Need help big time making internet out of Comcast/AT&T

sendalot · October 2013

Hello,

I've been CCNA certified for 5 months.

Just got a CISCO891-K9 RT and trying to get WAN off ISPs like Comcast Xfinity / AT&T U-Verse.

These ISPs provide a modem+router equipment that does both WAN and wireless access point (DHCP as well).

I'm trying to feed one of LAN off of ISP routers to my CISCO router as a WAN.

I've been struggling past 3 hours trying to make this happens and deserves to be shot since I still can't figure it out.

Any help would be appreciated.

(So far, I've set VLAN tied to a DHCP. Also "ip nat out" on the port that gets feed from ISP router. etc etc).

Corndork2 · October 2013

You have a lot to do.

Make a DHCP interface for your WAN facing port. Set that as an outside interface for NAT

Make an internal interface for your LAN hosts. This is typicially the .1 on a /24 in SOHO environments. Make this the inside NAT interface

create an ACL and set NAT overloading

Do a show ip route, to determine the default route you need to set for your WAN interface. Set this route in your router as a static route

I would also reccommend turning up DHCP service and DNS service on your router if you do not have those services on your network.

Most of the 8xx routers I set up are done in this way.

networker050184 · October 2013

Corndork2 wrote: »

Do a show ip route, to determine the default route you need to set for your WAN interface. Set this route in your router as a static route

Not necessary. When you have your WAN interface pull an IP via DHCP a default gateway is automatically populated. You don't need to manually configure it and for good reason as your default gateway could change at anytime.

Corndork2 · October 2013

Excellent point.

Though for one reason or another, Ive had to set static routes with Comcast Residential connections. I'm most likely just doing something wrong

sendalot · October 2013

By the way, long put short, ISPs like Comcast and AT&T wouldn't ban using enterprise grade routers, correct?

But I guess it won't matter since NAT on my Cisco RT is translating out 10.0 addresses into 192.168s... something like that?

theodoxa · October 2013

Does Comcast support IPv6 yet in your area? They rolled it out here maybe a year ago. Might be worth seeing if you can set it up.

sendalot · October 2013

What does ipv6 have to do with using an enterprise grade router?

I'll post a config later today.

By the way, I am using U-Verse 3800HGV-B modem as a WAN bridge connection.

I have used other small routers to get WAN feed off of 3800HGV-B and worked fine.

But problme is when I plug in the Cisco router, 3800HGV-B configuraiton page indicates that the device not even picked up.

Does Cisco router invovle more manual config to get this? Or do I need that small router as another bridge in between?

Thanks.

theodoxa · October 2013

sendalot wrote: »

What does ipv6 have to do with using an enterprise grade router?
...

You mentioned Comcast. But, it appears you are using Uverse. Unfortunately, the main problem with Uverse is that you are forced to use their equipment. You can connect your router to theirs, but there's no guarantee that you would be able to make it work since theirs is designed for home users. I seem to remember that back when I had Uverse (a few years back) their routers [at that time] didn't support static routing, etc...

sendalot · October 2013

I have two settings. One use Comcast and the other place uses U-Verse.

I understand the the force part, but I was able to use a Western Digital router off of it. I just used U-Verse as a Bridge.

I want to do it again, this time for Cisco router.

theodoxa · October 2013

For Cable (Comcast), you would connect a compatible (check with your cable provider) modem to a Fast Ethernet [or Gigabit Ethernet] port on the router. Configure that interface to use DHCP to get its settings. For IPv4 you would need to configure NAT (PAT/NAT Overload) so that everything can share the same public IP. IPv6 gives you something like 300 TRILLION usable addresses with a standard /64, so you could setup IPv6 without having to use NAT. This is why I asked about IPv6 earlier. Once you have NAT setup, you will want to configure a DHCP pool so that you don't have to statically assign IP Addresses to every PC or Device. In fact, I've seen a few devices that only use DHCP (don't support static IP Assignment).

Configuration #1 (Used if you connect a switch to a Layer 3 Router Port):

ip access-list standard NAT
   permit 192.168.0.0 0.0.0.255
   exit
ip nat inside source list NAT interface Fa0/1 overload
ip dhcp excluded-address 192.168.0.1
ip dhcp pool LAN
   network 192.168.0.0 255.255.255.0
   default-router 192.168.0.1
   dns-server 8.8.8.8
   exit
interface FastEthernet 0/0
   description LAN
   ip address 192.168.0.1 255.255.255.0
   ip nat inside
   no shutdown
interface FastEthernet 0/1
   description WAN
   ip address dhcp
   ip nat outside
   no shutdown

Configuration #2 (Used if you Connect PCs Directly to a Layer 2 Port on the Router):

NOTE: I used an HWIC-4ESW in an 1841 to test this in Packet Tracer. I would expect an 800 series to work the same way, but no guarantees.

ip access-list standard NAT
   permit 192.168.1.0 0.0.0.255
   exit
ip nat inside source list NAT interface Fa0/1 overload
ip dhcp excluded-address 192.168.1.1
ip dhcp pool ETHERSWITCH
   network 192.168.1.0 255.255.255.0
   default-router 192.168.1.1
   dns-server 8.8.8.8
   exit
interface VLAN 1
   description ETHERSWITCH
   ip address 192.168.1.1 255.255.255.0
   ip nat inside
   no shutdown
interface FastEthernet 0/1
   description WAN
   ip address dhcp
   ip nat outside
   no shutdown

The PCs directly connected to the router are connected to the HWIC-4ESW (Fa0/0/0 and Fa0/0/1). The other 2 PCs are connected to a generic (Linksys, et al.) switch which is connected to a Layer 3 Port (Fa0/0). I was able to ping to the ISP's Router on the other side of the Cloud.

[EDIT]Also, make sure that your Switched interfaces are Up/Up. You will probably need to issue a "no shutdown" command for all the Switched Ports. On PT, they were "FastEthernet 0/0/0 - FastEthernet 0/0/3. But, the numbering may be different on the 891. I see it has 8 Switched Ports, 1 Fast Ethernet Routed Port, and 1 Gigabit Ethernet Routed Port per Cisco's website. You will probably want to use configuration #2 and replace all references to FastEthernet 0/1 with whichever port you choose to connect your cable modem to - "FastEthernet 0/0" or "GigabitEthernet 0/0".

ip access-list standard NAT
   permit 192.168.0.0 0.0.0.255
   exit
ip nat inside source list NAT interface GigabitEthernet 0/0 overload
ip dhcp excluded-address 192.168.0.1
ip dhcp pool ETHERSWITCH
   network 192.168.0.0 255.255.255.0
   default-router 192.168.0.1
   dns-server 8.8.8.8
   exit
interface range FastEthernet 0/0/0 - FastEthernet 0/0/7
   no shutdown
interface VLAN 1
   description LAN
   ip address 192.168.0.1 255.255.255.0
   ip nat inside
   no shutdown
interface GigabitEthernet 0/0
   description WAN
   ip address dhcp
   ip nat outside
   no shutdown

theodoxa · October 2013

Also, if you are going to have any subnets that are not directly connected to your Cisco 891, such as a separate lab network, you will need to either configure static routes to and back from those subnets or use a dynamic routing protocol. I normally just use EIGRP. Its much easier to configure than static routing. Just make sure not to advertise on your WAN interface [going to your ISP.]

sendalot · October 2013

Hello from my own Cisco Network!! Thanks for all the help ya'll!!!!

Need help big time making internet out of Comcast/AT&T

Comments