Help a newbie? 1720 and WIC-4ESW... WAN DHCP issues?

Sorry in advance for being verbose... Hopefully it helps you answer the question, though.

I was given a Cisco 1720 with no WICs. It has a built in ethernet port, console port, and aux port (some type of serial interface?).

My buddy couldn't remember the password to it, so I had to figure out how to access it via console cable and reset the password.

Anyway, I bought a 4 port switch (WIC-4ESW) for this thing to go in one of the WIC slots.

Then I discovered that the IOS had to be upgraded. So I had to get another friend to download the new IOS (lovely... Cisco won't let you just download it, you have to have special access). Anyway, I managed to get the IOS upgraded.

I figure I'm doing pretty well, considering I have never done any of this stuff before. My buddy with the Cisco account says he only knows PIX stuff, not IOS stuff. So I'm basically learning this on my own (with the help of the internet, of course).

At this point, I'm just trying to get a config that is similar to a cheap router that I've already got: A single WAN port gets a public address via DHCP and uses NAT/PAT to a four port switch.

I'm not sure if it's mandatory, but I want to use the vlan functionality of the WIC. My ultimate goal will be to split the switch into different vlans, so I want/need to learn it this way. So basically, my idea is to: configure interface for WAN configure DHCP server configure vlan configure interface for switch ports (add to vlan) configure interface for vlan (give IP, nat inside)

I'm having some trouble, I believe, with the WAN interface configuration. When I don't configure the interface at all, it somehow grabs an IP via DHCP. But I don't think it grabs the gateway address (default route?). I doubt it is getting the DNS servers either, but I don't know how to tell for certain. It's not as big of a deal as not getting the gateway since I can enter the DNS manually.

I can plug in to the switch and a client PC is given an IP address--it looks like the vlan and the dhcp are working.

I also think the PAT/NAT is working. I was able to ping across the "wan" interface when I did not try to configure it at all (factory defaults, except for I told it to nat outside). I plugged the WAN interface into my current network, and my 3Com router passed an address to the 1720. I could ping the 3Com and even access it's web interface. I couldn't surf the web or even ping any outside ip address, though, and I believe it is because the 1720 wasn't getting a gateway.

Please answer this for me: how do I, when configuring from a terminal, see what IP the router has gotten from it's DHCP server? I'd also like to see the dns and gateway IPs. Basically, is there a Windows "ipconfig" equivalent for the 1720?

So here's the config I've come up with: ! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname gateway ! boot-start-marker boot-end-marker ! ! no aaa new-model ! resource policy ! memory-size iomem 25 ip subnet-zero ! ! no ip dhcp use vrf connected no ip dhcp conflict logging ip dhcp excluded-address 192.168.11.1 ! ip dhcp pool mydhcp network 192.168.11.0 255.255.255.0 default-router 192.168.11.1 domain-name mydhcp dns-server 68.87.64.196 68.87.66.196 ! ! ip cef ip domain lookup source-interface FastEthernet0 ! username WORD ! ! ! interface FastEthernet0 shutdown ip dhcp client client-id ascii WANDHCP no ip dhcp client request tftp-server-address no ip dhcp client request netbios-nameserver no ip dhcp client request vendor-specific no ip dhcp client request static-route ip address dhcp ip nat outside speed auto no shutdown ! interface FastEthernet1 switchport access vlan 11 ! interface FastEthernet2 switchport access vlan 11 ! interface FastEthernet3 switchport access vlan 11 ! interface FastEthernet4 switchport access vlan 11 ! interface Vlan1 no ip address ip broadcast-address 0.0.0.0 ! interface Vlan11 ip address 192.168.11.1 255.255.255.0 ip broadcast-address 192.168.11.0 ip nat inside ip virtual-reassembly ! ip classless ip route 0.0.0.0 0.0.0.0 FastEthernet0 no ip http server ! ip nat inside source list 1 interface FastEthernet0 overload ! access-list 1 permit 192.168.11.0 0.0.0.255 ! control-plane ! ! line con 0 line aux 0 line vty 0 4 login ! end

Reply to
PK
Loading thread data ...

Hi PK, I wasn't aware that the 1720 would take a WIC-4ESW so thanks for posting your config. and enlightening me. It is a 1720 you have, right? Not a 1721?

Two things:

  1. Your fastethernet0 interface is shut down and therefore disabled. you can bring it up by issuing the "no shutdown" command in interface config mode.
  2. The nearest thing to an "ipconfig" command on a Cisco router is probably "show ip interface brief". That command will tell you what IP address each interface has, and how it got it.

I hope this helps. Any chance of you posting the output of a "show version"

Cheers.

Keith.

Reply to
Keith Gamble

Thanks for the feedback.

On the bottom of the router there is a large sticker and printed on it is (among other things) "Model 1720". That said, as near I can tell, the only difference between many of the 1700 series routers is the WICs included. Also, I seem to recall my buddy saying it was a 1721 when he gave it to me. But it does say on the bottom "Model 1720"!

Of note, perhaps: "The MPC 860 microprocessor (revision B5 or later) is required for using the Cisco WIC-4ESW card." Mine has an MPC860T. The chip itself has "b5" on it.

Also, I had to upgrade the IOS before this router supported the WIC-4ESW. The documentation I found regarding this was confusing... It was hard to tell which was the best IOS to run. I was lucky, I think, that this router had the flash and dram upgrades to handle version c1700-y-mz.123-14.T4.bin and from there the switch was automatically recognized after I got that IOS installed.

I already have a "no shutdown" at the end of the list there ??? Also note:

gateway>show int fast 0 FastEthernet0 is up, line protocol is up Hardware is PQUICC_FEC, address is Internet address will be negotiated using DHCP

Is there any easy way to see if the default-route was received via the WAN DHCP client? Am I correct in equating this with the gateway address? Here's the results of the command you suggested... It just looks to me like the DHCP client isn't working right for some reason.

gateway>show ip int brief Interface IP-Address OK? Method Status Prot ocol FastEthernet0 unassigned YES DHCP up up

FastEthernet1 unassigned YES unset up down

FastEthernet2 unassigned YES unset up down

FastEthernet3 unassigned YES unset up down

FastEthernet4 unassigned YES unset up down

NVI0 unassigned YES unset up up

Vlan1 unassigned YES NVRAM up down

Vlan11 192.168.11.1 YES NVRAM up down

Cisco IOS Software, C1700 Software (C1700-Y-M), Version 12.3(14)T4, RELEASE SOFT WARE (fc2) Technical Support:

formatting link
(c) 1986-2005 by Cisco Systems, Inc. Compiled Thu 08-Sep-05 13:21 by kehsiao

ROM: System Bootstrap, Version 12.0(3)T, RELEASE SOFTWARE (fc1)

gateway uptime is 2 minutes System returned to ROM by reload System image file is "flash:c1700-y-mz.123-14.T4.bin"

Cisco 1720 (MPC860T) processor (revision 0x501) with 36864K/12288K bytes of memo ry. Processor board ID , with hardware revision 0000 MPC860T processor: part number 0, mask 32

1 Ethernet interface 5 FastEthernet interfaces 32K bytes of NVRAM. 16384K bytes of processor board System flash (Read/Write)
Reply to
PK

I just reset the config to factory defaults, and some I have this:

! interface FastEthernet0 ip address 192.168.2.101 255.255.255.0 ip nat outside ip virtual-reassembly speed auto !

The ip address there is assigned! Look at this:

Interface IP-Address OK? Method Status Prot ocol FastEthernet0 192.168.2.101 YES unset up up

Method unset? The 192.168.2.101 address came from another router's DHCP server.

I want it to grab the ip via dhcp, but I also want it to get the DNS server and gateway addresses.

Reply to
PK

I just reset the config to factory defaults, and somehow I have this:

! interface FastEthernet0 ip address 192.168.2.101 255.255.255.0 ip nat outside ip virtual-reassembly speed auto !

The ip address there *looks* like it was set manually, but it actually is handed out by the DHCP server on a cheap-o DLink router. Look at this:

Interface IP-Address OK? Method Status Prot ocol FastEthernet0 192.168.2.101 YES unset up up

Method unset?

I want it to grab the ip via dhcp, and somehow this is doing it, but I also want it to get the DNS server and gateway addresses.

Also, if I "wr mem" this, does it write that ip to the config permanently?

Reply to
PK

the problem you had with the IOS is because you have to BUY it...$$

you just bootlegged it...

Reply to
Steve Harris

Well, my problem wasn't with IOS but rather with the website... Nonetheless, if it is the case that IOS costs $$, I certainly wasn't aware of it. My buddy with the cisco account didn't have to pay anything for it... he just downloaded it. He also didn't have to pay anything for his access... He called their tech support once and was offered the account for free.

They do say something that indicates you must have bought the router direct, from an authorized reseller, or that you must be a CCIE.

After reading your message, though, I talked to a couple of others about it and they indicated that IOS updates are typically part of a maintenance agreement and that is why they restrict access.

It doesn't make sense, though, that I should buy a $425 WIC and not be allowed to use it until I pay even MORE money for what amounts to a firmware upgrade just to support that hardware.

Yet, now I feel bad because I don't like to "bootleg" as you say... I license my software!

Reply to
PK

I agree it does suck, since I think software updates should be free. But I see the other side, as sometimes the latest software also introduces "new functions" you didn't buy.

Reply to
Steve Harris

Well it turns out I don't think it's bootlegged. I asked my buddy that gave it to me about it, and it turns out he still has a support contract on this router.

He said he can call TAC, but I told him let's see if we can figure it out first. Anyway, I feel better about it now, though I still think, at least in this case, it's analagous to selling a video card and then charging extra for the device driver. My WIC wouldn't work, period, without an IOS upgrade.

Anyway, getting back on topic... What's wrong with my DHCP settings?!?

Reply to
PK

It became bootlegged when you "copied" it from his box to yours and Cisco didn't receive compensation.... imho

Reply to
Steve Harris

It became bootlegged when you "copied" it from his box to yours and Cisco

I would just ignore this "Steve Harris" character. If there's a valid Smartnet contract on the router's serial number, it doesn't matter who physically possesses the unit so long as the contract owner is available to manage/maintain the contract and open TAC cases. The IOS upgrade was a legit upgrade, but it is true that a Smartnet contract must be maintained to access a lot of the LD and special code releases. There are GD maintenance releases that can be downloaded without a contract.

If you're getting the "Internet address will be negotiated via DHCP" (or something similar) then the interface has not received a valid DHCP response from its requests. You will get a gateway from DHCP when the interface gets an IP, and that gateway will automatically show up as the gateway of last resort in the routing table.

Try turning on dhcp client debugging with "debug dhcp". If you're using telnet or ssh to access the CLI, you'll need to do the following to enable debug output in your session:

# conf t (config)#line vty 0 4 (config-line)#monitor (config-line)#exit (config)#logg mon debug (config)#end #

Make sure you turn off the debug with "no debug all" from the privileged prompt when you're done.

Reply to
DaneM

Wow... A HUGE load of information there... It basically floods the screen with the same information repeatedly:

*Mar 1 09:27:55.391: DHCP: SRequest placed lease len option: 604800 *Mar 1 09:27:55.391: DHCP: SRequest: 291 bytes *Mar 1 09:27:55.391: DHCP: SRequest: 291 bytes *Mar 1 09:27:55.391: B'cast on FastEthernet0 interface from 0.0.0.0 *Mar 1 09:27:55.395: DHCP: Received a BOOTREP pkt *Mar 1 09:27:55.399: DHCP: SDiscover attempt # 1 for entry: *Mar 1 09:27:55.399: DHCP: SDiscover: sending 273 byte length DHCP packet *Mar 1 09:27:55.399: DHCP: SDiscover 273 bytes *Mar 1 09:27:55.399: B'cast on FastEthernet0 interface from 0.0.0.0 *Mar 1 09:27:55.403: DHCP: Received a BOOTREP pkt *Mar 1 09:27:55.407: DHCP: offer received from 192.168.2.2 *Mar 1 09:27:55.407: DHCP: SRequest attempt # 1 for entry: *Mar 1 09:27:55.407: DHCP: SRequest- Server ID option: 192.168.2.2 *Mar 1 09:27:55.407: DHCP: SRequest- Requested IP addr option: 84.82.50.50

I have no idea what 84.82.50.50 is. 192.168.2.2 is the DHCP server.

Reply to
PK

lol, yeah, ignore me...

Try this:

formatting link

and see where your 84.82.50.50 is...

And while you're at it, you can translate for me what Dane said...

Reply to
Steve Harris

According to swhois.net, 84.82.50.50 showed up as some dsl in the Netherlands???

Translating what Dane said: since there is a support contract on the router, the IOS upgrade is legit; therefore do not to worry about anyone trying to keep the thread off topic from the DHCP issue at hand.

I have progress to report... I saw this thread:

formatting link
So I tried rebooting the router, and then the first thing I did was: en conf t no ip route 0.0.0.0 0.0.0.0 fast 0 end exit show ip int bri

and voila: gateway>show ip int bri Interface IP-Address OK? Method Status Protocol FastEthernet0 192.168.2.101 YES DHCP up up

FastEthernet1 unassigned YES unset up down

FastEthernet2 unassigned YES unset up down

FastEthernet3 unassigned YES unset up down

FastEthernet4 unassigned YES unset up down

NVI0 unassigned YES unset up up

Vlan1 unassigned YES NVRAM up down

Vlan11 192.168.11.1 YES NVRAM up down

But I still don't really understand....

Reply to
PK

I didn't know the router was under contract. You said you got it from a buddy and then you copied the IOS from another friend in your original post.

Good day.

formatting link

Reply to
Steve Harris

So after talking to some more folks, apparently the router will create the route statement dynamically.

I think my route statement basically just said to route everything, which to me seems logical and should work, but a friend tells me that the router kind of insists on getting the statement dynamically. I'm not sure if it's by design or a bug, but it's not made abundantly clear in any of the documentation I read.

Reply to
PK

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.