- Posts: 7
- Thank you received: 0
Cisco Router Connection
21 years 1 month ago #1173
by kennd
Cisco Router Connection was created by kennd
Can anyone help with my problem regarding the connection of a Cisco 2600 router to the internet via a Cable
Surfboard(SB3100)Modem. The router has 2 x Ether ports(10mps)
It is running Nat Overload. The setup is,9 Pcs are connected via a
Cisco 2900xl Catalyst 10/100 switch (not in a Vlan)to the E1/0 port
on the router. The Cable modem is connected to the E0/0.
The Cable Cos DHCP Server has assigned an address and name to the E0/0 port of the router. I can ping from the terminal to all interfaces and I can ping from the command line to all interfaces.
Show Nat detail shows that the translation is working from inside to outside address but none of the hosts can gain access to the internet. DNS is disabled on my lan. I have the Cable companies DNS servers listed in the NIC setup. and the default gateway is the
E1/0 port of the router. I also have a default route to the E0/0
and a gateway to it as well.
Has anyone encountered this problem
Surfboard(SB3100)Modem. The router has 2 x Ether ports(10mps)
It is running Nat Overload. The setup is,9 Pcs are connected via a
Cisco 2900xl Catalyst 10/100 switch (not in a Vlan)to the E1/0 port
on the router. The Cable modem is connected to the E0/0.
The Cable Cos DHCP Server has assigned an address and name to the E0/0 port of the router. I can ping from the terminal to all interfaces and I can ping from the command line to all interfaces.
Show Nat detail shows that the translation is working from inside to outside address but none of the hosts can gain access to the internet. DNS is disabled on my lan. I have the Cable companies DNS servers listed in the NIC setup. and the default gateway is the
E1/0 port of the router. I also have a default route to the E0/0
and a gateway to it as well.
Has anyone encountered this problem
21 years 1 month ago #1175
by Chris
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
Replied by Chris on topic Re: Cisco Router Connection
kennd,
Can you please provide us with the "Show Run" output of your router?
This will save time and help nail the problem much faster.
Cheers,
Can you please provide us with the "Show Run" output of your router?
This will save time and help nail the problem much faster.
Cheers,
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
21 years 1 month ago #1176
by kennd
Replied by kennd on topic Re: Cisco Router Connection
Thanks Chris, I will post the output on Monday as I have no connection at home because of the router problem. here is the config.!
int e0/0
ip address dhcp
ip nat outside
no ip route-cache
full-duplex
exit
!
!
config t
int e1/0
ip address 192.168.0.50 255.255.255.0
ip nat inside
no shutdown
no ip route-cache
no ip mroute-cache
half-duplex
exit
!
!
config t
ip nat inside source list 101 interface ethernet 0/0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 ethernet 0/0
ip http server
!
access-list 101 permit 192.168.0.0 0.0.255.255
int e0/0
ip address dhcp
ip nat outside
no ip route-cache
full-duplex
exit
!
!
config t
int e1/0
ip address 192.168.0.50 255.255.255.0
ip nat inside
no shutdown
no ip route-cache
no ip mroute-cache
half-duplex
exit
!
!
config t
ip nat inside source list 101 interface ethernet 0/0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 ethernet 0/0
ip http server
!
access-list 101 permit 192.168.0.0 0.0.255.255
21 years 1 month ago #1185
by sahirh
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Replied by sahirh on topic Re: Cisco Router Connection
Looks fine to me... have you ensured your hosts are able to ping the router interface? It might just be a problem at the switch level.. You said you can ping from the router to the outside world right?
Try isolating if its the DNS as well.. try connecting to an IP?
Good Luck,
Try isolating if its the DNS as well.. try connecting to an IP?
Good Luck,
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
21 years 1 month ago #1188
by kennd
Replied by kennd on topic Re: Cisco Router Connection
Here is start config along with the output from sh ip nat translations
All hosts can ping the router at the inside and outside interfaces
from the command line and the terminal prompt
Internal DNS is disabled
sh run
Building configuration...
Current configuration : 829 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname "cpc3-belc2-3-0-cust147"
!
!
memory-size iomem 10
ip subnet-zero
!
!
!
ip audit notify log
ip audit po max-events 100
!
!
!
interface Ethernet0/0
ip address dhcp
ip nat outside
no ip route-cache
no ip mroute-cache
full-duplex
!
interface Serial0/0
no ip address
shutdown
!
interface Serial0/1
no ip address
shutdown
!
interface Serial0/2
no ip address
shutdown
!
interface Ethernet1/0
ip address 192.168.0.50 255.255.255.0
ip nat inside
no ip route-cache
no ip mroute-cache
fuk-duplex
ip nat inside source list 101 interface Ethernet0/0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Ethernet0/0
ip http server
!
access-list 101 permit ip any any
!
line con 0
line aux 0
line vty 0 4
!
end
cpc3-belc2-3-0-cust147# sh ip nat translation
Pro Inside global Inside local Outside local Outside global
udp 82.0.178.147:1037 192.168.0.1:1037 193.0.14.129:53 193.0.14.129:53
udp 82.0.178.147:1037 192.168.0.1:1037 192.58.128.30:53 192.58.128.30:53
icmp 82.0.178.147:512 82.0.178.147:512 82.1.66.47:512 82.1.66.47:512
udp 82.0.178.147:1037 192.168.0.1:1037 192.36.148.17:53 192.36.148.17:53
tcp 82.0.178.147:135 82.0.178.147:135 81.226.72.117:3653 81.226.72.117:3653
udp 82.0.178.147:1037 192.168.0.1:1037 198.32.64.12:53 198.32.64.12:53
All hosts can ping the router at the inside and outside interfaces
from the command line and the terminal prompt
Internal DNS is disabled
sh run
Building configuration...
Current configuration : 829 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname "cpc3-belc2-3-0-cust147"
!
!
memory-size iomem 10
ip subnet-zero
!
!
!
ip audit notify log
ip audit po max-events 100
!
!
!
interface Ethernet0/0
ip address dhcp
ip nat outside
no ip route-cache
no ip mroute-cache
full-duplex
!
interface Serial0/0
no ip address
shutdown
!
interface Serial0/1
no ip address
shutdown
!
interface Serial0/2
no ip address
shutdown
!
interface Ethernet1/0
ip address 192.168.0.50 255.255.255.0
ip nat inside
no ip route-cache
no ip mroute-cache
fuk-duplex
ip nat inside source list 101 interface Ethernet0/0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Ethernet0/0
ip http server
!
access-list 101 permit ip any any
!
line con 0
line aux 0
line vty 0 4
!
end
cpc3-belc2-3-0-cust147# sh ip nat translation
Pro Inside global Inside local Outside local Outside global
udp 82.0.178.147:1037 192.168.0.1:1037 193.0.14.129:53 193.0.14.129:53
udp 82.0.178.147:1037 192.168.0.1:1037 192.58.128.30:53 192.58.128.30:53
icmp 82.0.178.147:512 82.0.178.147:512 82.1.66.47:512 82.1.66.47:512
udp 82.0.178.147:1037 192.168.0.1:1037 192.36.148.17:53 192.36.148.17:53
tcp 82.0.178.147:135 82.0.178.147:135 81.226.72.117:3653 81.226.72.117:3653
udp 82.0.178.147:1037 192.168.0.1:1037 198.32.64.12:53 198.32.64.12:53
21 years 1 month ago #1195
by Chris
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
Replied by Chris on topic Re: Cisco Router Connection
Kennd,
I was carefully reading your configuration and couldn't find any problems with the IP Nat configuration.
However, I have noticed a few odd entries which I'd like you to explain as I'm left scrachting my head.
1) Interface Ethernet 0/0
Command: ip address dhcp
I am running Cisco IOS 12.1 (one version earlier than yours) and this command does not exist. The correct command is " ip address negotiable". To your knowledge, is this a new command introduced with 12.2 ?
2) Interface Ethernet 1/0
Command: fuk-duplex
This is an incorrect command. Assuming you did a cut-paste job from the console output to your thread, where on earth did this come from ?
Now, I'll need you to provide us with the following information:
1) From the router's console, can you ping the cable modem ?
2) From the router's console, can you ping any host on the internet?
3) Can any host internally ping the router's "public" interface (eth0/0)
4) Can any host internally ping the cable modem's IP address ?
I'll be waiting for your reply.
Cheers mate,
I was carefully reading your configuration and couldn't find any problems with the IP Nat configuration.
However, I have noticed a few odd entries which I'd like you to explain as I'm left scrachting my head.
1) Interface Ethernet 0/0
Command: ip address dhcp
I am running Cisco IOS 12.1 (one version earlier than yours) and this command does not exist. The correct command is " ip address negotiable". To your knowledge, is this a new command introduced with 12.2 ?
2) Interface Ethernet 1/0
Command: fuk-duplex
This is an incorrect command. Assuming you did a cut-paste job from the console output to your thread, where on earth did this come from ?
Now, I'll need you to provide us with the following information:
1) From the router's console, can you ping the cable modem ?
2) From the router's console, can you ping any host on the internet?
3) Can any host internally ping the router's "public" interface (eth0/0)
4) Can any host internally ping the cable modem's IP address ?
I'll be waiting for your reply.
Cheers mate,
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
Time to create page: 0.134 seconds