| Ok setting up a 2801 NAT problem Ok I think I have everything configured properly. But im not getting any internet access.
Using 2485 out of 196600 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname AVTINC
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
ip cef
!
!
no ip dhcp use vrf connected
!
ip dhcp pool pool
import all
network 192.168.1.0 255.255.255.0
dns-server 65.106.1.196 65.106.7.196
default-router 192.168.1.1
!
!
ip domain name yourdomain.com
!
username cisco privilege 15 secret 5 $1$xZuL$mQeMPDwDXlyFUyUxR3FRX0
!
!
!
interface FastEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0$
ip address 192.168.1.1 255.255.255.0
ip nat inside
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.0.1 255.255.255.0
ip nat inside
duplex auto
speed auto
!
interface Serial0/1/0
ip address 140.239.X.1 255.255.255.0
ip nat outside
!
ip classless
!
ip http server
ip http access-class 23
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat pool no-overload 140.239.X.4 140.239.X.254 prefix-length 24
!
access-list 7 permit 192.168.1.0 0.0.0.200
access-list 7 permit 192.168.0.0 0.0.0.200
!
control-plane
!
banner login ^C
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device.
This feature requires the one-time use of the username "cisco"
with the password "cisco". The default username and password have a privilege le
vel of 15.
Please change these publicly known initial credentials using SDM or the IOS CLI.
Here are the Cisco IOS commands.
username privilege 15 secret 0
no username cisco
Replace and with the username and password you want to use
.
--More--
For more information about SDM please follow the instructions in the QUICK START
GUIDE for your router or go to »www.cisco.com/go/sdm
-----------------------------------------------------------------------
^C
!
line con 0
login local
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet
!
end
|
|
3 edits | You need to specify what you want to nat, so something like this.
ip nat inside source list 100 pool no-overload
access-list 100 permit ip 192.168.0.0 0.0.0.255 any
access-list 100 permit ip 192.168.1.0 0.0.0.255 any
Guessing thats why access-list 7 may be in there, but it isnt tied to anything. |
|
| reply to Isaac
I thought I was missing something but ive been staring at this for hours to try and fix it. Trying it now... and keeping fingers crossed that for the tip! |
|
| reply to Isaac
Ok made a couple changes to simplify things but still not connecting to the net. Heres what it looks like now.
Using 2493 out of 196600 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname AVTINC
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
ip cef
!
!
no ip dhcp use vrf connected
!
ip dhcp pool pool
import all
network 192.168.1.0 255.255.255.0
dns-server 65.106.1.196 65.106.7.196 192.168.1.1
default-router 192.168.1.1
!
!
ip domain name yourdomain.com
!
username privilege 15 secret 5 $1$P.43$Q4ybXyYHr47t9XS8ttSkv1
username AVTINC privilege 15 secret 5 $1$K6MC$Ifa2rw4enSxqZekR5sO3M0
!
!
!
interface FastEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0$
ip address 192.168.1.1 255.255.255.0
ip nat inside
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1/0
ip address 140.239.20.1 255.255.255.0
ip nat outside
!
ip classless
!
ip http server
ip http access-class 23
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat pool no-overload 140.239.20.4 140.239.20.200 netmask 255.255.255.0
ip nat inside source list 100 pool no-overload
!
access-list 7 permit 192.168.1.0 0.0.0.200
access-list 7 permit 192.168.0.0 0.0.0.200
access-list 100 permit ip 192.168.1.0 0.0.0.255 any
!
control-plane
!
banner login ^C
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device.
This feature requires the one-time use of the username "cisco"
with the password "cisco". The default username and password have a privilege le
vel of 15.
Please change these publicly known initial credentials using SDM or the IOS CLI.
Here are the Cisco IOS commands.
username privilege 15 secret 0
no username cisco
Replace and with the username and password you want to use
.
For more information about SDM please follow the instructions in the QUICK START
GUIDE for your router or go to »www.cisco.com/go/sdm
-----------------------------------------------------------------------
^C
!
line con 0
login local
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet
!
end |
|
1 edit | reply to Isaac
wheres your default route?
ex ip route 0.0.0.0 0.0.0.0 yourgatewayip
without that your router doesnt know how to get to websites unless they are in its routing table, which they wouldnt be. |
|
Isaac2
join:2009-09-24
Escondido, CA | reply to Isaac
ok so if i set it like this....
ip route 0.0.0.0 0.0.0.0 se 0/1/0
that should do the trick right?? |
|
| said by Isaac2:ok so if i set it like this.... ip route 0.0.0.0 0.0.0.0 se 0/1/0 that should do the trick right?? Umm i am not sure, but that may not work. Since its a class c how is it going to know which IP to send it to? Xo should have given you a gateway IP. Last usable of the class C maybe? |
|
Isaac2
join:2009-09-24
Escondido, CA | ohhhh your right should bex.x.x.255 i think |
|
|
|
| said by Isaac2:ohhhh your right should bex.x.x.255 i think last usable would be .254. .255 is the broadcast. |
|
Isaac2
join:2009-09-24
Escondido, CA | Ok that wasnt it so went back through my note and xo gave me this.
140.239.20.0 is the ip
140.239.20.1 is the gateway but i cant set this as the gateway
and i cant set 140.239.20.0 as the ip
so now im stuck |
|
1 edit | said by Isaac2:Ok that wasnt it so went back through my note and xo gave me this. 140.239.20.0 is the ip 140.239.20.1 is the gateway but i cant set this as the gateway and i cant set 140.239.20.0 as the ip so now im stuck .0 is the subnet address, it isnt usable. .1 needs to be your gateway, but you are using .1 on your router. You need to do the following.
Change the ip on se0/1/0 to .2 (or .254 if you want to use the last usable, it really doesnt matter)
Add the default route to .1 |
|
Isaac2
join:2009-09-24
Escondido, CA | ok heres what this looks like but im still not getting anything.
AVTINC#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 140.239.20.1 to network 0.0.0.0
140.239.0.0/24 is subnetted, 1 subnets
C 140.239.20.0 is directly connected, Serial0/1/0
C 192.168.1.0/24 is directly connected, FastEthernet0/0
S* 0.0.0.0/0 [1/0] via 140.239.20.1 |
|
1 edit | said by Isaac2:ok heres what this looks like but im still not getting anything. AVTINC#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is 140.239.20.1 to network 0.0.0.0 140.239.0.0/24 is subnetted, 1 subnets C 140.239.20.0 is directly connected, Serial0/1/0 C 192.168.1.0/24 is directly connected, FastEthernet0/0 S* 0.0.0.0/0 [1/0] via 140.239.20.1 Are you sure that is the right subnet to be on your serial interface? Ill be honest most /24's are routed to your usable of a /30 on the wan side. Meaning you should have a 255.255.255.252 subnet with 1 usable and the other being your gateway. The /24 would be used on the backside, or just used for NAT.
Please look over your documents and emails from XO carefully and confirm this. What you have may also be correct.
also looks like you are missing an encapalation on your serial interface. Its probably PPP, so you need to add encap PPP on your serial interface. Do this, then do a show int se0/1/0, and you should see it saying up/up, or something like this
Serial0/1/0 is up, line protocol is up |
|
Isaac2
join:2009-09-24
Escondido, CA | Ok so its sounds like I might be getting the wrong information from xo. If the info they are giving might be the connection iformation to connect to there nortel router. If thats the case the I should be coming off there e0/0 right? I specificly told them what we am I doing here and they gave my the ip address and the gateway and dns servers. |
|
| said by Isaac2:Ok so its sounds like I might be getting the wrong information from xo. If the info they are giving might be the connection iformation to connect to there nortel router. If thats the case the I should be coming off there e0/0 right? I specificly told them what we am I doing here and they gave my the ip address and the gateway and dns servers. Well if they have a nortel router then it sounds like they are providing a "managed" router and it is plugged up to the smart jack. So you dont need a wic card or anything.
If so then yes, you should be plugging up to there e0/0 via an ethernet interface and configuring the ip address on that. |
|
Isaac2
join:2009-09-24
Escondido, CA | Ok thats where I got my wires crossed. Sorry Its been 10 years since ive messed with a cisco router and ive been trying to remember everything from scratch. |
|
Isaac2
join:2009-09-24
Escondido, CA | Ok so unconfigured se 0/1/0 and configured fa 0/1 as 140.239.20.2
So all the other routing should still be the same correct I shouldnt have to chagne much.
Oh and Thank you cooldude9919 very much for all your hlep you dont know how much of a life saver you have been! |
|
2 edits | said by Isaac2:Ok so unconfigured se 0/1/0 and configured fa 0/1 as 140.239.20.2 So all the other routing should still be the same correct I shouldnt have to chagne much. Oh and Thank you cooldude9919 very much for all your hlep you dont know how much of a life saver you have been! Yep i can ping the .1 now through the internet, so it looks like you are plugged up to the right interface. I cant ping the .2 yet, so guessing you dont have the default route in there quite yet.
Also be sure you get your nat inside/outside on the right interfaces. |
|
Isaac2
join:2009-09-24
Escondido, CA | I have the default route in place yet nothing is working... Im to tired to mess with this tonight anymore im heading home!! LOL been at work for 14 hours now. Thanks for the help will be at again in the morning. |
|
Isaac2
join:2009-09-24
Escondido, CA | Ok this is the last config. Yeah i said i was leaving but im determind to ge this thing up and running!
Using 2498 out of 196600 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname AVTINC
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
ip cef
!
!
no ip dhcp use vrf connected
!
ip dhcp pool pool
import all
network 192.168.1.0 255.255.255.0
dns-server 65.106.1.196 65.106.7.196
default-router 192.168.1.1
!
!
ip domain name yourdomain.com
!
username privilege 15 secret 5 $1$P.43$Q4ybXyYHr47t9XS8ttSkv1
username AVTINC privilege 15 secret 5 $1$K6MC$Ifa2rw4enSxqZekR5sO3M0
!
!
!
interface FastEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0$
ip address 192.168.1.1 255.255.255.0
ip nat inside
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 140.239.20.2 255.255.255.0
ip nat outside
duplex auto
speed auto
!
interface Serial0/1/0
no ip address
encapsulation ppp
shutdown
no keepalive
!
ip classless
ip route 0.0.0.0 0.0.0.0 140.239.20.1
!
ip http server
ip http access-class 23
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat pool no-overload 140.239.20.4 140.239.20.200 netmask 255.255.255.0
ip nat inside source list 7 pool no-overload
!
access-list 7 permit 192.168.1.0 0.0.0.200
access-list 7 permit 192.168.0.0 0.0.0.200
!
control-plane
!
banner login ^C
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device.
This feature requires the one-time use of the username "cisco"
with the password "cisco". The default username and password have a privilege le
vel of 15.
Please change these publicly known initial credentials using SDM or the IOS CLI.
Here are the Cisco IOS commands.
username privilege 15 secret 0
no username cisco
Replace and with the username and password you want to use
.
For more information about SDM please follow the instructions in the QUICK START
GUIDE for your router or go to »www.cisco.com/go/sdm
-----------------------------------------------------------------------
^C
!
line con 0
login local
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet
!
end |
|
