Cisco 2600 router not passing http traffic.

[ryan292012]

Hi, I have a Cisco 2621 router hooked up to a Linksys RV082 Router as the gateway to my ISPs modem. In other words, ISP Modem to Linksys RV082 to Cisco 2621 Router.

I am kind of new to routing with multiple routers, so my first question is this. Is it possible to configure this Cisco router to route internet traffic behind a Linksys Small Business router. If, so then please take a look at my config below.

I can't seem to get this internet traffic to work on a laptop on the vlan 10.

Here is what I know works so far.
Laptop: I can ping from the laptop's command prompt to 172.16.1.1
Laptop: I can tracert up to 172.16.1.1 on the laptop
Laptop: I can ping the DNS and DHCP servers on VLAN 20 which is the other VLAN I have set up. This was done from the laptop

Router: I can ping google.com and traceroute to google.com from the router.

Second Laptop: I can connect second laptop to a LAN port on the Linksys and surf the net.

Thanks a ton,
Ryan
*************************************

stalrt1#sh run
Building configuration...

Current configuration : 1719 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service udp-small-servers
service tcp-small-servers
!
hostname stalrt1
!
boot-start-marker
boot-end-marker
!
no logging on
enable secret 5 $1$D2DI$w./KOJpkOC6fJ/oHGIP6Y0
!
no aaa new-model
ip subnet-zero
!
!
ip domain name XXXXXXXXXXXXX.org
ip name-server 10.115.0.16
ip name-server 10.115.0.15
!
no ip cef
!
interface FastEthernet0/0
no ip address
speed auto
full-duplex
!
interface FastEthernet0/0.10
description TEST VLan
encapsulation dot1Q 10
ip address 10.115.10.1 255.255.255.0
ip access-group 102 in
ip access-group 102 out
ip helper-address 10.115.0.20
no ip redirects
!
interface FastEthernet0/0.20
description VLAN20DHCPDNS connection
encapsulation dot1Q 20
ip address 10.115.0.1 255.255.255.0
ip access-group 53 in
ip access-group 53 out
no ip redirects
!
interface Serial0/0
no ip address
shutdown
no fair-queue
!
interface FastEthernet0/1
ip address 172.16.1.2 255.255.255.0
ip access-group 102 in
ip access-group 102 out
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
!
no ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 172.16.1.1
ip route 0.0.0.0 255.255.255.255 FastEthernet0/1
ip route 0.0.0.0 255.255.255.255 172.16.1.1
ip route 10.115.0.0 255.255.255.0 FastEthernet0/0.20
ip route 10.115.10.0 255.255.255.0 FastEthernet0/0.10
!
!
access-list 53 permit any
access-list 102 permit ip any any
access-list 102 permit tcp any any
access-list 102 permit udp any any
!
!
!
!
!
!
line con 0
exec-timeout 0 0
password XXXXXXXXXXXX
logging synchronous
line aux 0
line vty 0 4
login
!
!
end




stalrt1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

Gateway of last resort is 172.16.1.1 to network 0.0.0.0

172.16.0.0/24 is subnetted, 1 subnets
C 172.16.1.0 is directly connected, FastEthernet0/1
10.0.0.0/24 is subnetted, 2 subnets
C 10.115.10.0 is directly connected, FastEthernet0/0.10
C 10.115.0.0 is directly connected, FastEthernet0/0.20
S 0.0.0.0/32 is directly connected, FastEthernet0/1
[1/0] via 172.16.1.1
S* 0.0.0.0/0 [1/0] via 172.16.1.1


stalrt1#ping 172.16.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
stalrt1#ping 24.123.172.xxx

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 24.123.172.xxx, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms


stalrt1#traceroute google.com
Translating "google.com"...domain server (10.115.0.16) [OK]

Type escape sequence to abort.
Tracing the route to google.com (74.125.113.104)

1 172.16.1.1 0 msec 0 msec 0 msec
2 10.254.64.1 8 msec 4 msec 4 msec
3 network-024-029-002-093.cinci.rr.com (24.29.2.93) 32 msec 8 msec 8 msec
4 gig0-2.mtgmoh1-rtr3.swo.rr.com (24.29.1.33) 8 msec 8 msec 8 msec
5 tge5-1-1.tr00.clevohek.mwrtn.rr.com (65.25.128.233) 16 msec 32 msec 40 msec
6 ae10-0.cr0.dca20.tbone.rr.com (107.14.19.14) 28 msec
ae-3-0.cr0.dca20.tbone.rr.com (66.109.6.70) 48 msec
ae10-0.cr0.dca20.tbone.rr.com (107.14.19.14) 28 msec
7 107.14.19.135 28 msec 28 msec
ae-1-0.pr0.dca10.tbone.rr.com (66.109.6.165) 28 msec
8 66.109.9.66 80 msec
74.125.49.181 80 msec 80 msec
9 209.85.252.80 28 msec 28 msec
209.85.252.46 28 msec
10 209.85.243.114 48 msec 40 msec
209.85.241.222 40 msec
11 209.85.251.228 92 msec
64.233.174.117 132 msec
64.233.174.87 36 msec
12 *
216.239.47.242 44 msec 48 msec
13 google.com (74.125.113.104) 40 msec 52 msec 36 msec
stalrt1#

 

[dgrizzard]

First, you do not need to place any access-lists on your interfaces if you are allowing everything through. It doesn't hurt anything either, but just not necessary.

Connect to your linksys and make sure it has static routes saying that to get to the 10.115.0.0 or 10.115.10.0 network to go to 172.16.1.2.

Also, you can get rid of all of your static routes on this router except for:

ip route 0.0.0.0 0.0.0.0 172.16.1.1

The other ones aren't necessary as they are referring to connected interfaces which the router already knows about. If you were to do a "show ip route" you would see the other networks already listed as connected (meaning they are local interfaces).

 

[ryan292012]

Thanks for the response dgrizzard. I made some changes according to what you said. I took the ACL lists off of the interfaces and removed all the extra static routes I created, while leaving the 0.0.0.0 to 172.16.1.1

Then I checked the Linksys routing entries and made sure it had the 10.115.10.0 and 10.115.0.0 static configure to point to 172.16.1.2 (attached is the output of the Routing table for the Linksys) Good call on that. I had them set to 172.16.1.1 because the GUI said it should be the gateway of the this route, but the problem still remains after running some more tests.


While on the laptop (DHCP assigned address 10.115.10.5 Default Gateway 10.115.10.1), traceroutes are still stopping at 172.16.1.1 and times out when it gets to the line where the ISPs gateway would reply.

I tried some more additional pings from the Linkys. See below
Linksys: I can ping 172.16.1.2 from the Linksys Rv082
Linksys: I can Ping 10.115.10.1 from the Linksys RV082
Linksys: I can Ping 10.115.0.1 from the Linksys Rv082

Here is lastest show run and sh ip route of the Cisco 2621 after I made the changes. Thanks.

**************************************

stalrt1#sh run
Building configuration...

Current configuration : 1374 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service udp-small-servers
service tcp-small-servers
!
hostname stalrt1
!
boot-start-marker
boot-end-marker
!
no logging on
enable secret 5 $1$D2DI$w./KOJpkOC6fJ/oHGIP6Y0
!
no aaa new-model
ip subnet-zero
!
!
ip domain name xxxxxxx.org
ip name-server 10.115.0.16
ip name-server 10.115.0.15
!
no ip cef
!

!
interface FastEthernet0/0
no ip address
speed auto
full-duplex
!
interface FastEthernet0/0.10
description TEST VLan
encapsulation dot1Q 10
ip address 10.115.10.1 255.255.255.0
ip helper-address 10.115.0.20
no ip redirects
!
interface FastEthernet0/0.20
description TESTSTALDHCP connection
encapsulation dot1Q 20
ip address 10.115.0.1 255.255.255.0
no ip redirects
!
interface Serial0/0
no ip address
shutdown
no fair-queue
!
interface FastEthernet0/1
ip address 172.16.1.2 255.255.255.0
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
!
no ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 172.16.1.1
!
!
access-list 53 permit any
access-list 102 permit ip any any
access-list 102 permit tcp any any
access-list 102 permit udp any any
!
!
!
!
!
!
line con 0
exec-timeout 0 0
password A
logging synchronous
line aux 0
line vty 0 4
login
!
!
end



stalrt1#sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP


Gateway of last resort is 172.16.1.1 to network 0.0.0.0

172.16.0.0/24 is subnetted, 1 subnets
C 172.16.1.0 is directly connected, FastEthernet0/1
10.0.0.0/24 is subnetted, 2 subnets
C 10.115.10.0 is directly connected, FastEthernet0/0.10
C 10.115.0.0 is directly connected, FastEthernet0/0.20
S* 0.0.0.0/0 [1/0] via 172.16.1.1
stalrt1#

**************************