Add this line to your

Garrison Gurule · ‎06-15-2017

I have a Cisco 1841 integrated router I am working with.

I created a VLAN on the switch and a DHCP scope attached to that VLAN.

Computers connected to the VLAN:

get IP addresses, DNS, and DHCP
can access all of my internal network;

However, they cannot access the internet....

Do I need to configure that VLAN on the router in order to access the internet?

If so how?

what are the steps, commands, and logic?

Thank you for the help

Julio E. Moisa · ‎06-15-2017

Hi

You need to configure a NAT on the router to get Internet access on the computers, could you please provide the config from switch and router?

The following is just and example, using router in a stick scheme:

ROUTER

inte fa0/0
description INTERNET
ip add 190.x.x.2 255.255.255.252
ip nat outside
no shut

int fa0/1
description TO-SWITCH-FA0/24
no shut

int fa0/1.10
encapsulation dot1q 10
ip nat inside
ip add 192.168.10.1 255.255.255.0

int fa0/1.20
encapsulation dot1q 20
ip nat inside
ip add 192.168.20.1 255.255.255.0

ip access-list standard INTERNAL-NETS
permit 192.168.10.0 0.0.0.255
permit 192.168.20.0 0.0.0.255

ip nat inside source list INTERNAL-NETS interface f0/0 overload

ip route 0.0.0.0 0.0.0.0 190.x.x.1 name DEFAULT-ROUTE-INTERNET

SWITCH

vlan 10
vlan 20

int fa0/24
description TO-ROUTER-F0/1
switchport mode trunk
no shut

int fa0/1
switchport access vlan 10
switchport mode access
no shut

int fa0/2
switchport access vlan 20
switchport mode access
no shut

:-)

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

devils_advocate · ‎06-16-2017

As Julio has said, NAT is needed to translate your internal IP addresses to the one used by your WAN interface.

What type of internet connection do you have?

If the 1841 plugged into a modem or another router of some sort?

Garrison Gurule · ‎06-16-2017

Modem is hooked up to 1841 which is hooked up to switch. Other VLANs are working but a new VLAN I created is not working because I do not know any command line for the 1841 to enable WAN for the new VLAN

Julio E. Moisa · ‎06-16-2017

Hi

You need to add the new subnet into the ACL used for the NAT and verify if the router has a route into the routing table to reach this new subnet.

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

Garrison Gurule · ‎06-16-2017

Okay perfect, how do I do that?

Jon Marshall · ‎06-16-2017

Post your router configuration and tell us what the new IP subnet is.

Jon

Garrison Gurule · ‎06-16-2017

Alright,

I didnt know how to do anything above so i just got the part that says it is not in the routing and added I added the IP subnet to the routing table as follows:

configure terminal

ip route 10.1.7.0 255.255.255.0 10.10.10.1

end

Now my new subnet 10.1.7.0 is in the routing table but it still does not access WAN: To view look here: https://snag.gy/MwnKuJ.jpg

i verified that it looks exactly as my 10.1.6.0 which works and has access to WAN: https://snag.gy/CjLJvy.jpg

Jon Marshall · ‎06-16-2017

If you want help post the configuration of the router.

Jon

Garrison Gurule · ‎06-16-2017

Attached is the config file... after reviewing it i do not see the subnet 10.1.7.0 anywhere but when i do a show ip route it is there

Jon Marshall · ‎06-16-2017

Add this line to your configuration -

"access-list 103 permit ip 10.1.7.0 0.0.0.255 any"

and retest.

Jon

Julio E. Moisa · ‎06-16-2017

I agree, adding the ACL entry should resolve the problem.

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

Garrison Gurule · ‎06-19-2017

How do I do that?

Garrison Gurule · ‎06-26-2017

Jon,

How do I add that line to the configuration?

Jon Marshall · ‎06-26-2017

Go into configuration mode (the way you did when you added the route) and then just type in that line.

Jon

VLANS created on Switch Do not Access Internet