Cisco 1700 Router

Discussion in 'Cisco' started by Charles StClair, Jul 25, 2008.

  1. I have configured my Cisco 1700 router to access the Internet through my
    Westell Model 6100 modem using a 1ENET WIC. I can ping my modem at
    192.168.1.1 but I am unable to access the Internet through my router. The
    Internet passes through the 1ENET and my LAN is on the FastEthernet0. My
    configuration of my router is below:

    ! ******************************************************************
    ! Cisco1720.cfg - Cisco router configuration file
    ! Automatically created by Cisco ConfigMaker v2.6 Build 6
    ! Friday, July 25, 2008, 07:59:40 AM
    !
    ! Hostname: Cisco1720
    ! Model: 1720
    ! ******************************************************************
    !
    service timestamps debug uptime
    service timestamps log uptime
    service password-encryption
    no service tcp-small-servers
    no service udp-small-servers
    !
    hostname Cisco1720
    !
    enable password char0912
    !
    no ip name-server
    !
    ip subnet-zero
    no ip domain-lookup
    ip routing
    !
    interface FastEthernet 0
    no shutdown
    description connected to EthernetLAN
    ip address 192.168.7.1 255.255.255.0
    ip nat inside
    keepalive 10
    !
    interface Ethernet 0
    no shutdown
    description connected to Internet
    ip address 192.168.1.2 255.255.255.0
    ip nat outside
    keepalive 10
    !
    ! Access Control List 1
    !
    no access-list 1
    access-list 1 permit 192.168.7.0 0.0.0.255
    !
    ! Dynamic NAT
    !
    ip nat translation timeout 86400
    ip nat translation tcp-timeout 86400
    ip nat translation udp-timeout 300
    ip nat translation dns-timeout 60
    ip nat translation finrst-timeout 60
    ip nat inside source list 1 interface Ethernet 0 overload
    !
    router rip
    version 2
    network 192.168.7.0
    passive-interface Ethernet 0
    no auto-summary
    !
    !
    ip classless
    !
    ! IP Static Routes
    ip route 0.0.0.0 0.0.0.0 Ethernet 0
    no ip http server
    snmp-server community public RO
    no snmp-server location
    no snmp-server contact
    !
    line console 0
    exec-timeout 0 0
    password kc9bzf
    login
    !
    line vty 0 4
    password kc9bzf
    login
    !
    end
    Any help would be greatly appreciated.
     
    Charles StClair, Jul 25, 2008
    #1
    1. Advertising

  2. Charles StClair

    Guest

    Could your access-list for NAT possibly be being ignored?


    no access-list 1
    access-list 1 permit 192.168.7.0 0.0.0.255
     
    , Jul 25, 2008
    #2
    1. Advertising

  3. Charles StClair

    Scott Perry Guest

    No, the configuration, as read from top to bottom, would first eliminate any
    access-list 1 and then secondly would build the access-list.

    -----
    Scott Perry
    Indianapolis, IN
    -----

    <> wrote in message
    news:...
    > Could your access-list for NAT possibly be being ignored?
    >
    >
    > no access-list 1
    > access-list 1 permit 192.168.7.0 0.0.0.255
     
    Scott Perry, Jul 25, 2008
    #3
  4. Charles StClair

    Scott Perry Guest

    I must consider your modem to be a router which provides PPPoE, DNS proxy
    and NAT services. Sorry about being picky on the terminology but it makes a
    big difference!

    I ran your Cisco 1720 router configuration through a 2600 series router and
    it worked. I did consider that some sections could be improved to my
    preference, but I cannot debate that it did perform NAT and allow inside
    access to the outide.
    The additional solutions that I see not only deal with your routing, but
    also that you do not provide DHCP to your inside hosts which the "modem"
    would have done. You need to make sure that DNS resolution works for your
    inside systems as well. Without DNS resolution, only connections to
    specific IP addresses will work, not connections to systems based on fully
    qualified domain name (FQDN) like www.website.com.

    Below are the sections, "routing", "dhcp", and "advice" which make up the
    remainder of this posting.

    ROUTING:
    > ip route 0.0.0.0 0.0.0.0 Ethernet 0

    This default route points out interface Ethernet0, but it does not specify
    the next hop. Think like your router: how does it know what IP address on
    Ethernet0 the traffic will be routed to out of the 256 IP addresses in that
    subnet on interface Ethernet0? Help your router out by making a more
    specific default route:
    no ip route 0.0.0.0 0.0.0.0 Ethernet0
    ip route 0.0.0.0 0.0.0.0 192.168.1.1
    OR
    no ip route 0.0.0.0 0.0.0.0 Ethernet0
    ip route 0.0.0.0 0.0.0.0 Ethernet0 192.168.1.1

    DHCP:
    How do your inside hosts know what IP address information to use?
    How do your inside hosts know what DNS server to use? Your "modem" is
    performing DNS proxy.
    I think that is your current problem. Your inside PC may be trying to web
    browse some Internet FQDN and is not resolving it to an IP address. Try
    throwing this DHCP configuration in place:
    ip dhcp excluded-address 192.168.7.1
    ip dhcp pool insidelan
    network 192.168.7.0 255.255.255.0
    domain-name network.net
    dns-server 192.168.1.1
    This will enable the Cisco 1720 router to act as a DHCP server for DHCP
    requests from the interface facing the 192.168.7.0 255.255.255.0 network,
    which is FastEthernet 0. Change the domain-name as you like. Now your
    inside PCs can lease an IP address and have the correct DNS server
    information.

    ADVICE:
    The Westell modem appears to have a bridging mode which you might want to
    take into consideration. Based on what I read, it appears that you will be
    configuring the Cisco 1720 router to do percisely what the Westell
    modem/router is doing: route to the Internet using NAT.
    No more posting passwords in your configuration!

    -----
    Scott Perry
    Indianapolis, IN
    -----

    "Charles StClair" <> wrote in message
    news:Kfjik.556$oU.353@trnddc07...
    >I have configured my Cisco 1700 router to access the Internet through my
    >Westell Model 6100 modem using a 1ENET WIC. I can ping my modem at
    >192.168.1.1 but I am unable to access the Internet through my router. The
    >Internet passes through the 1ENET and my LAN is on the FastEthernet0. My
    >configuration of my router is below:
    >
    > ! ******************************************************************
    > ! Cisco1720.cfg - Cisco router configuration file
    > ! Automatically created by Cisco ConfigMaker v2.6 Build 6
    > ! Friday, July 25, 2008, 07:59:40 AM
    > !
    > ! Hostname: Cisco1720
    > ! Model: 1720
    > ! ******************************************************************
    > !
    > service timestamps debug uptime
    > service timestamps log uptime
    > service password-encryption
    > no service tcp-small-servers
    > no service udp-small-servers
    > !
    > hostname Cisco1720
    > !
    > enable password char0912
    > !
    > no ip name-server
    > !
    > ip subnet-zero
    > no ip domain-lookup
    > ip routing
    > !
    > interface FastEthernet 0
    > no shutdown
    > description connected to EthernetLAN
    > ip address 192.168.7.1 255.255.255.0
    > ip nat inside
    > keepalive 10
    > !
    > interface Ethernet 0
    > no shutdown
    > description connected to Internet
    > ip address 192.168.1.2 255.255.255.0
    > ip nat outside
    > keepalive 10
    > !
    > ! Access Control List 1
    > !
    > no access-list 1
    > access-list 1 permit 192.168.7.0 0.0.0.255
    > !
    > ! Dynamic NAT
    > !
    > ip nat translation timeout 86400
    > ip nat translation tcp-timeout 86400
    > ip nat translation udp-timeout 300
    > ip nat translation dns-timeout 60
    > ip nat translation finrst-timeout 60
    > ip nat inside source list 1 interface Ethernet 0 overload
    > !
    > router rip
    > version 2
    > network 192.168.7.0
    > passive-interface Ethernet 0
    > no auto-summary
    > !
    > !
    > ip classless
    > !
    > ! IP Static Routes
    > ip route 0.0.0.0 0.0.0.0 Ethernet 0
    > no ip http server
    > snmp-server community public RO
    > no snmp-server location
    > no snmp-server contact
    > !
    > line console 0
    > exec-timeout 0 0
    > password kc9bzf
    > login
    > !
    > line vty 0 4
    > password kc9bzf
    > login
    > !
    > end
    > Any help would be greatly appreciated.
     
    Scott Perry, Jul 25, 2008
    #4
  5. Charles StClair

    PeterDCS

    Joined:
    May 8, 2012
    Messages:
    1
    Perhaps I can get help on this scenario?

    Cisco 1720 was configured only for intranet.
    Now we need one remotely located PC WinXP to access internet

    Remote PC IP NIC is 20.1.1.5, gateway is 20.1.1.1, with IP provider DNS's
    Cisco Remote 1720 IP is 20.1.1.1
    Local Cisco 1720 IP is 10.1.1.1
    The local internet gateway (linksys WRV54G) IP is 10.1.1.108

    We use all static IP's and are unable to ping to 10.1.1.108. I opened the linksys and added the route 20.1.1.5 mask 255.255.255.255 and we can ping it now.

    But we can still not ping an internet ip such as google's 74.125.224.161 and we will need to use the DNS's for internet lookups.

    Thanks in Advance for any help it would be greatly appreciated.
    ~Peter
     
    PeterDCS, May 8, 2012
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Geremy Meyers

    Cisco 1700 to Ascend router...ISDN

    Geremy Meyers, Feb 28, 2004, in forum: Cisco
    Replies:
    0
    Views:
    531
    Geremy Meyers
    Feb 28, 2004
  2. Pinko_Commie
    Replies:
    1
    Views:
    1,518
    Erik Tamminga
    Mar 6, 2004
  3. G-man
    Replies:
    1
    Views:
    11,798
    Walter Roberson
    Oct 17, 2004
  4. John
    Replies:
    2
    Views:
    8,814
    Flatch U. Lance
    May 12, 2005
  5. Replies:
    0
    Views:
    1,514
Loading...

Share This Page