| Cisco 2811 - EOC no WAN connection Hello everyone, this is my first time posting here.
My situation is that I have a Cisco 2811. I basically taught myself how to configure it in a day. But i cannot get the WAN connection. I am doing beta testing for my ISP on a new Ethernet Over Copper line. The modem and router are seperate from my production network. I dont care about security or anything like that. But i have setup FE0/0 as the LAN & FE0/1 as the WAN. basically the modem connects directly to the router on FE0/1 and i have a laptop directly connected to FE0/1. Nothing special.
I have no clue of why i can't connect to the internet. The only thing required for this connection is that the Duplex is Full and the Speed is set at 10. Could anyone offer any advice?
Below is my configuration.
Building configuration...
Current configuration : 2738 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
! card type command needed for slot/vwic-slot 0/1
!
no aaa new-model
dot11 syslog
!
!
ip cef
!
!
no ip domain lookup
multilink bundle-name authenticated
!
!
voice-card 0
no dspfarm
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
crypto pki trustpoint TP-self-signed-1994731215
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1994731215
revocation-check none
rsakeypair TP-self-signed-1994731215
!
!
crypto pki certificate chain TP-self-signed-1994731215
certificate self-signed 01
3082023E 308201A7 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31393934 37333132 3135301E 170D3132 30373130 31333137
35345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 39393437
33313231 3530819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100D951 76EC7244 9946DCA4 3A335E7F 7DA482FA 1761FFA9 00A8B28B 0A813393
204D60A1 A83963B2 853CAF0F 039C523C 471AB837 2309501B 9FCCBC9F E28F0C5C
313F988D 5BB68035 4E19BCDD 7F4A2C60 9F0C8E98 2FD1E24E 4E08C68C 5D2C8366
57BBD4D4 5A608C06 12C22424 E8059B73 8B13102A 57FB5C21 449FF1E5 9C79437D
1EC50203 010001A3 66306430 0F060355 1D130101 FF040530 030101FF 30110603
551D1104 0A300882 06526F75 74657230 1F060355 1D230418 30168014 FF14F866
9B779F70 FAFCC934 7FDC8C69 644E6833 301D0603 551D0E04 160414FF 14F8669B
779F70FA FCC9347F DC8C6964 4E683330 0D06092A 864886F7 0D010104 05000381
8100A025 CB0682A6 6F0DA0A2 005AA1F2 9DE5E0FF C71644FA F3E776E5 9DE5F4AA
F7146382 2DD6B95E 8A1DB4B8 15C3E1D3 C33BCE4A 44EC1CD8 C20D34D4 E498FEC4
1E64EEC5 15BA543B B9A0F151 459E1A3E F6870A10 D66CD752 FA2A8081 C073468A
BCACDB6B 92180E07 384989E9 B0AE217A 18F811CF 0148C589 EA90EE71 3CBC7BC3 C022
quit
!
!
username ******* privilege 15 secret 5 $1$5WK3$8QNlgL3BGeD8dqn7PZjWx1
archive
log config
hidekeys
!
!
!
!
!
!
interface FastEthernet0/0
description LAN$ES_LAN$
ip address 10.12.2.3 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
description Internet
ip address 67.63.148.66 255.255.255.252
duplex full
speed 10
!
interface Serial0/0/0
description WAN
no ip address
shutdown
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 67.63.148.65
!
!
ip http server
ip http authentication local
ip http secure-server
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
access-class 1 in
password *******
login
!
scheduler allocate 20000 1000
!
end |
|
|
|
aryobaPremium,MVM
join:2002-08-22
kudos:3 | said by Camelhsv :The only thing required for this connection is that the Duplex is Full and the Speed is set at 10.
I wonder why there is such requirement 
said by Camelhsv :I have no clue of why i can't connect to the internet
Glance through the router configuration, it is missing the NAT configuration. Check out this forum's FAQ for sample configuration.
said by Camelhsv :line vty 0 4
access-class 1 in
password *******
login
Should you plan to remotely manage the router through (let's say) telnet or ssh, you need to specify how the access-list 1 looks like. My guess was that there was an existing access-list 1 in place but then you removed it instead of replacing the source subnet into your network's subnet. |
|
| thank you for your quick reply. I dont care about NAT unless it is a requirement. That was a last jab to try and get this thing working. I just issue the command IP Routing and reboot, but nothing is working. 
The ISP says that they can only guarantee the connection. But hey i can't complain. I'm getting this connection for free once go live happens. |
|
cramer
join:2007-04-10
Raleigh, NC
kudos:7 | I dont care about NAT unless it is a requirement. |
|
| reply to Camelhsv
Two most common culprits around here why ppl can't access the internet and we review the configs, we
find a) missing / misconfigured NAT config or b) missing 'ip routing' command.
Also I'd remove your crypto key and public IP addresses from your post, just from a privacy perspective.
Regards |
|
| So I guess NAT is the culprit and I have added the NAT information. However when I view the IP NAT TRANSLATIONS it is blank, but it does save my information. When I view NAT in the SDM Express, it tells me that my WAN is not configured correctly, when I view the overview page it says i have no wan interface |
|
aryobaPremium,MVM
join:2002-08-22
kudos:3 | As I mentioned, check out this forum FAQ for NAT sample configuration with static IP address plan. Here are some of them.
»Cisco Forum FAQ »How can I configure broadband router with cable/dsl using static IP address
»Cisco Forum FAQ »Setting Up Network With ISP WAN and Public IP Block subnets running NAT
If it is not working, post the router configuration so people here can review it |
|
| Here is my latest config:
Building configuration...
Current configuration : 5392 bytes
!
! Last configuration change at 16:47:39 PCTime Fri Jul 13 2012 by admin
! NVRAM config last updated at 16:48:31 PCTime Fri Jul 13 2012 by admin
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname betarouter
!
boot-start-marker
boot-end-marker
!
! card type command needed for slot/vwic-slot 0/1
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200
logging console critical
enable secret 5
!
no aaa new-model
clock timezone PCTime -6
clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
dot11 syslog
no ip source-route
!
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool sdm-pool1
import all
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
!
!
no ip bootp server
ip domain name gldsolutions.com
ip name-server 10.12.2.5
ip name-server 10.12.2.7
ip name-server 209.142.x.x
ip name-server 209.142.x.x
multilink bundle-name authenticated
!
!
voice-card 0
no dspfarm
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
quit
!
!
username admin privilege 15 secret 5
archive
log config
hidekeys
!
!
!
!
!
!
interface FastEthernet0/0
description LAN$ES_LAN$
ip address 10.12.2.3 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
duplex auto
speed auto
no mop enabled
!
interface FastEthernet0/1
description WAN$ETH-WAN$
ip address 67.63.x.x 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
ip route-cache flow
duplex full
speed 10
no mop enabled
!
interface Serial0/0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
shutdown
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 67.63.x.x
!
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat pool NAT-pool 67.63.x.x 67.63.x.x prefix-length 30
ip nat inside source list 10 pool NAT-pool overload
!
logging trap debugging
access-list 10 remark Permitted Private LAN to go out to the Internet
access-list 10 permit 10.12.0.0 0.0.0.255
access-list 10 permit any
no cdp run
!
!
!
control-plane
!
!
!
!
!
!
!
!
banner exec |
|
cramer
join:2007-04-10
Raleigh, NC
kudos:7 | Your nat configuration is incorrect. You have a single address on F0/1, so you need an "interface nat" setup:
ip nat inside source list 10 interface FastEthernet0/1 overload
Also, access list 10 should use "10.12.2.0" for that netmask. The "any" next entry makes it work anyway. |
|
