Hi
I have a Cisco 877 DSL router.
I need to do the following:
Have two VLan's, VLan1 and Vlan2.
Vlan1 will have to assign Static ip's from My ISP (62.169.xxx.xxx - 62.169.xxx.xxx) to FE0 and FE1 (for a couple of servers i have)
Vlan2 will have to assign private ip's (10.10.10.1 - 10.10.10.20) for the computers inside the network.
Both Vlan's need to have access to the Internet and both Vlans need to access each other.
I am attaching the running config.The problem that i have is that computers on Vlan2(private Ip's) can't access the internet.
Can you please tell me what i am doing wrong?
----------------------------------------------------------------------------
!version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname yourname
!
boot-start-marker
boot-end-marker
!
logging buffered 52000
!
no aaa new-model
clock timezone PCTime 2
clock summer-time PCTime date Mar 30 2003 3:00 Oct 26 2003 4:00
!
crypto pki trustpoint TP-self-signed-126912509
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-126912509
revocation-check none
rsakeypair TP-self-signed-126912509
!
!
crypto pki certificate chain TP-self-signed-126912509
certificate self-signed 01
3082024D 308201B6 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31323639 31323530 39301E17 0D303830 37313431 32343630
345A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3132 36393132
35303930 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
E2343C68 8289BFA8 33571B75 229406ED D70D4200 B7D71DF3 BA9276FD 167552E5
D84BC35C 689E842A 883C48DE 209CC42D C6C5C7C9 38594D15 A294CE6A 3F406A25
FC3840DC ED305F25 3EF0519D 15737BBB 5A544083 26FC51C6 F2C70BD7 F64F9721
A932CF42 575DACA1 C61678B4 061382E8 4475F67E 68B4863A 0F9FF6B2 19AAFE39
02030100 01A37730 75300F06 03551D13 0101FF04 05300301 01FF3022 0603551D
11041B30 19821779 6F75726E 616D652E 796F7572 646F6D61 696E2E63 6F6D301F
0603551D 23041830 168014AB 27E88AD3 868CE4FE D5F0F332 4B64E843 CBF88D30
1D060355 1D0E0416 0414AB27 E88AD386 8CE4FED5 F0F3324B 64E843CB F88D300D
06092A86 4886F70D 01010405 00038181 005B23A5 FCEA7418 35FAD399 6DE1F593
4AEC02D9 9042614F 0DCFECC6 9578590D 0F514B20 4E49C658 18F76B33 3D2C84E5
96F44779 39F267D9 CE062A3D 7D23A3D7 6A33129F 926F00B1 68D406FE 714893FD
9CAD4E5B F435657E D9D0A808 DEFF3F4C 04B20BEA 70A01D9B B034F1D2 A171D59B
C2A99B2C CDD1E4EF BC6722C8 98E47219 0E
quit
!
!
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 62.xxx.xxx.30
!
ip dhcp pool sdm-pool
import all
network 10.10.10.0 255.255.255.248
default-router 10.10.10.1
lease 0 2
!
ip dhcp pool 62.xxx.xxx.30
import all
network 62.xxx.xxx.24 255.255.255.248
dns-server 62.xxx.xxx.17 62.xxx.xxx.18
default-router 62.xxx.xxx.30
!
!
ip cef
no ip domain lookup
ip domain name yourdomain.com
!
no ipv6 cef
multilink bundle-name authenticated
!
!
username xxxxxxxxxxx privilege 15 secret 5 $1$uJXh$7ufxLBDSglTliHlYF3UP2.
archive
log config
hidekeys
!
!
!
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
pvc 8/35
pppoe-client dial-pool-number 1
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
switchport trunk native vlan 2
!
interface FastEthernet3
switchport access vlan 2
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 62.xxx.xxx.30 255.255.255.248
ip virtual-reassembly
ip tcp adjust-mss 1412
!
interface Vlan2
ip address 10.10.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface Dialer0
ip address negotiated
ip mtu 1452
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname andonisvoug@tellas.gr
ppp chap password 0 A!g117773
ppp pap sent-username xxxxxxxxxxxxxxxx
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0
!
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
!
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 10.10.10.0 0.0.0.7
dialer-list 1 protocol ip permit
snmp-server community public RW
no cdp run
!
!
!
!
control-plane
!
banner login ^C
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device.
This feature requires the one-time use of the username "cisco"
with the password "cisco". The default username and password have a privilege level of 15.
Please change these publicly known initial credentials using SDM or the IOS CLI.
Here are the Cisco IOS commands.
username <myuser> privilege 15 secret 0 <mypassword>
no username cisco
Replace <myuser> and <mypassword> with the username and password you want to use.
For more information about SDM please follow the instructions in the QUICK START
GUIDE for your router or go to -----------------------------------------------------------------------
^C
!
line con 0
login local
no modem enable
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
!
webvpn cef
end
I have a Cisco 877 DSL router.
I need to do the following:
Have two VLan's, VLan1 and Vlan2.
Vlan1 will have to assign Static ip's from My ISP (62.169.xxx.xxx - 62.169.xxx.xxx) to FE0 and FE1 (for a couple of servers i have)
Vlan2 will have to assign private ip's (10.10.10.1 - 10.10.10.20) for the computers inside the network.
Both Vlan's need to have access to the Internet and both Vlans need to access each other.
I am attaching the running config.The problem that i have is that computers on Vlan2(private Ip's) can't access the internet.
Can you please tell me what i am doing wrong?
----------------------------------------------------------------------------
!version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname yourname
!
boot-start-marker
boot-end-marker
!
logging buffered 52000
!
no aaa new-model
clock timezone PCTime 2
clock summer-time PCTime date Mar 30 2003 3:00 Oct 26 2003 4:00
!
crypto pki trustpoint TP-self-signed-126912509
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-126912509
revocation-check none
rsakeypair TP-self-signed-126912509
!
!
crypto pki certificate chain TP-self-signed-126912509
certificate self-signed 01
3082024D 308201B6 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31323639 31323530 39301E17 0D303830 37313431 32343630
345A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3132 36393132
35303930 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
E2343C68 8289BFA8 33571B75 229406ED D70D4200 B7D71DF3 BA9276FD 167552E5
D84BC35C 689E842A 883C48DE 209CC42D C6C5C7C9 38594D15 A294CE6A 3F406A25
FC3840DC ED305F25 3EF0519D 15737BBB 5A544083 26FC51C6 F2C70BD7 F64F9721
A932CF42 575DACA1 C61678B4 061382E8 4475F67E 68B4863A 0F9FF6B2 19AAFE39
02030100 01A37730 75300F06 03551D13 0101FF04 05300301 01FF3022 0603551D
11041B30 19821779 6F75726E 616D652E 796F7572 646F6D61 696E2E63 6F6D301F
0603551D 23041830 168014AB 27E88AD3 868CE4FE D5F0F332 4B64E843 CBF88D30
1D060355 1D0E0416 0414AB27 E88AD386 8CE4FED5 F0F3324B 64E843CB F88D300D
06092A86 4886F70D 01010405 00038181 005B23A5 FCEA7418 35FAD399 6DE1F593
4AEC02D9 9042614F 0DCFECC6 9578590D 0F514B20 4E49C658 18F76B33 3D2C84E5
96F44779 39F267D9 CE062A3D 7D23A3D7 6A33129F 926F00B1 68D406FE 714893FD
9CAD4E5B F435657E D9D0A808 DEFF3F4C 04B20BEA 70A01D9B B034F1D2 A171D59B
C2A99B2C CDD1E4EF BC6722C8 98E47219 0E
quit
!
!
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 62.xxx.xxx.30
!
ip dhcp pool sdm-pool
import all
network 10.10.10.0 255.255.255.248
default-router 10.10.10.1
lease 0 2
!
ip dhcp pool 62.xxx.xxx.30
import all
network 62.xxx.xxx.24 255.255.255.248
dns-server 62.xxx.xxx.17 62.xxx.xxx.18
default-router 62.xxx.xxx.30
!
!
ip cef
no ip domain lookup
ip domain name yourdomain.com
!
no ipv6 cef
multilink bundle-name authenticated
!
!
username xxxxxxxxxxx privilege 15 secret 5 $1$uJXh$7ufxLBDSglTliHlYF3UP2.
archive
log config
hidekeys
!
!
!
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
pvc 8/35
pppoe-client dial-pool-number 1
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
switchport trunk native vlan 2
!
interface FastEthernet3
switchport access vlan 2
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 62.xxx.xxx.30 255.255.255.248
ip virtual-reassembly
ip tcp adjust-mss 1412
!
interface Vlan2
ip address 10.10.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface Dialer0
ip address negotiated
ip mtu 1452
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname andonisvoug@tellas.gr
ppp chap password 0 A!g117773
ppp pap sent-username xxxxxxxxxxxxxxxx
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0
!
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
!
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 10.10.10.0 0.0.0.7
dialer-list 1 protocol ip permit
snmp-server community public RW
no cdp run
!
!
!
!
control-plane
!
banner login ^C
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device.
This feature requires the one-time use of the username "cisco"
with the password "cisco". The default username and password have a privilege level of 15.
Please change these publicly known initial credentials using SDM or the IOS CLI.
Here are the Cisco IOS commands.
username <myuser> privilege 15 secret 0 <mypassword>
no username cisco
Replace <myuser> and <mypassword> with the username and password you want to use.
For more information about SDM please follow the instructions in the QUICK START
GUIDE for your router or go to -----------------------------------------------------------------------
^C
!
line con 0
login local
no modem enable
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
!
webvpn cef
end