cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
355
Views
0
Helpful
4
Replies

sharing internet on 2 networks: Issue

quitesyssarl
Level 1
Level 1

Hello. I'm a newbie so I use graphical interface to configure my cisco router 871

I have 2 networks

n1: 10.0.0.0 /24

n2: 192.168.1.0 /24

192.168.1.252 is the gateway to internet

n1 has not access to the internet

n2 has the access to the internet using the gateway 192.168.1.252

I want n1 to use the internet access of n2

so I have connected n1 to fe0 with ip 10.0.0.250 and create the vlan1.

n2 is connected to fe1 with 192.168.1.251 ip and create vlan 2

after that I have created a nat between vlan1 and vlan2. No rules are defined .

on n1 each PC has 10.0.0.250 as default gateway and 192.168.1.252 as DNS server

from n1 I can ping the default gateway 192.168.1.252 but I can't access to the net. I have the dns resolution from n1, i can for example get the ip adress of cisco server, but from internet explorer I always have "connecting to http://www.cisco.com" but no connection. The ping give me the ip address but no answer from the server!

Is someone can help me, but only with graphical interface or maybe told me if my configuration is very bad!!!

I have created a NAT because I can't modify the default gateway on n2 and so the n1 network is not sawn by the default gateway 192.168.1.252

1 Accepted Solution

Accepted Solutions

Here are the steps to add route using GUI.

1. Choose Configure > Routing > Static Routing and click Add

2. prefix = 0.0.0.0

Prefix mask = 0.0.0.0

Fowarding (Next Hop) >> IP Address = 192.168.1.252

Distance Metric 1

Check on Permanent route checkbox.

View solution in original post

4 Replies 4

Hi,

First of all check what is the default route on this router, it should point towards 192.168.1.252.

Here are the steps to add route using GUI.

1. Choose Configure > Routing > Static Routing and click Add

2. prefix = 0.0.0.0

Prefix mask = 0.0.0.0

Fowarding (Next Hop) >> IP Address = 192.168.1.252

Distance Metric 1

Check on Permanent route checkbox.

ok here is the conf to help

=================================================

!This is the running config of the router: 10.100.132.250

!----------------------------------------------------------------------------

!version 12.4

no service pad

service tcp-keepalives-in

service tcp-keepalives-out

service timestamps debug datetime msec localtime show-timezone

service timestamps log datetime msec localtime show-timezone

service password-encryption

service sequence-numbers

!

hostname router

!

boot-start-marker

boot-end-marker

!

logging buffered 51200

logging console critical

enable secret xxx

!

no aaa new-model

!

crypto pki trustpoint TP-self-signed-651071305

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-651071305

revocation-check none

rsakeypair TP-self-signed-651071305

!

!

crypto pki certificate chain TP-self-signed-651071305

certificate self-signed 01

E90C589A

quit

dot11 syslog

no ip source-route

ip cef

!

ip auth-proxy max-nodata-conns 3

ip admission max-nodata-conns 3

no ip bootp server

no ip domain lookup

!

username quitesys privilege 15 secret xxx

!

!

archive

log config

hidekeys

!

!

ip tcp synwait-time 10

ip ssh time-out 60

ip ssh authentication-retries 2

!

interface FastEthernet0

!

interface FastEthernet1

switchport access vlan 2

!

interface FastEthernet2

!

interface FastEthernet3

!

interface FastEthernet4

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

ip route-cache flow

shutdown

duplex auto

speed auto

!

interface Vlan1

description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$

ip address 10.100.132.250 255.255.255.224

no ip redirects

no ip unreachables

no ip proxy-arp

ip nat inside

ip virtual-reassembly

ip route-cache flow

ip tcp adjust-mss 1452

!

interface Vlan2

description $FW_OUTSIDE$

ip address 192.168.1.251 255.255.255.0

ip nat outside

ip virtual-reassembly

!

ip forward-protocol nd

!

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

ip nat inside source list 1 interface Vlan2 overload

!

logging trap debugging

access-list 1 remark SDM_ACL Category=2

access-list 1 permit 10.100.132.224 0.0.0.31

access-list 100 remark SDM_ACL Category=2

access-list 100 permit ip any any

no cdp run

!

control-plane

!

banner exec ^C

% Password expiration warning.

username privilege 15 secret 0

-----------------------------------------------------------------------

^C

banner login ^CAuthorized access only!

Disconnect IMMEDIATELY if you are not an authorized user!^C

!

line con 0

login local

no modem enable

transport output telnet

line aux 0

login local

transport output telnet

line vty 0 4

privilege level 15

login local

transport input telnet ssh

!

scheduler max-task-time 5000

scheduler allocate 4000 1000

scheduler interval 500

end

============================

Many thanks to you it works!!!!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: