Equipment Support > Hardware By Brand > Cisco > [Config] Need help configuring 1841 for lan broadband please ?

[Config] Need help configuring 1841 for lan broadband please ?

Re: [Config] Need help configuring 1841 for lan broadband please

ip dhcp excluded-address 192.168.1.1 192.168.1.50 
! 
ip dhcp pool DHCP-POOL 
import all 
network 192.168.1.0 255.255.255.0 
default-router 192.168.1.1 
 

ip nat inside source list 1 interface <YOUR-WAN-INTERFACE> overload
! 
access-list 1 permit 192.168.1.0 0.0.0.255
 

reply to Mcbosher
Also, "ip routing" in case, for some insanity, it's been turned off. Otherwise, traffic won't pass through it.

A little time with Google and you should be able to find plenty of examples of how to setup a single NAT'd LAN. Cisco also has numerous configuration examples. This forum's FAQ sections also have several configuration examples.

If you want to know more than just how to make it work, your local library may (should?) have books for CCNA training. I would say the CiscoPress books are some of the best. [»www.ciscopress.com/bookstore/pro···7054647]

reply to Mcbosher
elnino and cramer ...

thank you so much for your totally un-biased explanaitions and examples.
What i mean is there are too many people that would have some thing other to say before someone actually helps out.

Your both straight forward and helpful and clear in your methods.

As you have both been helpfull i will divulge a bit more ..

Elnino ..

Most of your method i have not tryed from googling Vlan / Lan / 1841 config etc .. i will give that a try in a little while ( ps are you in the states ?)
The access list ... would i need to add entry's for each static ip internally that i want to allow access ?? or just the ip range ?
Is that what im reading in the "192.168.1.0 0.0.0.255"

I dont think i have a problem on the Wan side as i have that set to dhcp and rebooting the modem gives it an Ip address but i dont recognise it ? It is very similar though .. when its plugged into my ***tty wrt54g which is handling the dhcp only and the throughput is so poor that's another reason for changing to the 1841 but failing to realise the lack of ease in the dhcp side considering im used to it being handled for me.
The Ip on the wan is 81.blah which is very similar to my ip that i have on the wrt54g and when i plug it back its the same?
I thought i might have to set up a Vlan between the fe0/0 and 0/1 for the internet to bridge so as to give access to the internel lan to the internet? and even if it does need one im still not sure how to set one up.

Cramer ..

i have set ip routing every to different config from google that i have tryed and due to possible mis-config never knew if it worked or not and with the nat side of things ..
well i have turned on nat ... even tryed rip v2 routing but all this is a little new to me..

Cisco ccna/p are on my to do list but family life and what goes on in them keeps changing the target date so i do know my way around the kit im just not 100% sure on everything. lol.

Thanks guys and awaiting your advice.

You don't need to take any tests... just reading the book(s) will help a great deal.

One thing to keep in mind about cablemodems... most ISPs have them setup to give out only one address. The first MAC it sees is the device that gets to ask for an address. So changing routers will require resetting the modem or cloning the MAC (so both routers appear to be the same device to the cablemodem.)

The needs for your setup are very simple. There's no need for RIP or any of that. The ACL for nat covers the entire lan subnet (192.168.1.0-255.) Cisco ACLs use "wildcards" instead of netmasks. I use a more complex configuration with route-maps, but I have IPSec and VoIP in the mix.

Let's say f0/0 is the "outside" (ISP) and f0/1 is the "inside" (lan)...

interface f0/0
 ip address dhcp
 ip nat outside
 no shut
interface f0/1
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 no shut
! just to clear...
ip routing
 

Gateway of last resort is 24.136.238.1 to network 0.0.0.0
...
S*   0.0.0.0/0 [25/0] via 24.136.238.1
 

rtr3745#ping ip 4.2.2.1 source f0/0
 
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.1, timeout is 2 seconds:
Packet sent with a source address of [outside]
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/33/36 ms
rtr3745#ping ip 4.2.2.1 source f0/1
 
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.1, timeout is 2 seconds:
Packet sent with a source address of 192.168.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/33/36 ms
 

reply to Mcbosher
can i clone or use a mac address that was there before on the 1841 or can i edit the mac address ?

thanks

reply to Mcbosher
Hi,
As i am running from factory defaults .. are there any additional configs i need to make from scratch ?

At the mo i ave said yes to initial config dialog and no to basic management in order to get extended ? no ?
Would you like to see sysetm summary = yes ...

Any interface listed with OK? value "NO" does not have a valid configuration

Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 unassigned NO unset up down
FastEthernet0/1 unassigned NO unset up down

Enter hostname ....
Passwords set
config snmp .. just hit enter twice ?
configure LAT .. just hit enter ? configure Ip .. just hit enter ?
configure rip routing.. hit enter ?
appletalk .. hit enter for no
configure decnet .. enter for no
configure clns .. enter for no.
configure bridging .. enter for no
configure ipx .. enter for no
Configuring interface parameters:

Do you want to configure FastEthernet0/0 interface? [yes]:
use the 100 base tx ... yes
operate in full duplex .. yes
configure ip on this interface .. yes
192.168.1.1
subnet mask
255.255.255.0
config lat on this device .. no

Do you want to configure FastEthernet0/1 interface? [yes]: yes
use the 100 base tx ... yes
operate in full duplex .. yes
configure ip on this interface .. yes
192.168.1.6
subnet mask
255.255.255.0
config lat on this device .. no

would you like to go through autosecure config .. no

from there i went into en>congif>int fe0/0 (internal lan)
no shutdown
ip dhcp excluded-address 192.168.1.1 192.168.1.50
!
ip dhcp pool DHCP-POOL
import all
network 192.168.1.0 255.255.255.0

phishandchipz#show running-config
Building configuration...

Current configuration : 1219 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname phishandchipz
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$k2ka$9WqqbhuudmOl4.IaZ56GX/
enable password ********
!
no aaa new-model
!
resource policy
!
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.1 192.168.1.50
!
ip dhcp pool DHCP-POOL
import all
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 192.168.1.5 255.255.255.0
ip nat inside
ip virtual-reassembly
speed auto
full-duplex
no mop enabled
!
interface FastEthernet0/1
ip address dhcp
ip nat outside
ip virtual-reassembly
speed auto
full-duplex
no mop enabled
!
router rip
redistribute connected
network 192.168.1.0
!
!
!
ip http server
no ip http secure-server
ip nat inside source list 1 interface FastEthernet0/1 overload
!
access-list 1 permit 192.168.1.0 0.0.0.255
dialer-list 1 protocol ip permit
dialer-list 1 protocol ipx permit
snmp-server community public RO
!
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line vty 0 4
password lab0sher
login
!
scheduler allocate 20000 1000
end

!

phishandchipz#show ip interface brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 192.168.1.5 YES NVRAM up up
FastEthernet0/1 80.*.***.** YES DHCP up up
NVI0 unassigned NO unset up up

There is still no internet on the internal lan ?

phishandchipz#show dhcp lease
Temp IP addr: 80.*.***.*** for peer on Interface: FastEthernet0/1
Temp sub net mask: 255.255.252.0
DHCP Lease server: 62.253.131.33, state: 3 Bound
DHCP transaction id: 22CB
Lease: 565317 secs, Renewal: 282658 secs, Rebind: 494652 secs
Temp default-gateway addr: 80.*.***.*
Next timer fires after: 3d06h
Retry count: 0 Client-ID: cisco-001b.2aa4.b4dd-Fa0/1
Client-ID hex dump: 636973636F2D303031622E326161342E
623464642D4661302F31
Hostname: phishandchipz

Hope this helps and many thanks

reply to Mcbosher
@Mcbosher
You can set a different MAC address in the config, should be "mac-address X.X.X.X," where X.X.X.X
is the MAC address you want to set. If it's cable internet, you should only have to power cycle the modem
for a few minutes to clear the previous MAC address used depending on the provider.

In terms of additional configs, HIGHLY recommended you do the autosecure feature to lock down
the router. You may also want to look into some best practice guides to securing the router from
an operational standpoint -- user/passwords, disabling unneeded services, etc.

In terms of no connectivity, check your NAT statistics and see if anything is hitting it or not -- "show ip
nat statistics." What about a tracert to the internet? Does that work?

Regards

Hi,
thanks for your help, and sorry for the delay.
My most important goal was to get this router up and running and
to be fair with all your help i have been running since the last post with only a few problems but nothing service affecting.

All the best and thanks all for you help.