simple wan setup

jetlen123071 · ‎06-08-2007

good day, i am a newbie with regards to cisco. just wanted to ask for help. the scenario is i was able to connect to bldg (A and B) by using 1600 and 1700 series routers thru a lease line. The internet on Bldg A is connected thru ADSL (cisco 837. How can i access the internet from bldg B?is this an issue of routing or access list on the ADSL modem? i am confuse, here is the config of the ADSL modem (cisco 837). thank you

Current configuration : 1640 bytes

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

boot-start-marker

boot-end-marker

!

no logging buffered

!

no aaa new-model

!

resource policy

!

clock timezone Magadan 11

no ip dhcp use vrf connected

ip dhcp excluded-address 10.10.10.1

!

ip dhcp pool pool-dhcp

network 10.10.10.0 255.255.255.0

default-router 10.10.10.1

dns-server 202.x.x.5 202.80.32.7

lease infinite

!

ip cef

ip domain name xxxxxxxxx

!

interface Ethernet0

ip address 10.10.10.1 255.255.255.0

ip nat inside

ip virtual-reassembly

hold-queue 100 out

!

interface Ethernet2

no ip address

shutdown

hold-queue 100 out

!

interface ATM0

no ip address

no atm ilmi-keepalive

dsl operating-mode auto

pvc 8/35

encapsulation aal5mux ppp dialer

dialer pool-member 1

!

interface FastEthernet1

duplex auto

speed auto

!

interface FastEthernet2

duplex auto

speed auto

!

interface FastEthernet3

duplex auto

speed auto

!

interface FastEthernet4

duplex auto

speed auto

!

interface Dialer1

ip address negotiated

ip nat outside

ip virtual-reassembly

encapsulation ppp

dialer pool 1

ppp chap hostname xxxxxxxx

ppp chap password 0 xxxxxxx

ppp pap sent-username xxxxxx password 0 xxxxxxx

!

ip route 0.0.0.0 0.0.0.0 Dialer1

ip http server

no ip http secure-server

!

ip nat inside source list 1 interface Dialer1 overload

!

access-list 1 permit 10.10.10.0 0.0.0.255

access-list 2 remark SDM_ACL Category=1

!

control-plane

!

line con 0

no modem enable

line aux 0

line vty 0 4

login

!

scheduler max-task-time 5000

end

paolo bevilacqua · ‎06-08-2007

Hello,

Please don't call the 837 a modem because it is an almost fully featured router.

Now for your problem, on the 837 add in access-list 1 all the networks that you want to allow to access the internet.

Then on all the routers configure:

router rip

network z.z.z.z <- place all your networks in there using multiple network statements

redistribute static subnets

version 2

That should do it. It is not the most optimized configuration, but good to begin with. Once you have it working, you can come back with more questions.

Hope this helps,please rate post if it does!

jetlen123071 · ‎06-12-2007

hello,

firstly my apologies with regards to the cisco 837. sir, i followed your instruction, and when i tested it i still cannot access the internet. from bldg B(router) my ping can only reach up to the bldg A(router). sir the 837 cisco is on bldg A. here is the config of the two routers.

BLDG B ROUTER

ip subnet-zero

ip name-server xxxxxxxxxx

!

interface Ethernet0

description line

ip address 192.168.2.200 255.255.255.0

no ip directed-broadcast

interface Serial0

ip address 10.0.0.1 255.255.255.0

no ip directed-broadcast

!

router rip

network 10.0.0.0

network 192.168.2.0

!

ip nat inside source list 10 interface FastEthernet0 overload

ip classless

ip route 0.0.0.0 0.0.0.0 10.0.0.2

ip route 192.168.2.0 255.255.255.0 10.0.0.2

!

access-list 10 permit 10.10.10.0 255.255.255.0

!

line con 0

line 1

line vty 0 4

____________________________

BLDG A ROUTER

!

ip subnet-zero

!

ip name-server xxxxxxxxxx

!

interface FastEthernet0

ip address 10.10.10.2 255.255.255.0

speed auto

!

interface Serial0

ip address 10.0.0.2 255.255.255.0

!

interface Serial1

no ip address

shutdown

!

router rip

network 10.0.0.0

network 192.168.2.0

!

ip nat inside source list 10 interface FastEthernet0 overload

ip classless

ip route 0.0.0.0 0.0.0.0 10.10.10.1

ip route 192.168.2.0 255.255.255.0 10.0.0.1

no ip http server

access-list 10 permit 10.10.10.0 255.255.255.0

access-list 10 permit 192.168.2.0 255.255.255.0

!

line con 0

line aux 0

line vty 0 4

!

end

Your help is highly appreciated. again my apologies being a newbie.

sundar.palaniappan · ‎06-12-2007

You have configured access list 10 with subnet mask instead of wildcard mask. Static route should point to dialer interface. Apply the following config and try.

BLDG A ROUTER:

no ip route 0.0.0.0 0.0.0.0 10.10.10.1

ip route 0.0.0.0 0.0.0.0 Dialer1

no access-list 10

access-list 10 permit 10.10.10.0 0.0.0.255

access-list 10 permit 192.168.2.0 0.0.0.255

BLDG B ROUTER:

no ip nat inside source list 10 interface FastEthernet0 overload

no ip route 192.168.2.0 255.255.255.0 10.0.0.2

HTH

Sundar

jetlen123071 · ‎06-12-2007

hello sir,

i've followed your instruction, the only thing that cannot be done is the "ip route 0.0.0.0 0.0.0.0 Dialer1" error is invalid input. please correct me if i'm wrong, it is because i don't have any dialer configured in router A. the dialer1 is configured in the 837 router. here is the ping test that i did.

from the 837 console.

-ping Ethernet port (router A) fine

-ping serial port (router A) no reply

-ping Ethernet port (router B) no reply

-ping serial port (router B) fine

from the router A console

no problem

from the router B console

-ping is fine up to the ethernet port of router A (10.10.10.2)

-ping to the cisco 837 (10.10.10.1) no reply

Sir here is the 837 config

clock timezone Magadan 11

no ip dhcp use vrf connected

ip dhcp excluded-address 10.10.10.1

!

ip dhcp pool pool-dhcp

network 10.10.10.0 255.255.255.0

default-router 10.10.10.1

dns-server xxxxxxxxxxxxx

lease infinite

!

ip cef

ip domain name xxxxxxxxx!

!

interface Ethernet0

ip address 10.10.10.1 255.255.255.0

ip nat inside

ip virtual-reassembly

hold-queue 100 out

!

interface Ethernet2

no ip address

shutdown

hold-queue 100 out

!

interface ATM0

no ip address

no atm ilmi-keepalive

dsl operating-mode auto

pvc 8/35

encapsulation aal5mux ppp dialer

dialer pool-member 1

!

interface FastEthernet1

duplex auto

speed auto

!

interface FastEthernet2

duplex auto

speed auto

!

interface FastEthernet3

duplex auto

speed auto

!

interface FastEthernet4

duplex auto

speed auto

!

interface Dialer1

ip address negotiated

ip nat outside

ip virtual-reassembly

encapsulation ppp

dialer pool 1

ppp chap hostname xxxxxxxxxxx

ppp chap password 0 xxxxxxx

ppp pap sent-username xxxxxxxx password 0 xxxxxxxx

!

ip route 0.0.0.0 0.0.0.0 Dialer1

ip route 10.10.10.0 255.255.255.0 10.0.0.2

ip http server

no ip http secure-server

ip route 10.10.10.0 255.255.255.0 10.0.0.2

ip http server

no ip http secure-server

!

ip nat inside source list 1 interface Dialer1 overload

!

access-list 1 permit 10.10.10.0 0.0.0.255

access-list 1 permit 0.0.0.0 255.255.255.0

access-list 2 remark SDM_ACL Category=1

!

control-plane

!

line con 0

no modem enable

line aux 0

line vty 0 4

login

!

scheduler max-task-time 5000

end

thank you for being so patient with me.

paolo bevilacqua · ‎06-13-2007

Hello,

under "router rip", in all routers including 837, please configure

version 2

redistribute static connected

You can then eliminate the 10.x.x.x static routes.

Hope this helps, please rate post if it does!

jetlen123071 · ‎07-08-2007

thank you so much guys, really appreciate your help.. by the way, i notice that it is running only on 10mbps, how can i set it up to run on 100? if my question in not appropriate, i'm very sorry.

paolo bevilacqua · ‎07-08-2007

Hi, try

speed 100

duplex full

On the interfaces that you know can support that speed.

Hope this helps, please rate post if it does!

paolo bevilacqua · ‎06-12-2007

Hello Jetlen,

My remark was made in jokeful way, you don't have to apologize for anything, now if you apply Sundar's good advice you will have this working in no time, good luck and please feel free to come back with more questions if you have.