0.0.0 192.168.5.88

!

ip routing


no access-list 23 permit 10.10.10.0 0.0.0.7

Why u need Nat Inside Outside you can achieve this using sample config that i have done.


Jawad

View solution in original post

Go to solution
alexander.milyar
Level 1
Level 1
In response to phuayhow01

‎03-13-2013 12:44 AM

Looks like at PC1 you have got mask 255.255.255.0.

Network mask at PC and router must be the same.

So if you change at router mask to 248 and at PC to 248 - all should work as well.

And, if you do not need network address translation, better do not use it and use recommendations that Jawad Mukhtar told you.

View solution in original post

0 Helpful
7 Replies 7

Go to solution
alexander.milyar
Level 1
Level 1

‎03-12-2013 03:17 AM

1)

You need to overload g0/1 interface - external interface.

ip nat inside source list 101 interface GigabitEthernet0/1 overload

2)

You need to make access-list 101 and add there IP, that you need to NAT.

access-list 101 permit ip host 10.10.10.4 any


0 Helpful

Go to solution
jawad-mukhtar
Level 4
Level 4
In response to alexander.milyar

‎03-12-2013 03:46 AM

interface GigabitEthernet0/0

description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$

ip address 10.10.10.1 255.255.255.248

no ip nat inside

ip virtual-reassembly in

duplex auto

speed auto

!

interface GigabitEthernet0/1

ip address 192.168.5.87 255.255.255.0

no ip nat outside

ip virtual-reassembly in

duplex auto

speed auto

!

ip forward-protocol nd

!

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

no ip nat inside source list 101 interface GigabitEthernet0/0 overload

no ip route 0.0.0.0 0.0.0.0 192.168.5.88

!

ip routing


no access-list 23 permit 10.10.10.0 0.0.0.7

Why u need Nat Inside Outside you can achieve this using sample config that i have done.


Jawad

Go to solution
phuayhow01
Level 1
Level 1
In response to jawad-mukhtar

‎03-12-2013 07:28 PM

Good day Jawad Mukhtar,

          Really appreciate your reply.

          I have tried your method and it still cannot. Do i need to input the default gateway for PC1 to 10.10.10.1 and PC2 to 192.168.5.87? When i use PC1 to ping 192.168.5.87 or 192.168.5.88, it always indicated "request  timed out".

    

                       PC1 (10.10.10.4)(Default gateway - 10.10.10.1)

                                             |

                                             |

                                  (g0/0 - 10.10.10.1)

                                       Cisco 1941

                                 (g0/1 - 192.168.5.87)

                                             |

                                             |

                       PC2 (192.168.5.88) (Default gateway - 192.168.5.87)

Below is the full detail of  router 1941configuration:

Current configuration : 3352 bytes

!

! Last configuration change at 02:09:09 UTC Wed Mar 13 2013 by cisco

! NVRAM config last updated at 02:04:58 UTC Wed Mar 13 2013 by cisco

! NVRAM config last updated at 02:04:58 UTC Wed Mar 13 2013 by cisco

version 15.1

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname Pioneer

!

boot-start-marker

boot-end-marker

!

!

logging buffered 51200 warnings

enable secret 4 tnhtc92DXBhelxjYk8LWJrPV36S2i4ntXrpb4RFmfqY

!

no aaa new-model

!

!

no ipv6 cef

ip source-route

ip cef

!

!

!

!

!

ip domain name yourdomain.com

!

multilink bundle-name authenticated

!

crypto pki token default removal timeout 0

!

crypto pki trustpoint TP-self-signed-625968446

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-625968446

revocation-check none

rsakeypair TP-self-signed-625968446

!

!

crypto pki certificate chain TP-self-signed-625968446

certificate self-signed 01

  30820229 30820192 A0030201 02020101 300D0609 2A864886 F70D0101 05050030

  30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274

  34343630 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100

  9F4C591D AC9DA311 042AD539 6652C6C3 67C15E19 2DFF7527 B46474A9 4ADA8DC9

!

!

username cisco secret 4 tnhtc92DXBhelxjYk8LWJrPV36S2i4ntXrpb4RFmfqY

!

redundancy

!

!

!

interface Embedded-Service-Engine0/0

no ip address

shutdown

!

interface GigabitEthernet0/0

description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$

ip address 10.10.10.1 255.255.255.248

ip virtual-reassembly in

duplex auto

speed auto

!

interface GigabitEthernet0/1

ip address 192.168.5.87 255.255.255.0

ip virtual-reassembly in

duplex auto

speed auto

!

ip forward-protocol nd

!

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

!

!

!

control-plane

!

!

!

line con 0

login local

line aux 0

line 2

no activation-character

no exec

transport preferred none

transport input all

transport output pad telnet rlogin lapb-ta mop udptn v120 ssh

stopbits 1

line vty 0 4

privilege level 15

login local

transport input telnet ssh

line vty 5 15

privilege level 15

login local

transport input telnet ssh

!

scheduler allocate 20000 1000

end

One more thing is that even i key in

         

                                                       router# ip routing followed by "Enter" key

I cannot see the ip routing inside my configuration.

Hope to see your reply soon.

Thank and Regard,

Raymond

0 Helpful

Go to solution
phuayhow01
Level 1
Level 1
In response to alexander.milyar

‎03-12-2013 07:46 PM

Good day Alexander Miyar,

    Thank for your reply.

     I have tried your method and it still cannot. Do i need to input the default gateway for PC1 to 10.10.10.1 and PC2 to 192.168.5.87? When i use PC1 to ping 192.168.5.87 or 192.168.5.88, it always indicated "request  timed out".

    

                       PC1 (10.10.10.4)(Default gateway - 10.10.10.1)

                                             |

                                             |

                                  (g0/0 - 10.10.10.1)

                                       Cisco 1941

                                 (g0/1 - 192.168.5.87)

                                             |

                                             |

                       PC2 (192.168.5.88) (Default gateway - 192.168.5.87)

Current configuration : 4328 bytes

!

! Last configuration change at 02:32:29 UTC Wed Mar 13 2013 by cisco

version 15.1

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname Pioneer

!

boot-start-marker

boot-end-marker

!

!

logging buffered 51200 warnings

enable secret 4 tnhtc92DXBhelxjYk8LWJrPV36S2i4ntXrpb4RFmfqY

!

no aaa new-model

!

!

no ipv6 cef

ip source-route

ip cef-                    

!

!

!

!

ip domain name yourdomain.com

!

multilink bundle-name authenticated

!

crypto pki token default removal timeout 0

!

crypto pki trustpoint TP-self-signed-625968446

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-625968446

revocation-check none

rsakeypair TP-self-signed-625968446

!

!

crypto pki certificate chain TP-self-signed-625968446

certificate self-signed 01

  30820229 30820192 A0030201 02020101 300D0609 2A864886 F70D0101 05050030

  30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274

  69666963 6174652D 36323539 36383434 36301E17 0D313231 31323830 36313231

  9F4C591D AC9DA311 042AD539 6652C6C3 67C15E19 2DFF7527 B46474A9 4ADA8DC9

  D7F57FDE 1F4FA2DE 3A206C2D 2A9338D0 254B1E72 E98DB6DE BC5B652E B8D0B0DB

!

!

username cisco secret 4 tnhtc92DXBhelxjYk8LWJrPV36S2i4ntXrpb4RFmfqY

!

redundancy

!              

!

!

!

interface Embedded-Service-Engine0/0

no ip address

shutdown

!

interface GigabitEthernet0/0

description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$

ip address 10.10.10.1 255.255.255.248

ip nat inside

ip virtual-reassembly in

duplex auto

speed auto

!

interface GigabitEthernet0/1

ip address 192.168.5.87 255.255.255.0

ip nat outside

ip virtual-reassembly in

            duplex auto

speed auto

!

ip forward-protocol nd

!

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

ip nat inside source list 101 interface GigabitEthernet0/1 overload

ip route 0.0.0.0 0.0.0.0 192.168.5.88

!

access-list 23 permit 10.10.10.0 0.0.0.7

access-list 101 permit ip host 10.10.10.4 any

!

!

!

control-plane

!

!

line con 0

     login local

line aux 0

line 2

no activation-character

no exec

transport preferred none

transport input all

transport output pad telnet rlogin lapb-ta mop udptn v120 ssh

stopbits 1

line vty 0 4

access-class 23 in

privilege level 15

login local

transport input telnet ssh

line vty 5 15

access-class 23 in

privilege level 15

login local

transport input telnet ssh

!

scheduler allocate 20000 1000

end

          Hope to hear from you soon.

Thank and Regards,

Raymond

0 Helpful

Go to solution
phuayhow01
Level 1
Level 1

‎03-12-2013 11:16 PM

Hi Alexander Miyar and Jawad Mukhtar,

        I have solved my problem already. I do not know why it is so. I just change my subnet for g0/0 from 255.255.255.248 to 255.255.255.0, i could ping and access PC2 from PC1. I used both of the method and it worked fine.

       If you could explain why, it would be nice.

Thank and Regards,

Raymond

0 Helpful

Go to solution
alexander.milyar
Level 1
Level 1
In response to phuayhow01

‎03-13-2013 12:44 AM

Looks like at PC1 you have got mask 255.255.255.0.

Network mask at PC and router must be the same.

So if you change at router mask to 248 and at PC to 248 - all should work as well.

And, if you do not need network address translation, better do not use it and use recommendations that Jawad Mukhtar told you.

0 Helpful

Go to solution
phuayhow01
Level 1
Level 1
In response to alexander.milyar

‎03-13-2013 11:48 PM

Hi Alexander Milyar,

      Thank for your explanation.

Regards,

Raymond

0 Helpful
Customers Also Viewed These Support Documents