Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
642
Views
0
Helpful
5
Replies

Unable to access Internet from LAN - 881G

arjun.n
Level 1
Level 1

‎10-12-2011 05:35 AM - edited ‎03-07-2019 02:45 AM

Hi Guys,

We got a new 881G Router for Lab testing.

I could get to internet through the 3G sim. But the problem is that I am unable to connect to internet or ping public IPs from my LAN or VLAN.

Please check the below config and let me know if I need to add anything.

!
version 15.1
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Test3G
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
enable password cisco
!
no aaa new-model
!
memory-size iomem 10
!
crypto pki trustpoint TP-self-signed-517246259
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-517246259
revocation-check none
rsakeypair TP-self-signed-517246259
!
!
crypto pki certificate chain TP-self-signed-517246259
certificate self-signed 01
  3082024B 308201B4 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 35313732 34363235 39301E17 0D313131 30313031 32303234
  345A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
  532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3531 37323436
  32353930 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
  A55C61DB 1D1CFFEC 293E35FB 5D83AA1C 45819EBD 90EF5751 49FA2841 E609340A
  F1BB76D7 4D8D884B 228D776B 4A7DF886 52F3D013 24E47EB5 D615A57E 38B7058A
  93EA7739 4D55F5A9 509F70B8 F1D9850B 79F165AB 0CF99F98 41276891 EAD0ACFC
  DB42E041 17CE3CE1 3E6E4992 5221A378 420B74A0 D45F9B22 C2455BBC DB5A0525
  02030100 01A37530 73300F06 03551D13 0101FF04 05300301 01FF3020 0603551D
  11041930 17821554 65737433 472E796F 7572646F 6D61696E 2E636F6D 301F0603
  551D2304 18301680 1421AD5B 8BFCEA55 FF9F65FB A5306A0B DB522232 F1301D06
  03551D0E 04160414 21AD5B8B FCEA55FF 9F65FBA5 306A0BDB 522232F1 300D0609
  2A864886 F70D0101 04050003 8181002C 89FE2C08 7CA8E3A8 C34A9811 96F3FC87
  E9B465ED D8096582 09C4C9A7 E0894900 9C02173B C3CBBB51 610D5B33 5FDB1376
  678F7BA7 44D103B7 C732B935 0731F1A5 C7329738 1988CF75 8AD5BB4B 21B9BE88
  FE5D3DD1 180760DF 7A7B15AF EA6F60DC 6AFEB99D 0336C7A9 CCA0C3AC FBBA6CC1
  1FE95EDC EF919F43 2B9CFA34 98C58C
        quit
ip source-route
!
!
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool ccp-pool
   import all
   network 10.10.10.0 255.255.255.248
   default-router 10.10.10.1
   lease 0 2
!
!
ip cef
no ip domain lookup
ip domain name yourdomain.com
no ipv6 cef
!
!
multilink bundle-name authenticated
chat-script gsm "" "ATDT*98*1#" TIMEOUT 30 "CONNECT"
license udi pid CISCO881G-G-K9 sn FGL153728P5
!
!
username admin password 0 cisco
username <myuser> privilege 15 secret 5 $1$3O5L$TavO3TLt0dIerfip8PY70.
!
!
!
!
controller Cellular 0
!
!
!
!
!
!
!
!
interface Loopback0
ip address 192.0.2.1 255.255.255.255
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
no ip address
shutdown
duplex auto
speed auto
!
interface Cellular0
ip address negotiated
ip virtual-reassembly
encapsulation ppp
dialer in-band
dialer idle-timeout 0
dialer string gsm
dialer-group 1
async mode interactive
ppp chap hostname 9900540953
ppp chap password 0 9900540953
ppp ipcp dns request
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 10.10.10.1 255.255.255.248
ip virtual-reassembly
ip tcp adjust-mss 1452
!
no ip forward-protocol nd
ip http server
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
ip route 0.0.0.0 0.0.0.0 Cellular0
!
dialer-list 1 protocol ip permit
no cdp run

!
!
!
!
!
control-plane
!
!
line con 0
logging synchronous
login local
no modem enable
line aux 0
line 3
exec-timeout 0 0
script dialer gsm
login
modem InOut
no exec
transport input all
speed 237000
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
end

Labels:
0 Helpful
5 Replies 5

Edison Ortiz
Hall of Fame
Hall of Fame

‎10-12-2011 06:24 AM

You need to configure NAT.

interface Cellular0

ip nat outside

interface Vlan1

ip nat inside

ip nat inside source list 1 interface cellular0 overload

access-list 1 permit any

0 Helpful

cadet alain
VIP Alumni
VIP Alumni

‎10-12-2011 06:27 AM

Hi,

you've got no nat configured on the router.

you must do this:

access-list 10 permit 10.10..10.0 0.0.0.7

int vlan 1

ip nat inside

int cellular0

ip nat outside

ip nat inside source list 10 interface cellular0

Regards.

Alain.

Don't forget to rate helpful posts.
0 Helpful

arjun.n
Level 1
Level 1
In response to cadet alain

‎10-12-2011 06:50 AM

Hi,

Thried bothe access lists.. still no go..

!
interface Cellular0
ip address negotiated
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer in-band
dialer idle-timeout 0
dialer string gsm
dialer-group 1
async mode interactive
ppp chap hostname 9900540953
ppp chap password 0 9900540953
ppp ipcp dns request
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 10.10.10.1 255.255.255.248
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
no ip forward-protocol nd
ip http server
ip http secure-server
!
!
ip nat source list 1 interface Cellular0 overload
ip route 0.0.0.0 0.0.0.0 Cellular0
!
access-list 1 permit 10.10.10.0 0.0.0.7
access-list 1 permit any
dialer-list 1 protocol ip list 1
no cdp run

!
!


*******************************************

Test3G#ping 4.2.2.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:
!.!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 980/1194/1676 ms
Test3G#ping 4.2.2.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 996/1151/1660 ms
Test3G#
Test3G#
Test3G#
Test3G#
Test3G#
Test3G#
Test3G#ping 4.2.2.2 source vlan
Test3G#ping 4.2.2.2 source vlan 1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:
Packet sent with a source address of 10.10.10.1
.....
Success rate is 0 percent (0/5)
Test3G#

0 Helpful

arjun.n
Level 1
Level 1
In response to arjun.n

‎10-12-2011 07:53 AM

Any other problem u see guys??

0 Helpful

cadet alain
VIP Alumni
VIP Alumni
In response to arjun.n

‎10-12-2011 08:26 AM

Hi,

Have you got an entry in nat table ? : sh ip nat trans ---> post output

if not then try again with these command issued:

logging buffer 100000

no logging console

logging buffered debug

debug ip nat 101

access-list 101 permit icmp any any

then ping again 4.2.2.2 from a machine in your LAN and issue sh logg and post output

EdIT: 

ip nat source list 1 interface Cellular0 overload

you're missing the inside keyword between source and list

change it and tell us

Alain.

Don't forget to rate helpful posts.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card