Router 2514 setup behind Cable modem

[mlien]

Hi Everyone, I am having trouble setting up my Cisco 2514 router behind Cable modem. I use Ethernet 0 port connect to Cable modem, and Ethernet 1 connect to my switch. Serial0 connect to 2501 router. I can ping some of outside address from 2514 only. I have limited experience with Cisco router, and I am preparing for CCNA exam on the end of Jan. The following is my configuration:

Current configuration:
!
version 11.2
no service password-encryption
no service udp-small-servers
no service tcp-small-servers
!
hostname Router
!
!
ip subnet-zero
ip nat inside source list 1 interface Ethernet0 overload
ip name-server 206.75.216.***
ip name-server 206.75.216.***
!
interface Ethernet0
ip address 24.108.**.** 255.255.255.0
ip nat outside
!(CONNECT TO CABLE MODEM)
interface Ethernet1
ip address 192.168.1.65 255.255.255.240
ip nat inside
!(CONNECT TO SWITCH)
interface Serial0
ip address 192.168.1.17 255.255.255.240
ip nat inside
no fair-queue
clockrate 64000
!(CONNECT TO 2501)
interface Serial1
no ip address
shutdown
!
router rip
network 192.168.1.0
network 24.0.0.0!
ip default-gateway 24.108.33.1
ip classless
ip route 0.0.0.0 0.0.0.0 Ethernet0
access-list 1 permit 192.168.1.0 0.0.0.255
!
!
line con 0
line aux 0
line vty 0 4
login
!
end

Please help me to resolve this situation. I am really appreciate.

 

[wybnormal]

Personally I would dump everything not required for the NAT to work THEN add things to it later. Dump RIP, serial, IP subnet0 ( bad idea anyways) etc.

Dump the IP Name server.. dont need it for NAT and it only helps the router to resolve names when you are at the command line working with ping and whatnot.

Take the Code to 11.3 if you can.
!
ip nat inside source list 1 interface Ethernet0 overload; this is good
!
!
interface Ethernet0
 ip address 24.108.**.** 255.255.255.0
 ip nat outside
!(CONNECT TO CABLE MODEM); looks good.. PS.. I would the title of the port at the TOP.. not bottom
nterface Ethernet1
 ip address 192.168.1.65 255.255.255.240
 ip nat inside
!(CONNECT TO SWITCH); looks good except for the subnet??? why make life difficult right now? do you need 16 subnets right now?
!
ip default-gateway 24.108.33.1; bad idea, works against the next two lines
p classless ; good idea
ip route 0.0.0.0 0.0.0.0 Ethernet0;oops!! should point to next hop, not local interface
!
access-list 1 permit 192.168.1.0 0.0.0.255:
so you want to permit only the last octet of the IP address? 254 hosts only?

With the few changes it should be working. This very much what I have running right now myself on my DSL circuit. And yes, you can get the serial working with RIP or OSPF or whatever.. I have OSPF right working. A few other suggestions are

E0 no cdp enable
E0 no ip directed-broadcast

Enable a loopback address

Keep the clockrate on serial to 56000

Mike S

 

[wybnormal]

I need to correct myself

Where I flagged the line:

ip route 0.0.0.0 0.0.0.0 Ethernet0;oops!! should point to next hop, not local interface

Is not entirely an oops. Thinking about this later I remembered that you can in fact name in a static route, the interface the next hop should be on.. and not have to specify the exact IP. Now, in my *opinion*, I feel thats a bad idea because knowing the exact next hop can help in troubleshooting.

Now, perhaps someone who knows the subtlies here better.. I would think that if one did NOT have a 252 mask which limited the port IP range to 2 hosts, the next hop could become confusing if there were a range of IPs on the port. I have not tested this as I always give the exact IP for the next hop. Any comments from anyone else regarding this? I may try to find the time to dummy this one up and see what happens.. most interesting

With the current mask of 255.255.255.0, this means there are 253( not counting E0) possible hosts on the otherside of E0 and how does the router know which of the hosts is the next hop?

You will not always have a hard line physical connection to the next hop so it can not be that it's assumed there is only one host at the end. It could be a shared hub ( not recommended but possible) and so on.

When I first learned NAT, I had this same problem and Cisco TAC said to key in the exact IP for the next hop.

I'm ready to be educated

Mike S