Announcement

Collapse
No announcement yet.

cisco 851w - basic configuration problem

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • cisco 851w - basic configuration problem

    Using 3004 out of 131072 bytes
    !
    version 12.4
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    service password-encryption
    !
    hostname cisco851w
    !
    boot-start-marker
    boot-end-marker
    !
    enable password 7 00550207564C18
    !
    aaa new-model
    !
    !
    aaa authentication login default local
    aaa authorization exec default local
    !
    aaa session-id common
    !
    resource policy
    !
    ip subnet-zero
    no ip dhcp use vrf connected
    ip dhcp excluded-address 192.168.2.1 192.168.2.10
    !
    ip dhcp pool internal-net
    import all
    network 192.168.2.0 255.255.255.0
    default-router 192.168.2.1
    dns-server 192.168.2.3
    lease 36
    !
    !
    ip cef
    ip inspect name MYFW tcp
    ip inspect name MYFW udp
    no ip domain lookup
    ip name-server 194.90.1.5
    ip name-server 212.143.212.143
    !
    !
    crypto pki trustpoint TP-self-signed-3261566125
    enrollment selfsigned
    subject-name cn=IOS-Self-Signed-Certificate-3261566125
    revocation-check none
    rsakeypair TP-self-signed-3261566125
    !
    !
    crypto pki certificate chain TP-self-signed-3261566125
    certificate self-signed 01 nvram:IOS-Self-Sig#3505.cer
    username fireface password 7 01421705091C15
    !
    !
    !
    bridge irb
    !
    !
    interface FastEthernet0
    !
    interface FastEthernet1
    !
    interface FastEthernet2
    !
    interface FastEthernet3
    !
    interface FastEthernet4
    ip address dhcp
    ip access-group internat-inbound-ACL in
    ip inspect MYFW out
    ip nat outside
    ip virtual-reassembly
    ip tcp adjust-mss 1460
    duplex auto
    speed auto
    !
    interface Dot11Radio0
    no ip address
    !
    encryption vlan 1 mode ciphers tkip
    !
    ssid home
    vlan 1
    authentication open
    authentication key-management wpa
    guest-mode
    wpa-psk ascii 7 135542405E58527E737470
    !
    speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0
    54.0
    channel 2412
    station-role root
    no dot11 extension aironet
    no cdp enable
    !
    interface Dot11Radio0.10
    encapsulation dot1Q 10
    no snmp trap link-status
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 spanning-disabled
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    !
    interface Vlan1
    no ip address
    ip nat inside
    ip virtual-reassembly
    bridge-group 1
    bridge-group 1 spanning-disabled
    !
    interface BVI1
    ip address 192.168.2.10 255.255.255.0
    ip nat inside
    ip virtual-reassembly
    !
    ip classless
    ip route 0.0.0.0 0.0.0.0 dhcp
    !
    ip http server
    ip http secure-server
    ip nat inside source list 1 interface FastEthernet4 overload
    !
    ip access-list extended Guest-ACL
    ip access-list extended internat-inbound-ACL
    permit udp any eq bootps any eq bootpc
    permit icmp any any echo
    permit icmp any any echo-reply
    permit icmp any any traceroute
    permit gre any any
    permit esp any any
    !
    access-list 1 permit 192.168.2.0 0.0.0.255
    access-list 100 deny ip any 192.168.2.0 0.0.0.255
    access-list 100 permit ip any any
    !
    control-plane
    !
    bridge 1 route ip
    !
    line con 0
    password 7 11580804450518
    no modem enable
    line aux 0
    line vty 0 4
    password 7 11580804450518
    !
    scheduler max-task-time 5000
    end

    this is my router configuration , i am getting from the isp ip by dhcp
    and i am connecting to the internet , i can ping ip of the websites
    from the router , but from a stations i cant even ping the DG .

    tnk for all the repliers

  • #2
    Re: cisco 851w - basic configuration problem

    The configuration entries for NAT inside (bvi1), NAT outside (f4) and NAT overload appear to be OK. Although, the "ip nat inside" is not needed on the vlan 1 definition since you have assigned vlan1 to bridge-group 1 (bvi1).

    You mentioned you cannot ping the default gateway. The bridge interface (bvi1) ip address does not match the default gateway address specified in the DHCP scope (see underlined below). Which IP address are you trying to ping? .1 or .10

    Code:
    ip dhcp pool internal-net
     import all
     network 192.168.2.0 255.255.255.0
     default-router 192.168.2.1
     dns-server 192.168.2.3
     lease 36
     
    interface BVI1
     ip address 192.168.2.10 255.255.255.0
     ip nat inside
     ip virtual-reassembly

    Comment

    Working...
    X