851 router config

scratcherbob

I have an 851 router hooked up to my home lab cable modem and can't get internet access. DHCP is working on WAN and LAN interfaces with no problems. I think it's a problem with default route or NAT.

Any help would be grate.
Thanks


!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname 172VMR01
!
boot-start-marker
boot-end-marker
!
enable secret 5 '''''''''''''''''''''
!
no aaa new-model
!
!
dot11 syslog
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.1 192.168.1.30
!
ip dhcp pool HOMEPOOL01
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 8.8.8.8 8.8.4.4 208.67.222.222
!
!
ip cef
ip domain name BOBLAN
!
!
!
username ''''''' password 0 '''''''''
!
!
archive
log config
hidekeys
!
!
ip ssh version 2
!
!
!
interface FastEthernet0
description LAN-LINK
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
description WAN LINK
ip address dhcp
ip virtual-reassembly
duplex auto
speed auto
!
interface Vlan1
ip address 192.168.1.2 255.255.255.0
ip nat inside
ip virtual-reassembly
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
ip nat inside source list 1 interface FastEthernet4 overload
!
access-list 1 permit 192.168.1.0 0.0.0.255
!
control-plane
!
!
line con 0
password ''''''''''
logging synchronous
login
no modem enable
line aux 0
line vty 0 4
login local
transport input ssh

scratcherbob

Just seen the problem I think. No ip nat outside command on int fa4.

CiscoWayne

That's what I was going to say mate, no ip nat outside command.

Let us know how you get on.

TWX

ip nat inside may be required on the LAN interface(s) too. It normally is, but I don't know if this particular model has any variation or not.

scratcherbob

still no joy after putting ip nat ouside on fa4


Gateway of last resort is 81.108.###.# to network 0.0.0.0


81.0.0.0/24 is subnetted, 1 subnets
C 81.108.###.### is directly connected, FastEthernet4
C 192.168.###.###/24 is directly connected, Vlan1
62.0.0.0/32 is subnetted, 1 subnets
S 62.253.###.### [254/0] via 81.108.###.#, FastEthernet4
S* 0.0.0.0/0 [254/0] via 81.108.###.###


e wan int.

CiscoWayne

Did you try it on the LAN interface(s) too as per TWX's advice?

Can any pings get around at all?

What about a traceroute?

scratcherbob

CiscoWayne wrote: »

Did you try it on the LAN interface(s) too as per TWX's advice?

Can any pings get around at all?

What about a traceroute?

NAT config will only go on int vlan 1 as switch ports 0 -4 will not take commands. I can ping form pc to default gateway but that's it.

CiscoWayne

Do a 'show ip nat translation' to see if anything is actually being translated.

You can also run NAT debugs to see what's happening.

scratcherbob

Nothing was being translated with NAT when I did the "show ip nat translation" . When I get home I will give the debug a go.

All good learning fun.
Thanks

CiscoWayne

Defo man, all good fun.

Another thing, maybe try finding out what IP range your ISP is using to assign dhcp addresses and manually configure to allow that range for NAT'ing, rather than the physical interface.

scratcherbob

Well I have been working on this for a few hours. Got the tw@t working like a champ and now have a smug feeing of victory. Faster than the old belendkin and loads more cisconess in the office.

I enabled the dialer0 interface and tweaked nat acl. Bang...started to work

Next on the lab list is to convert a 1142n AP to autonomous mode and get it hooked up.

Onward and upward.

871 Virgin media config


version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname 172VMR01
!
boot-start-marker
boot-end-marker
!
logging buffered 4096
logging console critical
enable secret 5 ******************
!
no aaa new-model
!
!
dot11 syslog
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.1 192.168.1.30
!
ip dhcp pool HOMEPOOL01
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 8.8.8.8 8.8.4.4 208.67.222.222
domain-name BobLAN @ DesertFoxClan.com
!
!
ip cef
no ip bootp server
ip domain name BobLAN @ DesertFoxClan.com
!
!
!
username ***** password 7 ********************
!
!
archive
log config
hidekeys
!
!
ip ssh version 2
!
!
!
interface FastEthernet0
description LAN-LINK
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
description WAN LINK
ip address dhcp
ip verify unicast source reachable-via rx allow-default 100
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface Vlan1
ip address 192.168.1.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
!
interface Dialer0
no ip address
no cdp enable
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 FastEthernet4
!
no ip http server
no ip http secure-server
ip dns server
ip nat inside source list 101 interface FastEthernet4 overload
!
logging trap debugging
logging facility local2
access-list 100 permit udp any any eq bootpc
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
no cdp run
!
control-plane
!
banner motd ^C Unauthorised access prohibited ^C
!
line con 0
password 7 *****************
logging synchronous
login
no modem enable
line aux 0
line vty 0 4
login local
transport input ssh