04-27-2007 10:26 AM - edited 03-05-2019 03:44 PM
Hi.
I have Cisco 1801.
I have created 2 vlan.
Vlan1 is 8 static ip, from my provider
Vlan2 is 8 dynamic (internal 192.168.0.1???)
My problem:
Vlan1 have internet access
Vlan2 not.
When possible give to me link to manual, or small Example.
Sorry about my English.
Best Regards Andriy Harisios.
Solved! Go to Solution.
04-27-2007 11:12 AM
You would require a NAT?PATconfiguration for your Private VLAN to access internet
Use any one IP from the pool provided by your ISP (say for eg.. if it is 1.1.1.1 )
ip nat pool Internet 1.1.1.1 1.1.1.1 prefix-length 29
ip nat inside source list 104 pool internet overload
access-list 101 permit ip 192.168.1.0 0.0.0.7 any
interface
ip nat inside
interface
ip nat outside
HTH, rate if it does
Narayan
04-27-2007 10:50 AM
Andriy-
Can you clarify? I assume that your ISP gave you 8 public IPs.
Are you wanting to set this up so that VLAN2 does not have access to the net or are you saying that right now VLAN1 has access and VLAN2 does not, but you want it to?
Also, if you have any config on the 1801 please post it.
Paul
04-27-2007 11:11 AM
Question:
How to make the Internet on VLAN2
---------------------------------
User Access Verification
Username: andriy
Password:
Cisco-1801#sh running-config
Building configuration...
Current configuration : 4839 bytes
!
! Last configuration change at 19:04:36 london Tue Apr 24 2007 by andriy
! NVRAM config last updated at 18:47:19 london Tue Apr 24 2007
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname Cisco-1801
!
boot-start-marker
boot-end-marker
!
logging buffered 4096
!
no aaa new-model
clock timezone london 1
clock calendar-valid
no ip source-route
!
!
ip cef
no ip dhcp use vrf connected
ip dhcp ping packets 4
!
ip dhcp pool pool1
network 91.84.00.00 255.255.255.248
default-router 91.84.00.00
dns-server 212.104.000.0 212.104.000.00
lease infinite
!
ip dhcp pool pool2
network 192.168.0.2 255.255.255.248
default-router 91.84.00.00
dns-server 212.104.000.0 212.104.000.00
lease infinite
!
ip tcp synwait-time 10
no ip bootp server
ip name-server 212.104.000.0
ip name-server 212.104.000.00
ip ssh time-out 60
ip ssh authentication-retries 2
ip inspect name voip sip
!
multilink bundle-name authenticated
!
crypto pki trustpoint TP-self-signed-1050249944
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1050249944
revocation-check none
rsakeypair TP-self-signed-1050249944
!
!
!
!
username andriy privilege 15 password 000000000000
!
!
!
!
!
!
interface FastEthernet0
no ip address
shutdown
duplex auto
speed auto
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
!
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
no snmp trap link-status
pvc 0/38
encapsulation aal5snap
protocol ppp dialer
dialer pool-member 1
!
!
interface Vlan1
ip address 91.84.00.00 255.255.255.248
ip access-group vlan1_in in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1452
!
interface Vlan2
ip address 192.168.0.1 255.255.255.248
no ip redirects
no ip unreachables
ip nat outside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
interface Dialer0
ip address negotiated
ip access-group dialer0_in in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname 777777777@adsl.00000000.00.00
ppp chap password 7 151B010D07253E2927
ppp pap sent-username 777777777@adsl.00000000.00.00 password 00000000000000
!
ip route 0.0.0.0 0.0.0.0 Dialer0
!
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 5 life 86400 requests 10000
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
ntp clock-period 17180201
ntp server 213.170.141.38 prefer
ntp server 194.150.121.14
ntp server 81.187.121.162
end
04-27-2007 11:12 AM
You would require a NAT?PATconfiguration for your Private VLAN to access internet
Use any one IP from the pool provided by your ISP (say for eg.. if it is 1.1.1.1 )
ip nat pool Internet 1.1.1.1 1.1.1.1 prefix-length 29
ip nat inside source list 104 pool internet overload
access-list 101 permit ip 192.168.1.0 0.0.0.7 any
interface
ip nat inside
interface
ip nat outside
HTH, rate if it does
Narayan
04-27-2007 11:25 AM
Thanks
04-27-2007 12:35 PM
FWIW, there's a typo in the above config. The source list should be 101, not 104.
HTH,
P
04-27-2007 01:15 PM
Thanks.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide