DSL configuration issue

[yemaya]

Hi Guys,

Guys, can you help me to see why i can't connect to internet?, i'm running NAT and DHCP in the router, here is the sh run:

R1760#sh run
Building configuration...

Current configuration : 7091 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname R1760
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 debugging
no logging console
no logging monitor
enable secret XXXXXXXXXXXXXX
!
no aaa new-model
!
resource policy
!
clock timezone EST -5
clock summer-time EST recurring 1 Sun Mar 2:00 2 Sun Nov 2:00
no ip source-route
ip cef
!
!
ip inspect audit-trail
ip inspect max-incomplete low 300
ip inspect max-incomplete high 400
ip inspect one-minute low 300
ip inspect one-minute high 400
ip inspect tcp max-incomplete host 35 block-time 5
ip inspect name FIREWALL cuseeme timeout 3600
ip inspect name FIREWALL ftp alert on audit-trail on timeout 3600
ip inspect name FIREWALL h323 timeout 3600
ip inspect name FIREWALL icmp timeout 3600
ip inspect name FIREWALL rcmd timeout 3600
ip inspect name FIREWALL realaudio timeout 3600
ip inspect name FIREWALL rtsp timeout 3600
ip inspect name FIREWALL sqlnet timeout 3600
ip inspect name FIREWALL streamworks timeout 3600
ip inspect name FIREWALL tftp timeout 30
ip inspect name FIREWALL tcp timeout 3600
ip inspect name FIREWALL udp timeout 15
ip inspect name FIREWALL vdolive timeout 3600
ip inspect name FIREWALL fragment maximum 256 timeout 1
ip inspect name FIREWALL sip timeout 3600
ip inspect name FIREWALL http java-list 2 alert on audit-trail on timeout 3600
ip inspect name FIREWALL smtp alert on audit-trail on timeout 3600
ip inspect name FIREWALL rpc program-number 1000022 alert off audit-trail on
ip tcp selective-ack
no ip dhcp use vrf connected
no ip dhcp conflict logging
ip dhcp excluded-address 192.168.1.1 192.168.1.5
ip dhcp excluded-address 192.168.2.1 192.168.2.5
ip dhcp excluded-address 192.168.3.1 192.168.3.5
ip dhcp excluded-address 192.168.4.1 192.168.4.5
ip dhcp excluded-address 192.168.5.1 192.168.5.5
!
ip dhcp pool R1760
   import all
   network 192.168.1.0 255.255.255.0
   default-router 192.168.1.1 
   dns-server 206.53.48.23 206.53.60.10 
   lease 2
   update arp
!
ip dhcp pool VLAN-10
   import all
   network 192.168.2.0 255.255.255.0
   default-router 192.168.2.1 
   dns-server 206.53.48.23 206.53.60.10 
   lease 8
   update arp
!
ip dhcp pool VLAN-20
   import all
   network 192.168.3.0 255.255.255.0
   default-router 192.168.3.1 
   dns-server 206.53.48.23 206.53.60.10 
   lease 8
   update arp
!
ip dhcp pool VLAN-30
   import all
   network 192.168.4.0 255.255.255.0
   default-router 192.168.4.1 
   dns-server 206.53.48.23 206.53.60.10 
   lease 8
   update arp
!
ip dhcp pool VLAN-40
   import all
   network 192.168.5.0 255.255.255.0
   default-router 192.168.5.1 
   dns-server 206.53.48.23 206.53.60.10 
   lease 8
   update arp
!
!
no ip bootp server
no ip domain lookup
login block-for 120 attempts 2 within 60
login delay 2
login on-failure log every 5
login on-success log every 10
!
!
interface Ethernet0/0
 no ip address
 shutdown
 half-duplex
!
interface FastEthernet0/0
 description "Private LAN"
 no ip address
 ip tcp adjust-mss 1452
 speed auto
!
interface FastEthernet0/0.1
 encapsulation dot1Q 1 native
 ip address 192.168.1.1 255.255.255.0
 ip access-group LAN in
 ip nat inside
 ip virtual-reassembly
 no snmp trap link-status
 no cdp enable
!
interface FastEthernet0/0.10
 encapsulation dot1Q 10
 ip address 192.168.2.1 255.255.255.0
 ip access-group LAN in
 ip helper-address 192.168.1.1
 ip nat inside
 ip virtual-reassembly
 no snmp trap link-status
 no cdp enable
!
interface FastEthernet0/0.20
 encapsulation dot1Q 20
 ip address 192.168.3.1 255.255.255.0
 ip access-group LAN in
 ip helper-address 192.168.1.1
 ip nat inside
 ip virtual-reassembly
 no snmp trap link-status
 no cdp enable
!
interface FastEthernet0/0.30
 encapsulation dot1Q 30
 ip address 192.168.4.1 255.255.255.0
 ip access-group LAN in
 ip helper-address 192.168.1.1
 ip nat inside
 ip virtual-reassembly
 no snmp trap link-status
 no cdp enable
!
interface FastEthernet0/0.40
 encapsulation dot1Q 40
 ip address 192.168.5.1 255.255.255.0
 ip access-group LAN in
 ip helper-address 192.168.1.1
 ip nat inside
 ip virtual-reassembly
 no snmp trap link-status
 no cdp enable
!
interface ATM1/0
 no ip address
 no atm ilmi-keepalive
 bundle-enable
 dsl operating-mode auto 
!
interface ATM1/0.1 point-to-point
 no snmp trap link-status
 pvc 0/35 
  pppoe-client dial-pool-number 1
 !
!
interface Dialer0
 ip address xx.xx.xx.225 255.255.255.248
 ip mtu 1492
 ip nat outside
 ip virtual-reassembly
 ip access-group WAN in
 ip inspect FIREWALL out
 encapsulation ppp
 dialer pool 1
 ppp authentication pap chap callin
 ppp chap hostname XXXXXXXXXXXXXX
 ppp chap password XXXXXXXXXXXXXX
 ppp pap sent-username XXXXXXXXXXXXXX password XXXXXXXXXXXXXX
!
no ip forward-protocol udp tftp
no ip forward-protocol udp time
no ip forward-protocol udp netbios-ns
no ip forward-protocol udp netbios-dgm
no ip forward-protocol udp tacacs
ip route 0.0.0.0 0.0.0.0 xx.xx.xx.224
!
!
no ip http server
no ip http secure-server
ip nat inside source list NAT interface Dialer0 overload
!
ip access-list standard NAT
 permit 192.168.1.0 0.0.0.255
 permit 192.168.2.0 0.0.0.255
 permit 192.168.3.0 0.0.0.255
 permit 192.168.4.0 0.0.0.255
 permit 192.168.5.0 0.0.0.255
!
ip access-list extended LAN
 deny   ip host 255.255.255.255 any
 deny   ip 127.0.0.0 0.255.255.255 any
 permit ip any any
ip access-list extended WAN
 deny   ip any 10.0.0.0 0.255.255.255 log-input
 deny   ip any 127.0.0.0 0.255.255.255 log-input
 deny   ip any 169.254.0.0 0.0.255.255 log-input
 deny   ip any 192.168.0.0 0.0.255.255 log-input
 deny   ip any 172.16.0.0 0.15.255.255 log-input
 deny   ip any 224.0.0.0 15.255.255.255 log-input
 deny   ip host 255.255.255.255 any log-input
 deny   ip host 0.0.0.0 any log-input
 deny   ip 192.168.1.0 0.0.0.255 any log-input
 permit udp any eq bootps any eq bootpc
 permit icmp any any net-unreachable
 permit icmp any any host-unreachable
 permit icmp any any port-unreachable
 permit icmp any any parameter-problem
 permit icmp any any packet-too-big
 permit icmp any any administratively-prohibited
 permit icmp any any source-quench
 permit icmp any any echo-reply
 permit icmp any any time-exceeded
 permit icmp any any traceroute
 deny   icmp any any log-input
 permit tcp any any eq 1723 log-input
 permit tcp any any eq 4577
 permit udp any any eq 42337
 permit gre any any
 deny   ip any any log-input
ip access-list extended WIRELESS
 deny   ip 192.168.5.0 0.0.0.255 192.168.2.0 0.0.0.255
 deny   ip 192.168.5.0 0.0.0.255 192.168.3.0 0.0.0.255
 deny   ip 192.168.5.0 0.0.0.255 192.168.4.0 0.0.0.255
 permit ip any any
!
logging trap debugging
access-list 2 remark *******JAVA_FILTERING*******
access-list 2 permit any
dialer-list 1 protocol ip permit
no cdp run
!
!
!
control-plane
!
!
line con 0
 exec-timeout 0 0
 password XXXXXXXXXXXXXX
 logging synchronous
 login
line aux 0
line vty 0 4
 exec-timeout 0 5
 password XXXXXXXXXXXXXX
 logging synchronous
 login
!
end

R1760#

Thanks in advance.

 

[yemaya]

Hi guys,

Got it, thanks.

 

[voltron1011]

Just out of curiousity, what was the conclusion??

 

[yemaya]

Hi voltron1011,

I just changed this:

interface Dialer0
 ip address xx.xx.xx.225 255.255.255.248

for this:

interface Dialer0
  ip address negotiated

Thanks for ask.