1811 - Exiting Interface Error

[crocks]

I have a Cisco 1811 Router.
Recently, we got a new Internet service provider (Cable) with Static IPs

They provided us with the following information.

IP Addresses: 208.124.xxx.74 to 208.124.xxx.78
Subnet: 255.255.255.248
DNS: 24.153.23.114
Gateway: 208.124.xxx.73

Lan is 192.168.1.0

They have installed a SMC Modem Gateway (Model 8013WG)

I have configured FE1 to 208.124.xxx.74
Every time I test the Connection I get an error on Checking Exit Interface, when I get the following Error:
To test connectivity, SDM tries to ping the configured DNS servers. However, there is no configured route to any of the DNS server through the selected interface.

Below is my router's Config.

!This is the running config of the router: 192.168.1.1
!----------------------------------------------------------------------------
!version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname IBCL1811
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200 debugging
logging console critical
enable secret 5 $1$tFF3$/Y0/.N9psPOoDrSdVoyTx1
enable password 7 051C091D3544
!
aaa new-model
!
!
aaa authentication login local_authen local
aaa authorization exec local_author local
!
aaa session-id common
!
resource policy
!
no ip source-route
no ip routing
!
!
no ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.1 192.168.1.99
ip dhcp excluded-address 192.168.1.201 192.168.1.254
!
ip dhcp pool IBCL
import all
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 192.168.1.25
!
!
ip tcp synwait-time 10
no ip bootp server
ip name-server 192.168.1.25
ip name-server 207.164.234.193
ip ssh time-out 60
ip ssh authentication-retries 2
ip inspect log drop-pkt
ip inspect name SDM_MEDIUM appfw SDM_MEDIUM
ip inspect name SDM_MEDIUM cuseeme
ip inspect name SDM_MEDIUM dns
ip inspect name SDM_MEDIUM ftp
ip inspect name SDM_MEDIUM h323
ip inspect name SDM_MEDIUM https
ip inspect name SDM_MEDIUM icmp
ip inspect name SDM_MEDIUM imap reset
ip inspect name SDM_MEDIUM pop3 reset
ip inspect name SDM_MEDIUM netshow
ip inspect name SDM_MEDIUM rcmd
ip inspect name SDM_MEDIUM realaudio
ip inspect name SDM_MEDIUM rtsp
ip inspect name SDM_MEDIUM esmtp
ip inspect name SDM_MEDIUM sqlnet
ip inspect name SDM_MEDIUM streamworks
ip inspect name SDM_MEDIUM tftp
ip inspect name SDM_MEDIUM tcp
ip inspect name SDM_MEDIUM udp
ip inspect name SDM_MEDIUM vdolive
ip ddns update method sdm_ddns1
DDNS both
!
!
appfw policy-name SDM_MEDIUM
application im aol
service default action allow alarm
service text-chat action allow alarm
server permit name login.oscar.aol.com
server permit name toc.oscar.aol.com
server permit name oam-d09a.blue.aol.com
audit-trail on
application im msn
service default action allow alarm
service text-chat action allow alarm
server permit name messenger.hotmail.com
server permit name gateway.messenger.hotmail.com
server permit name webmessenger.msn.com
audit-trail on
application http
strict-http action allow alarm
port-misuse im action reset alarm
port-misuse p2p action reset alarm
port-misuse tunneling action allow alarm
application im yahoo
service default action allow alarm
service text-chat action allow alarm
server permit name scs.msg.yahoo.com
server permit name scsa.msg.yahoo.com
server permit name scsb.msg.yahoo.com
server permit name scsc.msg.yahoo.com
server permit name scsd.msg.yahoo.com
server permit name cs16.msg.dcn.yahoo.com
server permit name cs19.msg.dcn.yahoo.com
server permit name cs42.msg.dcn.yahoo.com
server permit name cs53.msg.dcn.yahoo.com
server permit name cs54.msg.dcn.yahoo.com
server permit name ads1.vip.scd.yahoo.com
server permit name radio1.launch.vip.dal.yahoo.com
server permit name in1.msg.vip.re2.yahoo.com
server permit name data1.my.vip.sc5.yahoo.com
server permit name address1.pim.vip.mud.yahoo.com
server permit name edit.messenger.yahoo.com
server permit name messenger.yahoo.com
server permit name http.pager.yahoo.com
server permit name privacy.yahoo.com
server permit name csa.yahoo.com
server permit name csb.yahoo.com
server permit name csc.yahoo.com
audit-trail on
!
!
crypto pki trustpoint TP-self-signed-3156700699
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3156700699
revocation-check none
rsakeypair TP-self-signed-3156700699
!
!
crypto pki certificate chain TP-self-signed-3156700699
certificate self-signed 01
30820240 308201A9 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33313536 37303036 3939301E 170D3038 30313033 30313137
31335A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 31353637
30303639 3930819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100BE6C E7185E34 9800E3B5 C1BD63DD 7D6B2BD3 06E1F929 8A553877 95325835
159F37D9 2DD64238 89E51CD6 3ECC02C0 57625FBB 863EDEDA 0FACB3B2 D89F6D10
F66E61BC CE7379E9 6664095D B0ACDB54 E0163BF2 168F91D6 3B5E3BBD 5A200885
E8D72A44 ECBC67D9 99099269 4BA2C10E D210BCE0 657C66DE 0B6CC75E 128F9542
F7F70203 010001A3 68306630 0F060355 1D130101 FF040530 030101FF 30130603
551D1104 0C300A82 08494243 4C313831 31301F06 03551D23 04183016 8014597A
63367734 E51A4CE2 6A777C50 88AACCF8 243C301D 0603551D 0E041604 14597A63
367734E5 1A4CE26A 777C5088 AACCF824 3C300D06 092A8648 86F70D01 01040500
03818100 3440112C FEDE7B2B EF3B0E53 491E81E7 F40967C9 3F8AA6FA B5BB530C
109AA462 44EB24C2 16AC3A51 AE5CE6F7 B631B3EB D23DBDDE 9EC7E9CB 513657C6
AFFAA18D DC21F274 A47B3546 F3000F6F EA3A4DCB 1830CA42 632CA052 1D437638
782F5AE5 CD3AFEA3 EF0D05F9 8A64DD18 4A0EF3E1 6FA78CAF 73C24159 2400F38B B30E71B9
quit
username ibcl privilege 15 secret 5 $1$tFF3$/Y0/.N9psPOoDrSdVoyTx1
!
!
!
!
!
!
interface Null0
no ip unreachables
!
interface FastEthernet0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
no ip route-cache
duplex auto
speed auto
!
interface FastEthernet1
description Rogers$FW_OUTSIDE$$ETH-WAN$
ip address 208.124.xxx.78 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip flow egress
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
switchport mode trunk
!
interface FastEthernet8
!
interface FastEthernet9
!
interface Vlan1
description $FW_INSIDE$
ip address 192.168.1.1 255.255.255.0
ip access-group 100 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
no ip route-cache
!
interface Async1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
encapsulation slip
no ip route-cache
!
ip route 0.0.0.0 0.0.0.0 208.124.xxx.73
!
!
ip http server
ip http access-class 2
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface FastEthernet1 overload
!
logging trap debugging
logging 192.168.1.25
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 2 remark HTTP Access-class list
access-list 2 remark SDM_ACL Category=1
access-list 2 permit 192.168.1.0 0.0.0.255
access-list 2 deny any
access-list 3 remark SDM_ACL Category=2
access-list 3 permit 192.168.1.0 0.0.0.255
access-list 4 remark SDM_ACL Category=2
access-list 4 permit 192.168.1.0 0.0.0.255
access-list 100 remark auto generated by SDM firewall configuration
access-list 100 remark SDM_ACL Category=1
access-list 100 deny ip 208.174.xxx.72 0.0.0.7 any
access-list 100 deny ip host 255.255.255.255 any
access-list 100 deny ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 101 remark auto generated by SDM firewall configuration
access-list 101 remark SDM_ACL Category=1
access-list 101 deny ip 192.168.1.0 0.0.0.255 any
access-list 101 permit icmp any host 208.174.xxx.74 echo-reply
access-list 101 permit icmp any host 208.174.xxx.74 time-exceeded
access-list 101 permit icmp any host 208.174.xxx.74 unreachable
access-list 101 deny ip 10.0.0.0 0.255.255.255 any
access-list 101 deny ip 172.16.0.0 0.15.255.255 any
access-list 101 deny ip 192.168.0.0 0.0.255.255 any
access-list 101 deny ip 127.0.0.0 0.255.255.255 any
access-list 101 deny ip host 255.255.255.255 any
access-list 101 deny ip host 0.0.0.0 any
access-list 101 deny ip any any log
access-list 102 remark VTY Access-class list
access-list 102 remark SDM_ACL Category=1
access-list 102 permit ip 192.168.1.0 0.0.0.255 any
access-list 102 deny ip any any
no cdp run
!
!
!
!
!
!
control-plane
!
banner login ^CRestricted Access Only^C
!
line con 0
login authentication local_authen
transport output telnet
line 1
modem InOut
stopbits 1
speed 115200
flowcontrol hardware
line aux 0
login authentication local_authen
transport output telnet
line vty 0 4
access-class 102 in
password 7 0505091D35444B1B17
authorization exec local_author
login authentication local_authen
transport input telnet ssh
!
scheduler allocate 4000 1000
scheduler interval 500
!
webvpn context Default_context
ssl authenticate verify all
!
no inservice
!
end

 

[plshlpme]

is your fa0/0 UP/UP ?
do a sho arp
do you see the IP address of your isp gateway? (208.124.xxx.73)

 

[burtsbees]

router>en
router#conf t
router(config)#ip name-server 24.153.23.114

Burt

 

[crocks]

Ok, I have added 24.153.23.114 to name-server and no such luck.

I am to ping the ISP Gateway 208.124.xxx.73 but I cannot ping the name server 24.153.23.114

I tried hooking up a laptop directly to the modem and configured the pc with 208.124.xxx.78 Sub 255.255.255.248 and Gateway as 208.124.xxx.73 and set the DNS to 24.153.23.114

Internet works fine.

When I do SHO ARP I get the following:
IBCL1811#sho arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 192.168.1.102 43 0017.a4dd.9e43 ARPA Vlan1
Internet 207.164.234.193 0 Incomplete ARPA
Internet 208.124.186.74 - 001b.d4ed.42a9 ARPA FastEthernet1
Internet 208.124.186.73 2 0013.f736.07b8 ARPA FastEthernet1
Internet 192.168.1.1 - 001b.d4ed.42a8 ARPA Vlan1
Internet 192.168.1.3 52 001c.1020.58f6 ARPA Vlan1
Internet 192.168.1.25 15 0014.5e91.77a4 ARPA Vlan1
Internet 24.153.23.114 0 Incomplete ARPA
IBCL1811#

Any Suggestions????

 

[crocks]

Found the problem, ip routing was turned off.

I didn't see until I read another post about having problems pinging.

The config file had:
no ip routing

Once I enabled ip routing it worked a charm.

Thanks Everyone for your Input.