1. Home
  2. Cisco Systems
  3. Help w/ routing on Cisco 1841...

Help w/ routing on Cisco 1841...

Hi all.. It's been a LONG time since I've worked w/ IOS software (>10 years) and I'm a bit rusty with my knowledge, etc.. Anyway, I've got a 1841 router using 12.4 IOS software and am trying to get a connection going w/ my ISP over a cable modem connection (at home).. So far I've got the router successfully making a DHCP request to the cable system and getting a lease from it -- I can ping outside hosts w/o problems. However, I've got the NAT stuff enabled and want to configure the router to also work as a DHCP server and lease connections for machines on my home local-net using the 10.0.1.x series of IP's. For whatever reason, I can't seem to get the two ethernet ports (FastEthernet0/0 goes to the cable modem and FastEthernet0/1 is the local-net) to route traffic back and forth.. Below is my configuration and some dumps of various things that I thought might be of interest. I'm hoping someone can shed some light on what my routing entries ought to look like as it's currently got some odd routes (IMHO) which is probably why it doesn't currently work.. Anyway, if anyone can help, I'd be very grateful!

1841_router#show running Building configuration...

Current configuration : 1267 bytes ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname 1841_router ! boot-start-marker boot-end-marker ! no aaa new-model ip cef ! ! no ip dhcp use vrf connected no ip dhcp conflict logging ip dhcp excluded-address 10.0.1.1 ! ip dhcp pool Main network 10.0.0.0 255.255.254.0 domain-name foo.com class CLASS1 address range 10.0.1.1 10.0.1.100 ! ! ip dhcp class CLASS1 ! ip domain name foo.com ! ! ! ! ! ! ! ! ! interface FastEthernet0/0 description Outside Interface to Cable Modem ip address dhcp ip nat outside ip virtual-reassembly no ip route-cache cef no ip route-cache no ip mroute-cache speed auto full-duplex no cdp enable no mop enabled ! interface FastEthernet0/1 ip address 10.0.1.1 255.255.254.0 ip nat inside ip virtual-reassembly speed auto half-duplex no mop enabled ! router rip network 10.0.0.0 ! ip route 10.0.1.0 255.255.255.0 FastEthernet0/0 dhcp ! ! ip http server no ip http secure-server ! dialer-list 1 protocol ip permit ! ! ! ! control-plane ! ! ! line con 0 line aux 0 line vty 0 4 password foobar login ! scheduler allocate 20000 1000 end

========================================

1841_router#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route

Gateway of last resort is 24.24.212.1 to network 0.0.0.0

66.0.0.0/32 is subnetted, 1 subnets S 66.75.176.21 [254/0] via 24.24.212.1, FastEthernet0/0 24.0.0.0/22 is subnetted, 1 subnets C 24.24.212.0 is directly connected, FastEthernet0/0 10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 10.0.0.0/23 is directly connected, FastEthernet0/1 S 10.0.1.0/24 [1/0] via 24.24.212.1, FastEthernet0/0 S* 0.0.0.0/0 [254/0] via 24.24.212.1 1841_router#

1841_router#show interfaces FastEthernet0/0 is up, line protocol is up Hardware is Gt96k FE, address is 0018.b90e.3da4 (bia 0018.b90e.3da4) Description: Outside Interface to Cable Modem Internet address is 24.24.212.15/22 MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full-duplex, 100Mb/s, 100BaseTX/FX ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:00, output 00:00:03, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 2000 bits/sec, 4 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 13494 packets input, 811605 bytes Received 13468 broadcasts, 0 runts, 0 giants, 0 throttles 1 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog 0 input packets with dribble condition detected 855 packets output, 59877 bytes, 0 underruns 0 output errors, 0 collisions, 4 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out FastEthernet0/1 is up, line protocol is up Hardware is Gt96k FE, address is 0018.b90e.3da5 (bia 0018.b90e.3da5) Internet address is 10.0.1.1/23 MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Half-duplex, 100Mb/s, 100BaseTX/FX ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:04, output 00:00:06, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 942 packets input, 66339 bytes Received 326 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog 0 input packets with dribble condition detected 285 packets output, 30896 bytes, 0 underruns 0 output errors, 0 collisions, 4 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out NVI0 is up, line protocol is up Hardware is NVI Interface is unnumbered. Using address of NVI0 (0.0.0.0) MTU 1514 bytes, BW 10000000 Kbit, DLY 0 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation UNKNOWN, loopback not set Last input never, output never, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 packets output, 0 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 output buffer failures, 0 output buffers swapped out

Reply to
Rick F.
Loading thread data ...

Your close! You just need to setup your nat acl and overload the outside interface. You got this far, kudo's to you!

Reply to
Brian V

Thanks.. Most of it came from poking around and trying to remember stuff from a LONG time ago.. I think I found the nat ACL stuff in my 12.4 docs but am not completely following you with your other comment about overloading the outside interface.. Can you elaborate a bit more on that so I can go looking a bit more in that direction? Thx!

Reply to
Rick F.

Hi,

Create a standard ACL and NAT to the outside Fa0/0 interface. e.g

access-list 10 permit 10.0.1.0 0.0.0.255 (a named access-list is also fine)

Then tie this ACL to the outside interface and use overload as follows:

ip nat inside source-list 10 interface fa0/0 overload

Kind regards

Darren

Reply to
Darren Green

On 2007-12-31, Darren Green wrote:

Thanks much Darren!

I'm almost there I believe.. I've got the config shown further below and things generally look good (or better).. I've got a few glitches that I believe are messing things up at this point -- primarily (I believe) w/ the DHCP server not setting the gateway address or DNS server address for clients that get the address info, so nothing really works.. I tried hard-coding the values that I thought should be there on a windows machine I plugged into the "FastEthernet0/1" interface (via a switch) and was not able to ping 10.0.1.1 for whatever reason even though the ACL was allowing it (per debug messages on the console).. Seems odd.. Anyway, if you notice anything odd, can you let me know? I'll fiddle some more with the DHCP server settings on the 1841 and see if I can get it to fill-in the DNS and gateway values -- something I'm not really familiar with (not NAT for that matter using IOS).. Thanks very much and Happy New Year!

-- Rick

1841_router#show running Building configuration...

Current configuration : 1535 bytes ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname 1841_router ! boot-start-marker boot-end-marker ! ! no aaa new-model ip cef ! ! ip dhcp smart-relay no ip dhcp use vrf connected no ip dhcp conflict logging ip dhcp excluded-address 10.0.1.1 ! ip dhcp pool Main network 10.0.0.0 255.255.254.0 domain-name foo.com class CLASS1 address range 10.0.1.1 10.0.1.100 ! ! ip dhcp class CLASS1 ! ip dhcp update dns both ip domain name foo.com ! ! ! ! ! ! ! ! ! interface FastEthernet0/0 description Outside Interface to Cable Modem ip address dhcp ip nat outside ip virtual-reassembly no ip route-cache cef no ip route-cache no ip mroute-cache speed auto full-duplex no cdp enable no mop enabled ! interface FastEthernet0/1 ip address 10.0.1.1 255.255.254.0 ip access-group 106 in ip nat inside ip virtual-reassembly speed auto half-duplex no mop enabled ! ip route 10.0.1.0 255.255.255.0 FastEthernet0/0 dhcp ! ! no ip http server no ip http secure-server ip nat inside source list 10 interface FastEthernet0/0 overload ! access-list 10 permit 10.0.1.0 0.0.0.255 access-list 106 permit icmp any any log access-list 106 permit tcp any any log access-list 106 permit udp any any log access-list 106 permit ip any any log ! ! ! ! control-plane ! ! ! line con 0 line aux 0 line vty 0 4 password foobar login ! scheduler allocate 20000 1000 end

=============================================

1841_router#show interfaces FastEthernet0/0 is up, line protocol is up Hardware is Gt96k FE, address is 0018.b90e.3da4 (bia 0018.b90e.3da4) Description: Outside Interface to Cable Modem Internet address is 24.24.239.155/21 MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full-duplex, 100Mb/s, 100BaseTX/FX ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:00, output 00:00:02, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 2000 bits/sec, 4 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 8487 packets input, 510395 bytes Received 8478 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog 0 input packets with dribble condition detected 322 packets output, 24443 bytes, 0 underruns 0 output errors, 0 collisions, 4 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out FastEthernet0/1 is up, line protocol is up Hardware is Gt96k FE, address is 0018.b90e.3da5 (bia 0018.b90e.3da5) Internet address is 10.0.1.1/23 MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Half-duplex, 100Mb/s, 100BaseTX/FX ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:01, output 00:00:03, output hang never Last clearing of "show interface" counters never ================================================================== *Jan 1 08:28:25.467: %SEC-6-IPACCESSLOGP: list 106 permitted udp 10.0.1.2(0) -> 10.0.1.8(0), 25 packets *Jan 1 08:28:25.467: %SEC-6-IPACCESSLOGP: list 106 permitted tcp 10.0.1.2(0) -> 10.0.1.8(0), 27 packets *Jan 1 08:29:25.467: %SEC-6-IPACCESSLOGP: list 106 permitted udp 10.0.1.2(0) -> 10.0.1.255(0), 2 packets *Jan 1 08:30:25.467: %SEC-6-IPACCESSLOGDP: list 106 permitted icmp 10.0.1.2 -> 10.0.1.1 (0/0), 1 packet *Jan 1 08:30:25.467: %SEC-6-IPACCESSLOGP: list 106 permitted udp 10.0.1.2(0) -> 10.0.1.1(0), 7 packets
Reply to
Rick F.

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.