Routing issue

[achtungbaby]

Can someone please help. It appears that I am missing something and i just can't figure out what i am missing so that my pcs can talk to the outside world (internet).

Cable modem, Cisco 2800 and 3750ts switch.
Cable Modem --> g0/0(2800) --> g0/1(2800) --> g1/0/1 (3750switch)

On the gateway, i am able to ping the internet. On the switch i am not. my pcs are not able to go to the internet as well. here is the config for my gateway and the switch. Please let me know what i am missing. ip routing is turn on. thank you very much for your help.
----------------------------
2800 Gateway

ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.15.1 192.168.15.10
ip dhcp excluded-address 192.168.20.1 192.168.20.10

!
ip dhcp pool ENFIANCE_MANAGEMENT
network 192.168.15.0 255.255.255.0
default-router 192.168.10.1
dns-server X.X.X.X 192.168.15.1
!
ip dhcp pool ENFIANCE_VOICE
network 192.168.20.0 255.255.255.0
default-router 192.168.20.1
option 150 ip 192.168.20.1
dns-server X.X.X.X 192.168.15.1
!

!
ip domain lookup source-interface GigabitEthernet0/0
ip name-server X.X.X.X
ip name-server X.X.X.X

!
interface GigabitEthernet0/0
description CABLE MODEM
ip address dhcp
ip nat outside
ip virtual-reassembly
no ip route-cache cef
no ip route-cache
duplex auto
speed auto
no cdp enable
!
interface GigabitEthernet0/1
description 3750_SWITCH
no ip address
ip nat inside
ip virtual-reassembly
duplex full
speed 1000
!
interface GigabitEthernet0/1.1
encapsulation dot1Q 1 native
ip address 192.168.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
!
interface GigabitEthernet0/1.15
description Managment
encapsulation dot1Q 15
ip address 192.168.15.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface GigabitEthernet0/1.20
description Voice
encapsulation dot1Q 20
ip address 192.168.20.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0

ip http server
ip http secure-server

ip nat inside source list 101 interface GigabitEthernet0/0 overload
!
!


SWitch

no aaa new-model
clock timezone EST -5
clock summer-time UTC recurring
switch 1 provision ws-c3750-48ts
system mtu routing 1500
authentication mac-move permit
ip subnet-zero
ip routing
ip domain-lookup source-interface GigabitEthernet1/0/1
ip name-server X.X.X.X
ip name-server X.X.X.X
ip name-server 192.168.10.1
!
!
spanning-tree mode pvst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet1/0/1
description Phone
switchport access vlan 15
switchport trunk encapsulation dot1q
switchport mode access
switchport voice vlan 20
spanning-tree portfast
!
!
interface GigabitEthernet1/0/1
description 2800 Router
switchport trunk encapsulation dot1q
switchport mode trunk
speed 1000
duplex full
spanning-tree portfast
!
ip default-gateway 192.168.10.1
ip classless

 

[burtsbees]

Is the modem doing NAT?

/

tim@tim-laptop ~ $ sudo apt-get install windows
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package windows...Thank Goodness!

 

[unclerico]

1) You're really just using your switch with the layer 2 functionality and not layer 3 so remove ip routing
2) Your ENFIANCE_MANAGEMENT DHCP scope has the incorrect gateway configured
3) What is included in your ACL 101 on the router??

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)

 

[vipergg]

ip dhcp pool ENFIANCE_MANAGEMENT
network 192.168.15.0 255.255.255.0
default-router 192.168.10.1
dns-server X.X.X.X 192.168.15.1

Change gateway to 192.168.15.1 .

Also for the default static route you are better off pointing it to the far end address instead of the interface if you know what it is.

 

[burtsbees]

Not to mention as uncle alluded to

access-list 101 permit ip 192.168.0.0 0.0.255.255 any

but if you are natting on the modem, it makes no sense to double nat. If you are natting on the router and doing pppoe on the modem, then it makes sense. You can do pppoe in the router or pppoa, whatever your SP calls for.

/

tim@tim-laptop ~ $ sudo apt-get install windows
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package windows...Thank Goodness!

 

[StaplesMan]

If you are using NAT on your modem and you stop using nat on your router then you will need to add a static route on your modem 192.168.0.0 255.255.0.0 to point back to your router. You would also need to set a static IP address on your router so this static route in your modem always points back correctly. I would recommend you not NAT on your modem. And only NAT on your router as burtsbees noted above.

Here are a few reasons why you may not be able to ping from your switch...

You need to set the IP address of your switch. You would need to set this on vlan1.

int vlan 1
ip address 192.168.10.2 255.255.255.0

Agreed with unclerico you don't need the ip routing

And last I don't think this will work and is not needed:

ip domain-lookup source-interface GigabitEthernet1/0/1

Note: GigabitEthernet1/0/1 does not have an IP address but you can use vlan1 if you wish.










CCNA, A+, HP Certified Professional

 

[achtungbaby]

I decide to start with basic.
I reconfigure the router without all the subinterface. I do not think that i need them for now. Here is my new configuration now. please keep in mind that i have ip routing turn on.

ip cef
ip dhcp use vrf connected
ip dhcp excluded-address 192.168.100.1 192.168.100.5

!
ip dhcp pool Managment
import all
network 192.168.100.0 255.255.255.224
default-router 192.168.100.1
dns-server X.X.X.X X.X.X.X
!
ip dhcp pool VOICE
import all
network 192.168.101.0 255.255.255.224
option 150 ip 192.168.100.1
default-router 192.168.100.1
dns-server X.X.X.X X.X.X.X
!
interface GigabitEthernet0/0
desc ISP
ip address dhcp
ip nat outside
ip virtual-reassembly
shutdown
duplex full
speed 100
!
interface GigabitEthernet0/1
DESC 3750_SWITCH
ip address 192.168.100.1 255.255.255.224
ip nat inside
ip virtual-reassembly
duplex full
speed 1000
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0
!
ip nat inside source list 101 interface GigabitEthernet0/0 overload
access-list 101 permit ip 192.168.100.0 0.0.0.255 any
access-list 101 permit ip 192.168.101.0 0.0.0.255 any
!
------------->
on the switch side I create 2 vlans
vlan 100 --> managment--> 192.168.100.2
vlan 200 --> voice --> 192.168.101.1

here is the config for the ports on the switch.

switchport
switchport access vlan 100
switchport voice vlan 200
spanning-tree portfast
!

ip default-gateway 192.168.100.1(which is the router g0/1).

i add the dns of isp on the router. the pcs have the dns info and ip address i am unable to go to the internet. Thanx in advance.

 

[ISPKing]

I think you messed up your dhcp pools. ( not sure tho)
Your acl should just be a standard one.
Evrything looks good as far as I can see, so u can ping from the router to say 4.2.2.2. If so enable ip domain lookup on the router and ping google to see if it resolves.

 

[Supergrrover]

Your ISP interface is shutdown.


Brent
Systems Engineer / Consultant
CCNP, CCSP

 

[achtungbaby]

Hi All,

I was able to figure out my issue. it was vlan issue. vlan 1 was the default vlan. I had to change the native vlan 1 to data vlan. My vlan is working. thanks.