Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Cisco 1811 initial config

Status
Not open for further replies.

overmodulation

Programmer
Oct 16, 2007
48
US
Hi all,

I'm a cisco noob. I just got a cisco 1811 router and have been pulling my hair out trying to configure it.

I want to have 2 WANS and 1 VLAN. I set up a dhcp server and it works fine but I cannot get out to the internet. I've done all I can think of.

Please have a look at my running-config and let me know what I'm doing wrong.

Thanks so much in advance...

Current configuration : 3651 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ohmg1811
!
boot-start-marker
boot-end-marker
!
no logging buffered
enable password xxxxxxx
!
no aaa new-model
!
resource policy
!
!
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.1 192.168.1.150
ip dhcp excluded-address 192.168.1.251 192.168.1.254
!
ip dhcp pool pool1
import all
network 192.168.1.0 255.255.255.0
domain-name OnHoldMedia0.com
dns-server 192.168.1.11 4.2.2.1
default-router 192.168.1.1
!
!
no ip domain lookup
ip domain name OnHoldMedia0.com
ip name-server 192.168.1.11
ip name-server 4.2.2.2
ip ddns update method sdm_ddns1
DDNS both
!
!
!
crypto pki trustpoint TP-self-signed-3410901997
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3410901997
revocation-check none
rsakeypair TP-self-signed-3410901997
!
!
crypto pki certificate chain TP-self-signed-3410901997
certificate self-signed 01
30820251 308201BA A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33343130 39303139 3937301E 170D3037 31303136 32313034
31365A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 34313039
30313939 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100B9E4 4A1370D4 FC0B195C 1E13622C B3AD28AE 3E842AF1 9194E11A D3D0A84F
67878EF6 6AEA6929 A755D992 4C004193 4094BD6E F933BF1D CD8F76D8 6F4D4ACE
059FA2C9 240BEA01 4C9D1151 E5C97E3E 9371AA68 A551591A 19F59807 30C2EABA
8CBDBFB9 9DF6AD90 55A59B61 7A66C5B1 5EB34DAE 48214DD2 EB95D8B7 0CC4139F
36FD0203 010001A3 79307730 0F060355 1D130101 FF040530 030101FF 30240603
551D1104 1D301B82 196F686D 67313831 312E4F6E 486F6C64 4D656469 61302E63
6F6D301F 0603551D 23041830 16801429 67373FBA D6B1C01B 5FAA2FD1 6D3E48F1
EE7E2030 1D060355 1D0E0416 04142967 373FBAD6 B1C01B5F AA2FD16D 3E48F1EE
7E20300D 06092A86 4886F70D 01010405 00038181 0068596D 54C21C64 AB9EF8CC
4B825BF3 266476E5 A7FBC51F 6BECAF38 14539A40 3905DE82 08FB5956 350D4B22
808C72E8 EA2D6B10 72B65186 63C66D99 3D313982 CBB9CF73 A94ED8D8 58F9909D
81C78E90 E32EAF41 86C05168 B71C3A47 239E549A 862CDA37 35444FC8 04D4DC83
AE2D87D6 AA9AA28A 6B18781D 3575D9FB AE9969F6 F4
quit
!
!
!
!
!
!
interface FastEthernet0
description DSL 2 (71.97.118.99)$ETH-WAN$
ip address 71.97.118.99 255.255.255.0
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet1
description DSL 1 (66.12.110.62)$ETH-WAN$
ip address 66.12.110.62 255.255.255.248
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
!
interface FastEthernet9
!
interface Vlan1
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface Async1
no ip address
encapsulation slip
!
!
!
ip http server
ip http secure-server
ip nat outside source static tcp 71.97.118.99 80 192.168.1.8 80 extendable
ip nat outside source static tcp 71.97.118.99 119 192.168.1.8 119 extendable
ip nat outside source static tcp 71.97.118.99 1433 192.168.1.11 1433 extendable
ip nat outside source static tcp 71.97.118.99 65531 192.168.1.8 65531 extendable

!
!
!
!
!
!
!
control-plane
!
!
line con 0
line 1
line aux 0
line vty 0 4
!
!
webvpn context Default_context
ssl authenticate verify all
!
no inservice
!
end
 
What changes did you make to get the internet working?

I have a very similar setup.
 
I would imagine it was something like...

router>en
router#conf t
router(config)#access-list 10 permit 192.168.1.0 0.0.0.255
router(config)#ip nat inside source list 10 int fa0 overload
router(config)#ip nat inside source list 10 int fa1 overload
router(config)#exi
router#wr

Burt
 
I did something very similar to what Burtsbees said. I also needed to allow some ports inbound access, especially access to my MSSQL Server from one computer on the internet in particular. Access list1 is the dynamic NAT translation for users inside to access the internet. Access list101 is the one preventing computers other than yy.yy.yy.yy to access my MSSQL Server.

Code:
ip nat inside source list1 interface fa0 overload
ip nat inside source static tcp 192.168.1.11 1433 xx.xx.xx.xx 1433 extendable
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 101 permit tcp host yy.yy.yy.yy any eq 1400
access-list 101 deny tcp any any eq 1433
access-list 101 permit ip any any

 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top