Announcement

Collapse
No announcement yet.

Router 1841 for internet access

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Router 1841 for internet access

    Dear Friends,

    I have configured my 1841 router for internet access. But I do not get internet in my LAN. Please see the config. i did in cisco 1841. Kindly help me to fix the problem.



    Building configuration...

    Current configuration : 1984 bytes
    !
    version 12.4
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname router1
    !
    boot-start-marker
    boot-end-marker
    !
    logging buffered 51200 warnings
    enable secret 5
    !
    no aaa new-model
    !
    resource policy
    !
    mmi polling-interval 60
    no mmi auto-configure
    no mmi pvc
    mmi snmp-timeout 180
    ip subnet-zero
    ip cef
    !
    !
    no ip dhcp use vrf connected
    ip dhcp excluded-address 192.168.2.1
    ip dhcp excluded-address 192.168.2.2

    ip dhcp pool CLIENT
    network 192.168.2.0 255.255.255.0
    default-router 192.168.2.1
    dns-server 8.8.8.8
    !
    !
    ip name-server 196.23.1.11
    !

    !
    interface FastEthernet0/0
    description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0$
    ip address 192.168.2.1 255.255.255.0
    ip nat inside
    duplex auto
    speed auto
    !
    interface FastEthernet0/1
    no ip address
    shutdown
    duplex auto
    speed auto
    !
    interface Serial0/0/0
    ip address x.x.x.x 255.255.255.252
    ip nat outside
    !
    ip classless
    ip route 0.0.0.0 0.0.0.0 x.x.x.x(nxt hop)
    !
    ip http server
    ip http access-class 23
    ip http authentication local
    ip http timeout-policy idle 60 life 86400 requests 10000
    ip nat pool ISP x.x.x.x x.x.x.x netmask 255.255.255.252
    ip nat inside source list 1 pool ISP overload
    !
    access-list 1 permit 192.168.2.0 0.0.0.255
    !
    control-plane
    !
    banner login ^C
    ^C
    banner motd ^C
    Unauthorized Access Prohibited ^C
    !
    line con 0
    login local
    line aux 0
    line vty 0 4
    privilege level 15
    password c1sc0
    login
    transport input telnet
    line vty 5 15
    privilege level 15
    login local
    transport input telnet
    !
    end

    Please help me. I can able to ping with next hop address and even to name server. but internet is not working!!!!!!please help me.....

  • #2
    Re: Router 1841 for internet access

    So you can reach an external host via ip addresss? Could be a dns resolution issue. Your config looks fine. Are you sure your clients are getting dhcp with the correct settings. Is your nat pool configured with the correct addresses from your ISP? Look at your nat translation table to make sure your translating correctly.
    CCNA, CCNA-Security, CCNP
    CCIE Security (In Progress)

    Comment


    • #3
      Re: Router 1841 for internet access

      Originally posted by auglan View Post
      So you can reach an external host via ip addresss? Could be a dns resolution issue. Your config looks fine. Are you sure your clients are getting dhcp with the correct settings. Is your nat pool configured with the correct addresses from your ISP? Look at your nat translation table to make sure your translating correctly.

      Thank you so much for the reply. Let me check the inputs you gave me.
      Thanks again!!!!

      Comment


      • #4
        Re: Router 1841 for internet access

        Is it necessary to bind the access list to any interface.
        In the above case to which interface I need to bind the ACL?
        whether fastethernet 0/0 out or Serial 0/0/0 in.

        Pls reply..

        Comment


        • #5
          Re: Router 1841 for internet access

          What access-list are you referring too?
          CCNA, CCNA-Security, CCNP
          CCIE Security (In Progress)

          Comment


          • #6
            Re: Router 1841 for internet access

            hai,
            I mean the access-list 1 permit 192.168.2.0 0.0.0.255
            is it required to bind with any interfaces?

            Comment


            • #7
              Re: Router 1841 for internet access

              No, that is a nat ACL. Just tells the nat process what inside hosts should be natted.
              CCNA, CCNA-Security, CCNP
              CCIE Security (In Progress)

              Comment


              • #8
                Re: Router 1841 for internet access

                ok, thank you for the help....

                still I can't access internet. But I can telnet the router from outside. I tried it and it is working. The problem is with accessing internet from LAN. When I tried to ping with goole.com it can't go further the next hop address. I think it is the problem with name server, is n't it?
                Last edited by cinuben108; 24th April 2012, 11:33.

                Comment


                • #9
                  Re: Router 1841 for internet access

                  Can you ping by ip address? Are your end hosts getting the correct dns settings? If you can ping by ip address, then yes most likely a dns issue. Is there another router upstream from yours? May try and use your isp's dns servers just to test with.


                  ping 8.8.8.8


                  Also if your not using the router as a dns proxy might as well remove this as well.


                  no ip name-server 196.23.1.11
                  Last edited by auglan; 24th April 2012, 12:22.
                  CCNA, CCNA-Security, CCNP
                  CCIE Security (In Progress)

                  Comment


                  • #10
                    Re: Router 1841 for internet access

                    Hi,
                    The name server provided by the ISP is 196.43.1.11, but it is not pinging... so I suspect the problem is with the name server, am I right? But I can access my router from outside. Now I am going to check with the ISP support for any other name server I can able to use.

                    Thank you so much for responding me...

                    Comment


                    • #11
                      Re: Router 1841 for internet access

                      Can you ping anything by ip address from a host on your network? Just because you cant ping a dns server doesnt mean there is something wrong, the dns server may not respond to icmp messages.

                      ping 8.8.8.8

                      remove the ip name-server command, as you dont need it for your dhcp clients as they are using 8.8.8.8. Make sure the ISP dns ip is correct as well. It may be worthwhile changing your hosts dns to your ISP's as I have seen "outside" dns servers not work with some ISP's
                      CCNA, CCNA-Security, CCNP
                      CCIE Security (In Progress)

                      Comment


                      • #12
                        Re: Router 1841 for internet access

                        Dear Auglan,

                        The problem is with the plan which we have choosen.. The plan does not include internet browsing service. Right now my internal application servers can be accessible from outside. But it is too slow. Now I would like to access internal servers either through Teamviewer or VNC.. When Teamviewer has started in the server behind the CISCO it shows "Not ready, Please check your connction".. Should I forward any port for team viewer and VNC?

                        Comment


                        • #13
                          Re: Router 1841 for internet access

                          I believe vnc uses tcp 5800 and 5900 so you would need to allow those inbound to said hosts. Teamviewer uses port 80 by default but also checks 443 as well. Not a big fan of opening up VNC from the outside. I would rather see a vpn in place IPSEC/SSL etc.
                          CCNA, CCNA-Security, CCNP
                          CCIE Security (In Progress)

                          Comment


                          • #14
                            Re: Router 1841 for internet access

                            Originally posted by auglan View Post
                            I believe vnc uses tcp 5800 and 5900 so you would need to allow those inbound to said hosts. Teamviewer uses port 80 by default but also checks 443 as well. Not a big fan of opening up VNC from the outside. I would rather see a vpn in place IPSEC/SSL etc.

                            Thanks for the guidance!!! let me try IPSEC with 1841.

                            Comment

                            Working...
                            X