Help with config Cisco 2611 ----> Cable Modem

thefear78thefear78 Member Posts: 30 ■■□□□□□□□□
Hi this config worked for me before I tried upgrading to a 12.3 IOS that did not work, so I went back and now I cannot even ping an external ip?? Can anyone help? Here is show run:

eth0: negotiated 100baseTx-FD, link ok
bt ~ # telnet 192.168.1.1
Trying 192.168.1.1...
Connected to 192.168.1.1.
Escape character is '^]'.




User Access Verification

Password:
fonestar>en
Password:
fonestar#sh run
Building configuration...

Current configuration : 1148 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname fonestar
!
enable secret 5 $1$WPrp$X54y3iPvqC8tKCqx6euUz0
!
ip subnet-zero
!
!
no ip domain-lookup
ip domain-name fonestar.com
ip host bt 172.16.1.2
ip host foneswitch 192.168.1.2
ip host R2 192.168.1.2
ip host R1 172.16.1.2
!
ip audit notify log
ip audit po max-events 100
!
!
!
interface Ethernet0/0
ip address 192.168.1.1 255.255.255.0
no ip proxy-arp
ip nat inside
half-duplex
no cdp enable
!
interface Ethernet0/1
ip address dhcp
ip nat outside
half-duplex
no cdp enable
!
ip nat inside source list 102 interface Ethernet0/1 overload
ip classless
ip http server
ip pim bidir-enable
!
access-list 102 permit ip 192.168.1.0 0.0.0.255 any
no cdp run
tftp-server flash:
!
line con 0
exec-timeout 30 30
password 7 14391D190D012C7373
login
line aux 0
exec-timeout 30 30
password 7 032A5419070A271419
login
line vty 0 4
exec-timeout 0 0
password 7 1060060B041214535B
login
line vty 5 15
exec-timeout 0 0
privilege level 15
password 7 1060060B041214535B
login
!
end



Thanks in advance!!!

Comments

  • thefear78thefear78 Member Posts: 30 ■■□□□□□□□□
    Ethernet0/0 is directly connected to a Catalyst 1900 Switch 192.168.1.2. I don't think it is a problem as I can ping past it to the Cisco 2611.
  • NetwurkNetwurk Member Posts: 1,155 ■■■■■□□□□□
    Each cable and DSL provider has their own rules for connecting, so it's not easy to provide help.

    Are you sure you don't have to provide any authentication (for instance, CHAP or PAP password negotiation)?

    There is a site that provides some examples for connecting to the various providers.

    A search through their forums might be helpful.

    http://www.dslreports.com/forums/all
  • APAAPA Member Posts: 959
    where's your gateway of last resort?? (default route).....

    eg...

    0.0.0.0 0.0.0.0 (ip address of cable modem or int type)

    I'm pretty sure that's what your missing..... ensure your cable modem is handing out DHCP addresses, as you have configured 'ip address dhcp'...... Why don't you hardcode this interfaces address?? Saves you the hassle of having to change the 'ip route command' should your IP address change unless of course you configure 'ip route 0.0.0.0 0.0.0.0 fastethernet 0/1'

    Netwurk... He isn't using a DSL WIC or anything........ He is simply connecting his current cable modem which will have all the service provider connection parameters already on it to a router and then wanting to route all internet traffic through to cable modem...

    CCNA | CCNA:Security | CCNP | CCIP
    JNCIA:JUNOS | JNCIA:EX | JNCIS:ENT | JNCIS:SEC
    JNCIS:SP | JNCIP:SP
  • NetwurkNetwurk Member Posts: 1,155 ■■■■■□□□□□
    Makes sense. I have DSL and use a "ppp authentication chap callin", but my modem is set as a bridge. I'm sure you're right that his modem does the authentication.

    He of course definitely needs a default route

    Adding "ip route 0.0.0.0 0.0.0.0 interface Ethernet0/1" should do the trick

    And upgrading that Cisco 1900 wouldn't hurt either :)
  • networker050184networker050184 Mod Posts: 11,962 Mod
    I wouldn't use a default route to the exit fast ethernet inetrface. You will have issues with arp. You should set the static route to the next hop ip.

    ip route 0.0.0.0 0.0.0.0 x.x.x.x or ip route 0.0.0.0 0.0.0.0 fastethernet0/1 x.x.x.x
    An expert is a man who has made all the mistakes which can be made.
  • NetwurkNetwurk Member Posts: 1,155 ■■■■■□□□□□
    I wouldn't use a default route to the exit fast ethernet inetrface. You will have issues with arp. You should set the static route to the next hop ip.

    ip route 0.0.0.0 0.0.0.0 x.x.x.x or ip route 0.0.0.0 0.0.0.0 fastethernet0/1 x.x.x.x

    Wouldn't that only work if your ISP gave you a permanent IP? I know mine changes a few times a month.
  • networker050184networker050184 Mod Posts: 11,962 Mod
    You would use the next hop IP (not your interface IP) which shouldn't change often.
    An expert is a man who has made all the mistakes which can be made.
  • thefear78thefear78 Member Posts: 30 ■■□□□□□□□□
    tried setting a default route to e0/1

    reloaded router
    diabled pc interface
    turned off router

    tried again

    still can't ping external decimal ip address
    still can't ping website addresses

    tried plugging my modem directly into pc and it works great


    what gives?
  • eleguaelegua Member Posts: 282
    thefear78 wrote:
    tried setting a default route to e0/1

    reloaded router
    diabled pc interface
    turned off router

    tried again

    still can't ping external decimal ip address
    still can't ping website addresses

    tried plugging my modem directly into pc and it works great


    what gives?

    Hi thefear78,

    Try doing this:

    Change this:
    ip nat inside source list 102 interface Ethernet0/1 overload 
    ! 
    access-list 102 permit ip 192.168.1.0 0.0.0.255 any
    

    For this:
    ip nat inside source list 1 interface Ethernet0/1 overload 
    ! 
    access-list 1 permit 192.168.1.0 0.0.0.255
    

    Also try this defaul route:
    ip route 0.0.0.0 0.0.0.0 fastethernet0/1
    

    Hope this Help. icon_wink.gificon_wink.gif
  • thefear78thefear78 Member Posts: 30 ■■□□□□□□□□
    Tried changing to a standard access-list and still nothing. I do not need an access-list applied to to e0/0 using

    access-group 1 out

    ?

    Any other ideas? I was able to connect before. This is making me wanna rip my hair out after two days but it has to be something simple!
  • mikej412mikej412 Member Posts: 10,086 ■■■■■■■■■■
    thefear78 wrote:
    Any other ideas? I was able to connect before.
    It worked, you upgraded IOS, and now it doesn't work -- did anything else change?

    Have you power-cycled you DSL/Cable Modem?

    If you put the original IOS and configuration back -- does it work again? That would rule out a buggy IOS.

    Have you mentioned what you're connecting to? DSL or Cable? What IP do you expect to get on your router's external interface -- an RFC 1918 address from a DSL modem doing its own authentication and NAT? Or a public IP address from your ISP from a bridged DSL modem or Cable Modem?

    What IP address are you getting on the router's external interface?

    From the router, can you ping your ISP's gateway? If you can ping the ISP gateway from the router, can you ping anything else out on the internet by the numeric IP address?

    What does the router's routing table show?
    :mike: Cisco Certifications -- Collect the Entire Set!
  • eleguaelegua Member Posts: 282
    thefear78 wrote:
    I do not need an access-list applied to to e0/0 using access-group 1 out

    Did i say that to you ?.
  • thefear78thefear78 Member Posts: 30 ■■□□□□□□□□
    And I did not apply it, I'm just trying to figure out what the heck it could be.

    When I do a "show int e0/1" it is being assigned a public ip of 24.108.XXX.XXX

    Yet when I try to ping that from another connected network it just times out. I also can't ping that address from inside the LAN.

    I have a couple different 12.2 IOS's on my TFTP server. Maybe I re-downloaded one that wasn't the original one I had. I understand some of the early releases were buggy on this.

    I will try a different 12.2 IOS and try reconfig the standard access-list and post back later....
  • dtlokeedtlokee Member Posts: 2,378 ■■■■□□□□□□
    DO NOT put a default route point to the FastEthernet0/1 interface, that will rely on the ISP providing proxy-ar service for it to work. The default route should be learned via DHCP or if not you can try the "ip route 0.0.0.0 0.0.0.0 dhcp" command, I'm not sure what IOS this was added.
    The only easy day was yesterday!
  • t49t49 Member Posts: 34 ■■□□□□□□□□
    interface Ethernet0/0
    ip address 192.168.1.1 255.255.255.0
    no ip proxy-arp
    ip nat inside
    half-duplex
    no cdp enable
    !
    interface Ethernet0/1
    ip address dhcp
    ip nat outside
    half-duplex
    no cdp enable


    Could the problem be your in half-duplex mode? Noob question dnt rag on me too much
  • thefear78thefear78 Member Posts: 30 ■■□□□□□□□□
    Okay, since removing the default route to Ethernet0/1 and reload & reboot modem I can now ping ip addresses and domain names outside my network!

    But my firefox will still not bring up a site? I'm assuming on the XP host section the default gateway should be set to my router's e0/0 (192.168.1.1) and it will perform the DNS lookup from there? Or I have to manually enter my primary and secondary DNS from the XP machine?

    Tried both ways.. disabled and enabled XP interface, neither worked.


    Thanks for all the help peoples, this slugging through it is teaching me a way that no sim could provide!
  • thefear78thefear78 Member Posts: 30 ■■□□□□□□□□
    I had the wrong DNS servers configured.

    Thanks all for the help, I understand alot more than I did before!
  • dtlokeedtlokee Member Posts: 2,378 ■■■■□□□□□□
    Did you create a DHCP pool for the inside hosts or are you assinging static addresses?

    You can create a DHCP pool that will assign the DNS server from the provider to your inside clients.

    ip dhcp pool LOCAL_POOL
    network 192.168.1.0 /24
    default-router 192.168.1.1
    import all

    ip dhcp excluded-address 192.168.1.1 192.168.1.99
    The only easy day was yesterday!
Sign In or Register to comment.