setup 1941 router with cable modem and 2 vlan?

Dullahtech · ‎04-12-2015

hello everyone,

i need a little help setting up my new 1941 router with cable modem using 2 vlns.

this is what i have:

1- 1941 router configured as g0/0 wan port facing isp configured as (dhcp). g0/1 is lan facing the switch (192.168.1.1)

dhcp pool (192.168.1.x)

2- sg300-28pp switch.

3- wap371 AP/ 11pcs..

now everything is working perfect except sometimes we have more than 250 to 300 people trying to connect to the wifi, the router will have no enough ip addresses.

i heard that i can setup 2 vlans to solve this problem? and is there any setup that i have to do on switch and Access points?

please i will appreciate any little help

Regards

Andre Neethling · ‎04-12-2015

Good day...... If you need to split your clients into 2 separate subnets for control or security purposes You can setup a second vlan with VLAN subinerfaces. i am not familiar with the sg300, but you will need to set the port linking to the 1941 as a Trunk port. Once you have done that, you will have to add VLANS on your sg300 to connect your wired clients and wireless clients to.

If it is an issue with amount of IP's only, then you can just extend you IP pool i your DHCP config to a /23, instead of a /24. So you can add the following line to your DHCP pool config.

network 192.168.0.0 255.255.254.0

If you want to go with 2 VLANs i can assist with the router config

Dullahtech · ‎04-12-2015

thank you soo much. i will try to add network 192.168.0.0 255.255.254.0 to the dhcp pool and i will let you know.

thank you.

Dullahtech · ‎04-14-2015

hello Andre Neethling i added network 192.168.0.0 255.255.254.0 to dhcp pool config and it seems that it is working but i am concern that i am going to have problem in the future so please take a look at the running config and let me know if i have everything done right. also we want to order static ip address from the provider for our security camera system and we will not longer receive dhcp ip from them and my router setup is to receive it as dhcp on g0/0 so what i should do about changing the settings on g0/0?

i appreciate your help

Building configuration...

Current configuration : 1163 bytes
!
! Last configuration change at 00:46:35 UTC Wed Apr 15 2015
!
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Abdullah
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
no ipv6 cef
ip source-route
ip cef
!
!
ip dhcp excluded-address 192.168.1.1 192.168.1.50
!
ip dhcp pool Local
import all
network 192.168.0.0 255.255.254.0
default-router 192.168.1.1
!
!
multilink bundle-name authenticated
!
!
!
license udi pid CISCO1941/K9 sn FTX1523022E
!
!
!
redundancy
!
!
!
!
!
!
interface GigabitEthernet0/0
ip address dhcp
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface GigabitEthernet0/1
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip nat inside source list 101 interface GigabitEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0
!
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
!
!
!
!
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
login
!
scheduler allocate 20000 1000
end

Andre Neethling · ‎04-14-2015

Firstly. Change your NAT acl to be the same as your dhcp pool, 192.168.0.0 255.255.254.0.

When you get your static IP ftom your service provider all you do is change "Iip aaddress dhcp" to "ip address x.x.x.x y.y.y under your gi 0/0 interface, with x beIng your ip and y beIng your subnet mask.

when you get your camera and set it up to access externally, then you will need to do a port foward/static nat statements.

Andre Neethling · ‎04-14-2015

One other thing.......... I would consider adding DNS servers to your DHCP pool. So that your clients can get a DNS server with the dynamically assigned IP address.

Dullahtech · ‎04-15-2015

Can you explain with more details please. I am not as professional as you are. Please if you can explain more i would appreciate it. Now all the guests that got 192.168.0.x from the router they dont have internet. A

Andre Neethling · ‎04-15-2015

As per my previous comment please change your NAT access list? Please enter the commands below?

no access-list 101 permit ip 192.168.1.0 0.0.0.255 any

access-list 101 permit ip 192.168.0.0 0.0.1.255 any

Dullahtech · ‎04-16-2015

hello.. i did everything u told me about and everything is working fine now. the internet provider gave me the ip , subnet, default gateway and dnss i added everything except default gateway and it works, should i add the gateway ip somewhere? thank you soo much Andre . i appreciate your help so much. the only thing left is the port forwarding for port 9000 as tcp and udp any help please? the dvr got this ip 192.168.1.23.

thank you again.

Andre Neethling · ‎04-16-2015

You need the default gateway for your router to communicate out via that gateway specifically for traffic originating from your router.

For the port forward you can add the following command

ip nat inside source static tcp 192.168.1.23 9000 interface GigabitEthernet 0/0 9000

or if you want you can add the IP address of your gi 0/0 instead of the "interface GigabitEthernet 0/0" part in the NAT statement above.

I don't know if you can port forward all UDP traffic because then all UDP ports can only go to and from the camera. Try this NAT statement first, and ask the DVR installers for a UDP port for your NAT statement.