vlan1 problem on cisco 1812

Without the config it is always difficult to help, please post.

My first thought was to check the IP's and default gateway addresses are set correctly & access-lists. Then the NAT - I assume that you have NAT enabled to allow you to connect to the Interntet. Are you trying to NAT eveything from the inside to the outside by mistake.

Again I am guessing because there is no cofig to go off.

Regards

Darren

Darren Thanks for the reply My config file is below, I removed my external ip address.

!This is the running config of the router: X.X.X.X !---------------------------------------------------------------------------- !version 12.4 no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone service password-encryption service sequence-numbers ! hostname Router ! boot-start-marker boot-end-marker ! security authentication failure rate 3 log security passwords min-length 6 logging buffered 51200 debugging logging console critical enable secret 5 $1$tCQB$SKZgnRnE2FLb.FUDNjz5Y/ enable password 7 071D2E595A0C0B57 ! aaa new-model ! ! aaa authentication login local_authen local aaa authorization exec local_author local ! aaa session-id common ! resource policy ! no ip source-route ! ! ip cef no ip dhcp use vrf connected ip dhcp excluded-address 10.10.10.1 ! ip dhcp pool sdm-pool1 import all network 10.10.10.0 255.255.255.0 dns-server X.X.X.3 X.X.X.8 default-router 10.10.10.1 ! ! ip tcp synwait-time 10 no ip bootp server ip domain name cinario.com ip name-server X.X.X.3 ip name-server X.X.X.8 ip ssh time-out 60 ip ssh authentication-retries 2 ip inspect log drop-pkt ip inspect name SDM_HIGH appfw SDM_HIGH ip inspect name SDM_HIGH icmp ip inspect name SDM_HIGH dns ip inspect name SDM_HIGH esmtp ip inspect name SDM_HIGH https ip inspect name SDM_HIGH imap reset ip inspect name SDM_HIGH pop3 reset ip inspect name SDM_HIGH tcp ip inspect name SDM_HIGH udp ! appfw policy-name SDM_HIGH application im aol service default action reset alarm service text-chat action reset alarm server deny name login.oscar.aol.com server deny name toc.oscar.aol.com server deny name oam-d09a.blue.aol.com audit-trail on application im msn service default action reset alarm service text-chat action reset alarm server deny name messenger.hotmail.com server deny name gateway.messenger.hotmail.com server deny name webmessenger.msn.com audit-trail on application http strict-http action reset alarm port-misuse im action reset alarm port-misuse p2p action reset alarm port-misuse tunneling action reset alarm application im yahoo service default action reset alarm service text-chat action reset alarm server deny name scs.msg.yahoo.com server deny name scsa.msg.yahoo.com server deny name scsb.msg.yahoo.com server deny name scsc.msg.yahoo.com server deny name scsd.msg.yahoo.com server deny name cs16.msg.dcn.yahoo.com server deny name cs19.msg.dcn.yahoo.com server deny name cs42.msg.dcn.yahoo.com server deny name cs53.msg.dcn.yahoo.com server deny name cs54.msg.dcn.yahoo.com server deny name ads1.vip.scd.yahoo.com server deny name radio1.launch.vip.dal.yahoo.com server deny name in1.msg.vip.re2.yahoo.com server deny name data1.my.vip.sc5.yahoo.com server deny name address1.pim.vip.mud.yahoo.com server deny name edit.messenger.yahoo.com server deny name messenger.yahoo.com server deny name http.pager.yahoo.com server deny name privacy.yahoo.com server deny name csa.yahoo.com server deny name csb.yahoo.com server deny name csc.yahoo.com audit-trail on ! ! crypto pki trustpoint TP-self-signed-1822211251 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-1822211251 revocation-check none rsakeypair TP-self-signed-1822211251 ! ! crypto pki certificate chain TP-self-signed-1822211251 certificate self-signed 01 3082024A 308201B3 A0030201 02020101 300D0609 2A864886 F70D0101

04050030 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 69666963 6174652D 31383232 32313132 3531301E 170D3036 31303036 31313430 33315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 38323232 31313235 3130819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100CE3A DC98A200 B8CDFCFA 06D2069F 2B4ADCAA 0A451143 9E4AC4CB 75C64548 C2EB7E01 E78FC7BD 24113090 97EEE34D F6B30FF1 498C7B29 8ED1782E C36E62A8 6E054D60 3B144A77 7C1D061D FB433867 FF8A1051 3822B3DA 1375EB25 687AF699 BC10D5B4 ABFBDC08 0EFAC3DE C8971ADC A86C4333 28C08561 FDB2142D 576FE767 F19F0203 010001A3 72307030 0F060355 1D130101 FF040530 030101FF 301D0603 551D1104 16301482 12526F75 7465722E 63696E61 72696F2E 636F6D30 1F060355 1D230418 30168014 68F32795 D81AD799 FB23D500 DA731DD6 BD2914DB 301D0603 551D0E04 16041468 F32795D8 1AD799FB 23D500DA 731DD6BD 2914DB30 0D06092A 864886F7 0D010104 05000381 81009F3F F5A4E991 D4859DE3 AF5DAC29 7E4B040D 5963BCFB AD6920F6 6253113E 0CC3AAC9 F6AC64D0 D97DA060 C71E2C31 C50C198C 32A94C05 6001172D CC905E7B 5985E22B CC9B8441 19D03D40 7DDCDF6B 3D219793 AFAED399 BEBDB902 BAC488D6 BBFF376C 19881E0E 98BC8806 D49CFCFF E4D2B0F4 4570CDC8 5BD5B247 D71DBFC6 EF90 quit username cinario privilege 15 secret 5 $1$DC5q$hq5ymhkJVfzQYbcx5GaQ0. ! ! class-map match-any sdm_p2p_kazaa match protocol fasttrack match protocol kazaa2 class-map match-any sdm_p2p_edonkey match protocol edonkey class-map match-any sdm_p2p_gnutella match protocol gnutella class-map match-any sdm_p2p_bittorrent match protocol bittorrent ! ! policy-map sdmappfwp2p_SDM_HIGH class sdm_p2p_gnutella drop class sdm_p2p_bittorrent drop class sdm_p2p_edonkey drop class sdm_p2p_kazaa drop ! ! ! ! ! ! interface Null0 no ip unreachables ! interface FastEthernet0 description $ETH-WAN$$FW_OUTSIDE$ ip address X.X.X.X 255.255.255.0 ip access-group 101 in ip verify unicast reverse-path no ip redirects no ip unreachables no ip proxy-arp ip nat outside ip inspect SDM_HIGH out ip virtual-reassembly ip route-cache flow duplex auto speed auto service-policy input sdmappfwp2p_SDM_HIGH service-policy output sdmappfwp2p_SDM_HIGH ! interface FastEthernet1 no ip address no ip redirects no ip unreachables no ip proxy-arp ip route-cache flow shutdown duplex auto speed auto ! interface FastEthernet2 ! interface FastEthernet3 shutdown ! interface FastEthernet4 shutdown ! interface FastEthernet5 shutdown ! interface FastEthernet6 shutdown ! interface FastEthernet7 shutdown ! interface FastEthernet8 shutdown ! interface FastEthernet9 shutdown ! interface Vlan1 description $ETH-SW-LAUNCH$$INTF-INFO-FE 2$$ES_LAN$$FW_INSIDE$ ip address 10.10.10.1 255.255.255.0 ip access-group 100 in ip verify unicast reverse-path no ip redirects no ip unreachables no ip proxy-arp ip nat inside ip virtual-reassembly ip route-cache flow ip tcp adjust-mss 1452 ! interface Async1 no ip address no ip redirects no ip unreachables no ip proxy-arp encapsulation slip ! ip default-gateway X.X.X.254 ip route 0.0.0.0 0.0.0.0 X.X.X.254 ! ! ip http server ip http authentication local ip http secure-server ip http timeout-policy idle 60 life 86400 requests 10000 ip nat pool e1 10.10.11.0 10.10.11.255 netmask 255.255.255.0 ip nat pool e0 10.10.12.0 10.10.12.255 netmask 255.255.255.0 ip nat inside source list 1 interface FastEthernet0 overload ! logging trap debugging access-list 100 remark auto generated by SDM firewall configuration access-list 100 remark SDM_ACL Category=1 access-list 100 deny ip X.X.X.0 0.0.0.255 any access-list 100 deny ip host 255.255.255.255 any access-list 100 deny ip 127.0.0.0 0.255.255.255 any access-list 100 permit ip any any access-list 101 remark auto generated by SDM firewall configuration access-list 101 remark SDM_ACL Category=1 access-list 101 permit udp host X.X.X.8 eq domain host X.X.X.40 access-list 101 permit udp host X.X.X.3 eq domain host X.X.X.40 access-list 101 deny ip 10.10.10.0 0.0.0.255 any access-list 101 permit icmp any host X.X.X.40 echo-reply access-list 101 permit icmp any host X.X.X.40 time-exceeded access-list 101 permit icmp any host X.X.X.40 unreachable access-list 101 permit tcp X.X.X.0 0.0.0.255 host X.X.X.40 eq 443 access-list 101 permit tcp X.X.X.0 0.0.0.255 host X.X.X.40 eq 22 access-list 101 permit tcp X.X.X.0 0.0.0.255 host X.X.X.40 eq cmd access-list 101 deny ip 10.0.0.0 0.255.255.255 any access-list 101 deny ip 172.16.0.0 0.15.255.255 any access-list 101 deny ip 192.168.0.0 0.0.255.255 any access-list 101 deny ip 127.0.0.0 0.255.255.255 any access-list 101 deny ip host 255.255.255.255 any access-list 101 deny ip host 0.0.0.0 any access-list 101 deny ip any any log access-list 102 remark VTY Access-class list access-list 102 remark SDM_ACL Category=1 access-list 102 permit ip 10.10.10.0 0.0.0.255 any access-list 102 deny ip any any no cdp run ! ! ! ! ! ! control-plane ! banner login ^CNon Autherised access is allowed^C ! line con 0 login authentication local_authen transport output telnet line 1 modem InOut stopbits 1 speed 115200 flowcontrol hardware line aux 0 login authentication local_authen transport output telnet line vty 0 4 access-class 102 in password 7 120B0A02060E1E57 authorization exec local_author login authentication local_authen transport input telnet ssh ! scheduler allocate 4000 1000 scheduler interval 500 ! webvpn context Default_context ssl authenticate verify all ! no inservice ! end

Darren Green wrote:

try moving all of the vvlan 1 config to interface bvi 1

Do I have to create a bvi 1 interface to move the vlan to

yes config t int bvi 1 .... end wri mem

Many thanks for all your help, I was missing a NAT rule for the routing

R. Bongosw