- Posts: 6
- Thank you received: 0
Cisco 871 DHCP Configuration with - Cable modem
16 years 1 month ago #27895
by mapena
Regards,
Miguel
Cisco 871 DHCP Configuration with - Cable modem was created by mapena
I just try to setup this router to works as DHCP with one vlan and one of the interfaces connected to the vlan, I am able to get IP on the laptop and can ping the gateway however I am unable to browse or ping outside the router.
From the router I can ping any ip address.
Here is my config
Cisco 870 - DSL connection
Master#sh run
Building configuration...
Current configuration : 1440 bytes
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname Master
boot-start-marker
boot-end-marker
enable secret 5 $1$abIG$nQObBt8phHvc/GE4tzTBD/
no aaa new-model
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.1
ip dhcp pool vlan10
import all
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
domain-name cisco
dns-server XX.31.64.39 XX.31.112.39
lease 4
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
multilink bundle-name authenticated
username xxxxxxx privilege 15 secret 5 xxxxxxxxxx
archive
log config
hidekeys
interface FastEthernet0
switchport access vlan 10
interface FastEthernet1
interface FastEthernet2
interface FastEthernet3
interface FastEthernet4
description External_Connection
mac-address 000f.cba7.952b
ip address dhcp
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
interface Vlan1
no ip address
interface Vlan10
description Internal
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 XX.XX.XX.XX (ISP gateway)
ip domain name cisco
ip name-server XX.31.64.39
no ip http server
no ip http secure-server
control-plane
line con 0
no modem enable
line aux 0
line vty 0 4
password xxxxxx
login
scheduler max-task-time 5000
end
Thanks
From the router I can ping any ip address.
Here is my config
Cisco 870 - DSL connection
Master#sh run
Building configuration...
Current configuration : 1440 bytes
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname Master
boot-start-marker
boot-end-marker
enable secret 5 $1$abIG$nQObBt8phHvc/GE4tzTBD/
no aaa new-model
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.1
ip dhcp pool vlan10
import all
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
domain-name cisco
dns-server XX.31.64.39 XX.31.112.39
lease 4
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
multilink bundle-name authenticated
username xxxxxxx privilege 15 secret 5 xxxxxxxxxx
archive
log config
hidekeys
interface FastEthernet0
switchport access vlan 10
interface FastEthernet1
interface FastEthernet2
interface FastEthernet3
interface FastEthernet4
description External_Connection
mac-address 000f.cba7.952b
ip address dhcp
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
interface Vlan1
no ip address
interface Vlan10
description Internal
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 XX.XX.XX.XX (ISP gateway)
ip domain name cisco
ip name-server XX.31.64.39
no ip http server
no ip http secure-server
control-plane
line con 0
no modem enable
line aux 0
line vty 0 4
password xxxxxx
login
scheduler max-task-time 5000
end
Thanks
Regards,
Miguel
16 years 1 month ago #27898
by Chris
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
Replied by Chris on topic Re: Cisco 871 DHCP Configuration with - Cable modem
mapena,
You have correctly identified the nat inside and outside interfaces, but you are missing the ip nat command that controls which internal IP address is nat'ed:
Enter the following commands in your configuration and give it another try:
- ip nat inside source list 100 interface fastethernet4 overload
- access-list 100 permit ip 192.168.1.0 0.0.0.255 any
The above assumes that your Fastethernet 4 interface receives a valid public ip address.
Assuming your default route is valid, you should be able to get your internal clients out.
In case your gateway also perfoms the nat service for you, then simply remove all nat statements from your configuration and you'll get the same result.
Let us know of your results.
Cheers,
You have correctly identified the nat inside and outside interfaces, but you are missing the ip nat command that controls which internal IP address is nat'ed:
Enter the following commands in your configuration and give it another try:
- ip nat inside source list 100 interface fastethernet4 overload
- access-list 100 permit ip 192.168.1.0 0.0.0.255 any
The above assumes that your Fastethernet 4 interface receives a valid public ip address.
Assuming your default route is valid, you should be able to get your internal clients out.
In case your gateway also perfoms the nat service for you, then simply remove all nat statements from your configuration and you'll get the same result.
Let us know of your results.
Cheers,
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
Time to create page: 0.118 seconds