1. Home
  2. Cisco Systems
  3. Cisco 877 Internet problems

Cisco 877 Internet problems

Hi Guys,

This has me dazed, i have an 877 with the below config i can nslookup

formatting link
but can't ping it from my PC!

Although i can ping it from the router, i can't open any web pages either?

Can any body help me please?

nslookup

formatting link

*** Can't find server name for address 10.10.10.1: Non-existent domain *** Default servers are not available Server: UnKnown Address: 10.10.10.1

Non-authoritative answer: Name:

formatting link
Addresses: 66.249.93.104, 66.249.93.99, 66.249.93.147 Aliases:
formatting link
formatting link

Pinging 66.249.93.104 with 32 bytes of data:

Request timed out. Request timed out. Request timed out. Request timed out.

Ping statistics for 66.249.93.104: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

FROM THE ROUTER:

adsltest#ping 66.249.93.104

Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 66.249.93.104, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 48/49/52 ms adsltest#

Current configuration : 2251 bytes ! version 12.4 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname adsltest ! boot-start-marker boot-end-marker ! logging buffered 51200 warnings ! no aaa new-model ! resource policy ! clock timezone PCTime 0 clock summer-time PCTime date Mar 30 2003 1:00 Oct 26 2003 2:00 no ip source-route no ip dhcp use vrf connected ip dhcp excluded-address 10.10.10.1 ! ip dhcp pool DHCP import all network 10.10.10.0 255.255.255.0 default-router 10.10.10.1 dns-server 10.10.10.1 domain-name ************ ! ! ip cef no ip bootp server ip name-server 10.10.10.1 ! ! ! ! ! ! ! ! interface ATM0 no ip address no ip redirects no ip unreachables no ip proxy-arp no atm ilmi-keepalive dsl operating-mode auto ! interface ATM0.1 point-to-point description $FW_OUTSIDE$$ES_WAN$ no snmp trap link-status pvc 0/38 pppoe-client dial-pool-number 1 ! ! interface FastEthernet0 ! interface FastEthernet1 ! interface FastEthernet2 ! interface FastEthernet3 ! interface Dot11Radio0 no ip address shutdown speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0

36.0 48.0 54.0 station-role root ! interface Vlan1 ip address 10.10.10.1 255.255.255.0 no ip unreachables ip tcp adjust-mss 1412 ! interface Dialer1 ip address negotiated ip access-group 111 in no ip unreachables no ip proxy-arp ip mtu 1452 ip nat outside ip virtual-reassembly encapsulation ppp dialer pool 1 dialer-group 1 no cdp enable ppp authentication chap pap callin ppp chap hostname ****************** ppp chap password 0 ********** ppp pap sent-username ***************** password 0 *********** ppp ipcp dns request ppp ipcp wins request hold-queue 224 in ! ip route 0.0.0.0 0.0.0.0 Dialer1 ! ip http server no ip http secure-server ip http client source-interface Vlan1 ip dns server ! dialer-list 1 protocol ip permit no cdp run ! control-plane ! banner login ^CCCAuthorized access only! Disconnect IMMEDIATELY if you are not an authorized user!^C ! line con 0 password cisco login no modem enable line aux 0 line vty 0 4 privilege level 15 password cisco login local transport input telnet ssh ! scheduler max-task-time 5000 end
Reply to
Ry
Loading thread data ...

nslookupwww.google.co.ukbut can't ping it from my PC!

You need to finish off configurint NAT.

router#conf t ip access-list extended ACL.nat permit ip any any

route-map RM.nat permit 10 match ip address ACL.nat

ip nat inside source route-map RM.nat interface Dialer0 overload

int vl 1 ip nat inside

Reply to
Bod43

nslookupwww.google.co.ukbutcan't ping it from my PC!

Thank for the HELP!! I have added the config although,

Then i get this ERROR: %NAT: Error activating CNBAR on the interface Vlan1 %NAT: Error activating CNBAR on the interface Dialer1

Can you help

Reply to
Ry

nslookupwww.google.co.ukbutcan'tping it from my PC!

ANYBODY HELP ME ON THIS?

Would i have to do the same config on an 1841?

Reply to
Ry

nslookupwww.google.co.ukbutcan'tping it from my PC!

I don't think they gave you good advice in the first place with the route-map trying to do NAT.

You still *do* need to configure NAT correctly.

The docs are pretty good at describing it though?

formatting link

You'll find that the 1841 is probably going to give you the same error as on the 877. I don't know what the overloaded route-map NAT is going to do, I've never seen it done that way before. Maybe that works on some platforms.

Follow the documentation way and you should be good?

Reply to
Doug McIntyre

nslookupwww.google.co.ukbutcan'tping it from my PC!

I'd use Cisco SDM (or SDM express) to get a basic working configuration on the 877.

or use

formatting link
837 configs generated by the above should work on an 877, I've used that wizard to create diffs which I've applied to an 877. You'd have to edit in the ISP details and the 802.11 part of the config (your earlier config looks like one for an 877W not an ordinary 877). At the very least, studying the config generated by this site should show you how NAT is typically set up on an 800 series router.

Reply to
Ian Wilson

nslookupwww.google.co.ukbutcan'tpingit from my PC!

Route map nat documented here.

formatting link
We use the route-map format for all nat. Just got into the habit since Cisco recommended it somewhere.

I do realise that we dont actually need it but we do need ACLs. I would have preferred to have given an example with ACL only however I did not have one to hand and I did not trust myself to get the syntax correct.

The cisco examples always seem to call the route-map "nonat" so you can easily search further.

Reply to
Bod43

Don't do that, it only leads to tears before bedtime. The NAT ACL is there to match the source addresses you want to NAT, so you ought to write it so it does just that.

There is an IOS bug that causes that error. Don't know the details. Maybe Cisco can give you a fix.

Reply to
Martin Gallagher

In the context of the original this is fine. Simple home router with internet access.

I could of course have spent more time tailoring the command set to the minimum necessary to achieve the result however I thought it posible useful to the OP to leave the NAT ACL in but just put "any any" for the content.

Well! How would the OP do that?

I don't mind any comments made however it is a little dissapointing that what seems to me like a workable config fragment that _will_ and _does_ work has been dismissed as invalid with no consructive suggestion made in it's place. Sure, the I's and T's could be dotted and crossed differently but if that is your point then make it clear so that the original poster gets less confused.

Reply to
Bod43

No I didn't. I quoted someone else who wrote that. You snipped the wrong attribution and replied to the wrong message in the thread :-)

Reply to
Ian Wilson

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.