another 871 Router Question [actually second guessing myself

Ok, I went over my configs again yesterday and thought I had everything all lined up perfectly and that the router was ready to go in.

I took it over to the location and it wouldn't work again. I called Time Warner Cable (Roadrunner) to verify what I was seeing. I have everything hardcoded for our External/WAN port that they gave me.

I even set it to DHCP and got unexpected results, they hand out a 192.168.1.x number. I expected to get my external info. They can turn this feature off and do as I expected, but thats another story.

My current dilema, since I am not sitting in front of the equipment right now is whether I am treating our Watchguard and the new Cisco in the same way when apparently they are different.

I have the WAN port naturally going to the Cable Modem. This appears to work fine [ports light up!]

I then have a max of 3 cables that are plugged into the switch ports on the router. I have included below the code for the interfaces below.

[code:1]
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
description $ETH-WAN$
ip address 74.X.Y.178 255.255.255.252
ip virtual-reassembly
duplex auto
speed auto
crypto map SDM_CMAP_1
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 192.168.216.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 FastEthernet4 permanent
[/code:1]

I have a cable that runs to the switch in the basement of the building that connects all the PCs. I have one that goes to a security/web camera that is in the front office near this equipment. I also then have a 3rd one that is for an IP phone/Fax machine.

I am now all of the sudden wondering if by plugging these in there am I screwing with the network.

Reason I ask is when I get everything cabled and powered up (modem first, then router, phone) I can't seem to talk to anything outside of the internal network. I can't ping the Time Warner DNS servers so nothing resolves.

I haven't even enabled the Firewall options yet to block anything so getting out should be allowed.

Am I just running around in Circles or do you think I am on to something.....

TIA.

When i look at your config im missing the NAT configuration on the WAN interface. Also make sure your cable modem is transparant. (cable modems usually are but better be safe then sorry).

int fa4
ip nat ouside

That should fix the problem. (if you have the other NAT configuration)
If you dont use this:

access-list 110 permit ip 192.168.216.0 0.0.0.255 any
ip nat inside source list 110 interface fa4 overload

Hope this helps you out a bit

Well, the copy of the config that I took that code from was actually one or two versions before (same day). I did have that command in there.

I am actually sitting in the remote office right now, Great way to spend my saturday morning! I figured out my problem.....

My default route going back out for all traffic was set to the External interface of the router, as soon as I changed it to the actual Gateway IP that Time Warner Cable gave me, it works great!

That will teach me to not pay really close attention, I saw it as, yeah its going to the remote gateway, its out that interface, but well yeah.....

Thanks again for all the help so far! I am sure I will be back. I still have some work to do on AAA and hopefully using my AD accounts for VPN users, syslog logging, etc......

Yes, even I had the same kind of issue. My Cisco 871 rouer WAN interface was directly connected to cable modem and the switch ports are connected to workstaions. I also configured the default route as you did using the interface. and I couldn't access the router over WAN. I changed the routing entry point to next hop IP which is my ISP provided and started to work.