Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Can't configure my 891w to the Internet 3

Status
Not open for further replies.

robbber

Technical User
May 23, 2010
17
US
I had a Linksys Wireless router and I bought this 891w to replace it, for home use. I have a DSL modem. So, i am coming off the modem into fe8 on the router. I just cant seem to get an IP from my ISP. I have no problem getting an IP if I connect the modem up directly to one of my PC's. DHCP is working fine from the router. Any help is appreciated. Here is my config:
rocket#sh run
Building configuration...

Current configuration : 6632 bytes
!
! Last configuration change at 21:33:09 PCTime Sun May 23 2010 by xxxxxxxx
! NVRAM config last updated at 21:31:14 PCTime Sun May 23 2010 by xxxxxxxxx
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname rocket
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging message-counter syslog
logging buffered 51200
logging console critical
enable secret 5 $1$lRUk$D5nwFFnEH0sTYkVIWj6Dm0
!
no aaa new-model
clock timezone PCTime -8
clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
service-module wlan-ap 0 bootimage autonomous
!
crypto pki trustpoint TP-self-signed-3784225931
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3784225931
revocation-check none
rsakeypair TP-self-signed-3784225931
!
!
crypto pki certificate chain TP-self-signed-3784225931
certificate self-signed 01
3082024F 308201B8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33373834 32323539 3331301E 170D3130 30353233 30313330
33385A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 37383432
32353933 3130819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100CB5E 59DC8CE6 F628FD3E DA8B4356 ECDCB2E0 14B87CD1 20D6BA2E 9EA8E42B
652CCDDD 5FEDD73B C722AFCE DA81F184 C9865484 9E596ED5 0581C60A BBBB6FE8
7B68707C 2D1E8F97 B9F5E950 EFBC9775 95D020BF 8C2B713F C995C107 5733822F
464ECC34 A514649D EDC07F75 CA465F32 72476B98 7FB3D07C 4D2F283C AEBE4710
3C030203 010001A3 77307530 0F060355 1D130101 FF040530 030101FF 30220603
551D1104 1B301982 17796F75 726E616D 652E796F 7572646F 6D61696E 2E636F6D
301F0603 551D2304 18301680 14EFF44E 0C27BFF2 07D13636 D757E9F7 AF8F599A
D2301D06 03551D0E 04160414 EFF44E0C 27BFF207 D13636D7 57E9F7AF 8F599AD2
300D0609 2A864886 F70D0101 04050003 81810014 D98FD6EC A6F9997E F1982FF9
CB664EB6 7A1DDF4B 3782123E 52FF03ED 4AF9D47C 0EED5156 A9AFDECB 7B6F0FBD
26EE6FFF 25687C10 E86D5D41 42186ECE 1D7EA365 3C7FB44D 37FD0002 AFB5C5EF
460B813F 1C5A6826 19DF1340 FA7D0F40 D10785CE 31EFF394 238E30C4 714CBEC3
04C1E0AC 1F704697 94BB6FD2 D4F47B43 B3DC84
quit
no ip source-route
!
!
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 192.168.1.20
!
ip dhcp pool ccp-pool1
import all
network 192.168.1.0 255.255.255.0
default-router 192.168.1.20
!
!
ip cef
no ip bootp server
no ip domain lookup
no ipv6 cef
!
!
multilink bundle-name authenticated
!
!
username xxxxxxx privilege 15 secret 5 $1$eyQM$iFp3mJzel9CYQeX.gdz8M.
!
!
!
archive
log config
hidekeys
!
!
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
!
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
description Outside World$ETH-WAN$
ip address dhcp
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
!
interface GigabitEthernet0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
duplex auto
speed auto
!
interface wlan-ap0
description Service module interface to manage the embedded AP
ip unnumbered Vlan1
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
arp timeout 0
!
interface Wlan-GigabitEthernet0
description Internal switch interface connecting to the embedded AP
!
interface Vlan1
description Internal LAN
ip address 192.168.1.20 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1412
!
interface Async1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
encapsulation slip
!
interface Dialer0
ip address dhcp client-id FastEthernet8
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1492
ip flow ingress
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname xxxxxxxxxx@sbcglobal.net
ppp chap password 7 153E5A1F05082A2631
ppp pap sent-username xxxxxxxx@sbcglobal.net password 7 153E5A1F05082A2631
!
ip forward-protocol nd
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
ip nat inside source list 1 interface FastEthernet8 overload
!
logging trap debugging
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 10.10.10.0 0.0.0.255
dialer-list 1 protocol ip permit
no cdp run

!
!
!
!
!
!
!
control-plane
!
banner exec ^C
% Password expiration warning.
-----------------------------------------------------------------------

Cisco Configuration Professional (Cisco CP) is installed on this device
and it provides the default username "cisco" for one-time use. If you have
already used the username "cisco" to login to the router and your IOS image
supports the "one-time" user option, then this username has already expired.
You will not be able to login to the router with this username after you exit
this session.

It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.

username <myuser> privilege 15 secret 0 <mypassword>

Replace <myuser> and <mypassword> with the username and password you want to
use.

-----------------------------------------------------------------------
^C
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
login local
transport output telnet
line 1
modem InOut
stopbits 1
speed 115200
flowcontrol hardware
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin udptn ssh
line aux 0
login local
transport output telnet
line vty 0 4
privilege level 15
login local
transport input telnet ssh
line vty 5 15
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end
 
yea, I know better. thanks. will clean it up tonight.
 
ok I got my pw changed and the last 2 lines in you suggested

ip nat inside source list 1 interface dialer0 overload
access-list 1 permit 192.168.1.0 0.0.0.255

I noticed I could ping the dns server the isp uses from both pc's I am trying to get on the Internet,

68.94.156.1
68.94.157.1

I tried adding these 2 values in the config, didnt help.
thought maybe I was having a duplex/speed issue, but I double checked, everything is configured as auto/auto. Well here is the config once again:
Building configuration...

Current configuration : 6517 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname rocket
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging message-counter syslog
logging buffered 51200
logging console critical
enable secret 5 $1$lRUk$D5nwFFnEHxxxxxxxxx
!
no aaa new-model
clock timezone PCTime -8
clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
service-module wlan-ap 0 bootimage autonomous
!
crypto pki trustpoint TP-self-signed-3784225931
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3784225931
revocation-check none
rsakeypair TP-self-signed-3784225931
!
!
crypto pki certificate chain TP-self-signed-3784225931
certificate self-signed 01
3082023E 308201A7 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33373834 32323539 3331301E 170D3130 30353235 30343032
32315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 37383432
32353933 3130819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100CB5E 59DC8CE6 F628FD3E DA8B4356 ECDCB2E0 14B87CD1 20D6BA2E 9EA8E42B
652CCDDD 5FEDD73B C722AFCE DA81F184 C9865484 9E596ED5 0581C60A BBBB6FE8
7B68707C 2D1E8F97 B9F5E950 EFBC9775 95D020BF 8C2B713F C995C107 5733822F
464ECC34 A514649D EDC07F75 CA465F32 72476B98 7FB3D07C 4D2F283C AEBE4710
3C030203 010001A3 66306430 0F060355 1D130101 FF040530 030101FF 30110603
551D1104 0A300882 06726F63 6B657430 1F060355 1D230418 30168014 EFF44E0C
27BFF207 D13636D7 57E9F7AF 8F599AD2 301D0603 551D0E04 160414EF F44E0C27
BFF207D1 3636D757 E9F7AF8F 599AD230 0D06092A 864886F7 0D010104 05000381
81004757 172BCB7E A35FCCD0 8F7D38E1 39D8B19E 0B837CB7 AE3BBA43 AC603293
A7BD9475 D0441312 FDDD3C82 995BB0A9 30B88C47 57BDD14B 2EFCE9F6 520728F4
B9CE8D38 45069C23 6BCE4FC1 BDA1E04E A482AB0D 419F8F90 30FE8DE0 5EFBC570
D59A9890 5F57E8F7 5A6E6A2B 37ED0D23 05A1A122 8E10D85C BE075940 4564A67C E839
quit
no ip source-route
!
!
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 192.168.1.20
!
ip dhcp pool ccp-pool1
import all
network 192.168.1.0 255.255.255.0
default-router 192.168.1.20
!
!
ip cef
no ip bootp server
ip name-server 68.94.156.1
ip name-server 68.94.157.1
no ipv6 cef
!
!
multilink bundle-name authenticated
!
!
username xxxxxxxxx privilege 15 secret 5 $1$eyQM$xxxxxxxxxx
!
!
!
archive
log config
hidekeys
!
!
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
!
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
description Outside World$ETH-WAN$
ip address dhcp
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
!
interface GigabitEthernet0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
duplex auto
speed auto
!
interface wlan-ap0
description Service module interface to manage the embedded AP
ip unnumbered Vlan1
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
arp timeout 0
!
interface Wlan-GigabitEthernet0
description Internal switch interface connecting to the embedded AP
!
interface Vlan1
description Internal LAN
ip address 192.168.1.20 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
interface Async1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
encapsulation slip
!
interface Dialer0
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname xxxxxxxxx@sbcglobal.net
ppp chap password 7 0707207Cxxxxxxxxxxx
ppp pap sent-username xxxxxxx@sbcglobal.net password 7 05030xxxxxxxx
04
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
ip nat inside source list 1 interface Dialer0 overload
!
logging trap debugging
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 1 remark INSIDE_IF=VLAN1
access-list 1 remark CCP_ACL Category=2
dialer-list 1 protocol ip permit
no cdp run

!
!
!
!
!
!
!
control-plane
!
banner exec ^C
% Password expiration warning.
-----------------------------------------------------------------------

Cisco Configuration Professional (Cisco CP) is installed on this device
and it provides the default username "cisco" for one-time use. If you have
already used the username "cisco" to login to the router and your IOS image
supports the "one-time" user option, then this username has already expired.
You will not be able to login to the router with this username after you exit
this session.

It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.

username <myuser> privilege 15 secret 0 <mypassword>

Replace <myuser> and <mypassword> with the username and password you want to
use.

-----------------------------------------------------------------------
^C
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
login local
transport output telnet
line 1
modem InOut
stopbits 1
speed 115200
flowcontrol hardware
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin udptn ssh
line aux 0
login local
transport output telnet
line vty 0 4
privilege level 15
login local
transport input telnet ssh
line vty 5 15
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end
 
so from your client, issue ipconfig /all and verify that you see all of the correct information

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
I had 2 clients up, from ipconfig /all I can see they both received ip addresses in 192.168.1.0 and they can both see the default router 192.168.1.20. sorry, i cant post that config now but it looked ok to me.
 
what do they have for DNS?? you said that both clients can ping your DNS servers

can they ping 4.2.2.2??

can they navigate to
I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
The ipconfig /all doesnt show anything for dns. But the IP for interface di0 from the isp is 71.131.17.80. the dns values for the ISP are

ip name-server 68.94.156.1
ip name-server 68.94.157.1

now I could ping both of these dns from each client before I added them to my latest config. Do I need to have some other dns settings local in the router?
 
there's your problem. you need to configure dns-server values in your dhcp pool. you can either do dns-server 192.168.1.20 or dns-server 68.94.156.1 ip name-server 68.94.157.1

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Post a sh ip dhcp import

***OR***

do as your Uncle says...everyone has one of those "funny" uncles... ;)

/

tim@tim-laptop ~ $ sudo apt-get install windows
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package windows...Thank Goodness!
 
Also, I know you like the GUI, but try and live without

ip http server
and
ip http secure-server

or disable the WEB_EXEC service. Here---have a read...


Not sure what version you have, so not sure if your IOS is affected.

/

tim@tim-laptop ~ $ sudo apt-get install windows
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package windows...Thank Goodness!
 
Got a new problem now, my router quit working. great. It was working Thursday night, May 27. So I have not been able to try out any of your suggestions since then. sure hope it is still under warranty...bought it last April.
 
It shouldnt just "quit" working, Are you using a serial cable to the console port to program it?


Bill
 
no, I have a serial cable though. I have been connecting to the router with my notebook with ethernet through port 0. The router is not getting any power, none of the lights are on from the front panel. Tried everything, changed power cords, different outlet. It has a "brick" adaptor for the power, maybe that is bad. In any case, I called technical support, its under warranty. I guess they will have me send it back.
 
I was gonna say, I could guide you on fixing it.

/

tim@tim-laptop ~ $ sudo apt-get install windows
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package windows...Thank Goodness!
 
I would love to fix this myself if there is a way...I dont want to wait 2 months to send this out. Send me anything that might work.
 
But you'll destroy the warranty, and there's no guarantee it's something simple, like a fried diode, cold solder joint, open fuse, etc.

I doubt Cisco will take that long to get you an RMA. Have you talked with them? Or is the warranty with someone else?

Anyway, if you want to try yourself, do you have a meter (multi-meter, current, voltage, resistance)?

/

tim@tim-laptop ~ $ sudo apt-get install windows
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package windows...Thank Goodness!
 
yea, well maybe I will just go with the warranty. I appreciate the offer. thanks burt
 
Sho 'nuff

You seem to be somewhere in the midwest...right?

/

tim@tim-laptop ~ $ sudo apt-get install windows
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package windows...Thank Goodness!
 
Yea, I am on the west coast. I have submitted a warranty exchange. coming on a slow boat. Will apply this config to the new router and get back to you in July. handing out stars for now and will open a new thread.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top