Connect to Comcast

Hello

I am trying to connect to the internet using my cisco router. First let me describe my setup.

I have linksys cable modem and router with 4 ports switch and a 2610 router with two ethernet interfaces.

One interface (e0/0) is connected to the linksys router using straight throught cable and the other one (e1/0) to the switch using same type of cable. My laptop is then connected to the switch
My linksys router has an ip 192.168.1.1/24 using DHCP and e0/0 has an ip address 192.168.1.2 /24
e1/0 has an ip address 192.168.24.1/24 . The pc has ip 192.168.24.2/24 and gateway 192.168.24.1
using hyperterminal I could ping my dns and other outside ip address, but I cant ping those same address using command line or browse any website.

This is my confi
Gateway of last resort is 0.0.0.0 to network 0.0.0.0

C 192.168.24.0/24 is directly connected, Ethernet1/0
C 192.168.22.0/24 is directly connected, Serial0/0
C 192.168.1.0/24 is directly connected, Ethernet0/0
S* 0.0.0.0/0 is directly connected, Ethernet0/0
[1/0] via 192.168.1.1

show run

hostname Router26A
!
boot-start-marker
boot-end-marker
!
no aaa new-model
ip subnet-zero
ip cef

no ip domain lookup

ip audit po max-events 100

interface Ethernet0/0
ip address 192.168.1.2 255.255.255.0
half-duplex
!
interface Serial0/0
description Inter S1 Connected to int S1 on Router25A
ip address 192.168.22.2 255.255.255.0

!
interface Ethernet1/0
ip address 192.168.24.2 255.255.255.0
half-duplex
!
router rip
redistribute static
network 192.168.1.0
network 192.168.22.0
network 192.168.24.0
!
no ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 Ethernet0/0
ip route 0.0.0.0 0.0.0.0 192.168.1.1

Router26A#ping 192.168.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

**Pinging yahoo.com
Router26A#ping 216.109.112.135

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 216.109.112.135, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/36 ms

can anyone tell me what s wrong with my setup? Do I have to configure NAT? if so, How do I go by doing that?

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

mikej412

fid500 wrote:

Do I have to configure NAT? if so, How do I go by doing that?

Yes -- you're using a private address range so your ISP doesn't route it.

ip nat command -- with example

There is also a Home Lab Setup thread with more links in it.

markzab

Good topic. My routers are on their way and I was planning on doing the same thing when they got here. I'll be following this thread closely. I can't help with the answer on this one but as for NAT I'd imagine that yes you'd need to set that up since you are trying to get outside of your private network.

markzab

Scratch that. Thanks for those links Mike.

Paul Boz

This is what I would do:

1 - Plug the Linksys into the 2610 e0/0 port and statically assign your 192x IP address to the e0/0 interface.

2 - Buy a real switch (you can get 2900 XL switches for < $100 on ebay) and plug it into the other ethernet interface.

3 - Assign addressing to the e0/1 interface which the switch is plugged in to (ex 172.16.10.1 /24).

4- set up DHCP on your router (or skip this and use static addresses) (http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca75c.html)

4 - Plug your computers into the switch and let them dynamically pull addresses from the network they belong to (172x).

5- Build a static default route in your 2610, using e0/0.

In this scenario, you will have two networks - the 192x network from the Linksys, and the 172x network from e0/1. The router will forward all traffic out of e0/0 due to the static default route. You can avoid doing wacky double nat stuff this way.

mgeorge

i deal with this same stuff everyday seeing as i work for a telecommunications comany lol...

First off you want to assign your private ip addressing to your inside interface, and set it as NAT inside

second, make sure your public interface will accept a dhcp address from the cable modem by using the
"ip address dhcp" this way the public interface will accept the public ip address bridged from the cable modem

Also your default route needs to be "ip route 0.0.0.0 0.0.0.0 e1/0" (or what ever your pub int is)

Make sure your nat overload is set correctly and your accesslist. You can assign static nat port
translations if you like to host servers/etc... translating them from your public ip to a private
internal ip address.

Also be sure to use local usernames for security to prevent unauthorized access to the router
from the internet. I wouldnt suggest you using the standard enable secret. Use the "login local"
command and create a username example would be

username NAME priv 0-15 secret PASSWORD

by doing this, this will prevent brute force attacks because an attacker would have to know the
username AND password, and not just try to bruteforce random passwords by dictionary.

hope this helps

have questions feel free to msg me

fid500

Thanks guys.
I will try this once I get home tonight