how to connect vlan to wan with cisco 871

Unanswered Question
Nov 21st, 2008
User Badges:

i bought a cisco 871 router i had my vlan connected to wan but i lost connection with a certain nat command


i cant reestablish the routing


cisco 871


vlan router ip 10.10.10.1 no dhcp computer 10.10.10.2 with

dns servers from the internet provider gateway 10.0.0.138 adsl modem

router ip on wan is 10.0.0.10


i just want to interet for a start


i route fastethernet4 (wanport) to 0.0.0.0 submask 0.0.0.0 but nothing happens


??


jil




  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.2 (6 ratings)
Loading.
Edison Ortiz Fri, 11/21/2008 - 10:38
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

Please provide config.


Can you ping 10.0.0.138 from the router?


__


Edison.

jillesmiedema Fri, 11/21/2008 - 13:36
User Badges:

yes and also from the computer.


i have used now the nat wizzard simple to connect to the internet. i can configure my adsl modem but i cant come trough the modem to the internet.


Edison Ortiz Fri, 11/21/2008 - 13:43
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

We need to see the router configuration for further troubleshooting.


You mentioned that you are now using the NAT wizard, did you enable NAT for the internal networks to connect to the internet?


Can you ping 4.2.2.2 from the router itself?


Thanks


__


Edison.

Edison Ortiz Sat, 11/22/2008 - 12:23
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

So you are NATing from 10.10.10.0/29 subnet to 10.0.0.11 but, 10.0.0.11 is not routable in the internet so we need the router to either have a routable internet IP or have the connected device in F4, to NAT (once again) to make this connection routable in the internet.


Makes sense?


__


Edison.

jillesmiedema Sun, 11/23/2008 - 09:05
User Badges:

see next answer , it works when vlan1 is routed to the gateway. , the adsl modem(gateway) was connected to F4 all the time.

Edison Ortiz Sat, 11/22/2008 - 16:12
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

One more thing, the following command should direct requests to a gateway


ip route 0.0.0.0 0.0.0.0 10.0.0.0


10.0.0.0 isn't a valid gateway IP. Please enter the correct information there.


HTH,


__


Edison.

jillesmiedema Sun, 11/23/2008 - 09:02
User Badges:

chancing the ip route 0.0.0.0 to the valid gateway(adsl modem) 10.0.0.138 did it, internet works through the router.


on my vista computer i filled in 10.0.0.1 as the gateway, is that corect ?




thank you very much for the advice.


stubbling on these simple problems .


do you know a good book for starters like me.


jillesmiedema Sun, 11/23/2008 - 09:31
User Badges:

when i chance the route default route 0.0.0.0 to 10.0.0.138 to a non default route 10.10.10.0 255.255.255.248 to 10.0.0.138, it doesnt works anymore. why ?


when i chance the gateway on my ip4 gateway adres from 10.10.10.1 (ciscorouter) to 10.0.0.138 it doesnt matter, it works as well.



why ?


jilles


Edison Ortiz Sun, 11/23/2008 - 14:22
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

when i chance the route default route 0.0.0.0 to 10.0.0.138 to a non default route 10.10.10.0 255.255.255.248 to 10.0.0.138, it doesnt works anymore. why ?



You need a default route in the router in order to handle internet traffic.


If you source a connection from the router or a device sitting behind the router, the router needs to know how to get there. If the information isn't in the routing table, the router will drop the traffic. The default route handles 'all routes' requests. A specific route (10.10.10.0/29) will only handle traffic to that subnet.


when i chance the gateway on my ip4 gateway adres from 10.10.10.1 (ciscorouter) to 10.0.0.138 it doesnt matter, it works as well.



Are you talking about the Vista workstation default gateway? It seems the router is handling this traffic via proxy-arp.


If an end-device has an incorrect gateway or the gateway information is missing, devices running proxy-arp will take care of that traffic. Proxy-Arp is enabled by default in Cisco routers.




HTH,


__


Edison.

Edison Ortiz Sun, 11/23/2008 - 14:18
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

Your Vista computer should point to the Vlan 1 IP address. I don't recall that address being 10.0.0.1, isn't that subnet 10.10.10.0/29 ?


Any CCNA book should be good for a beginner :)


__


Edison.

jillesmiedema Tue, 12/02/2008 - 05:17
User Badges:

i have the following problem


internet is working from inside to outside, rdp is working from inside to outside.


i want to permit external user, with ip a.a.a.a with port b to enter a host c.c.c.c on the inside network.


what can i use ?


acces rule ?

nat rule

port to application mapping ?


Edison Ortiz Thu, 12/04/2008 - 13:19
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

You need a NAT rule


__


Edison.


jillesmiedema Fri, 12/12/2008 - 13:31
User Badges:

if i make a extented natrule via sdm from outside wan ip adres aaaa to inside host cccc port tcp bbbb translated to bbbb and assoiciate it with outside interface inbound then i think all ports are redirected because i lose my http connection to the cisco router

Edison Ortiz Fri, 12/12/2008 - 13:37
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

You should be hitting the Cisco router w/ SDM by using its internal IP (LAN IP).


__


Edison.

Edison Ortiz Fri, 12/12/2008 - 14:14
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

Ah, you are managing the router via remote, got you.


You can change the http port from 80 to another number and manage SDM from this new port number.


The command is ip http port [value]


HTH,


__


Edison.

jillesmiedema Sun, 12/14/2008 - 07:33
User Badges:

understand the command is to log in from wan

to host cccc with port bbbb



ip nat inside source static tcp cccc bbbb interface FastEthernet4 bbbb



but the logic of cisco fails me.


in sdm i have to fill in translating from adres the host on the inside , but i make the call from outside wan.


the command sentence also speaks of source adres but my logic says the source adres is that of the host that trys to make connection with the inside adres.


what do i miss ?





Edison Ortiz Sun, 12/14/2008 - 08:15
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

I'm sorry, can you explain your confusion one more time? I didn't understand the message.


__


Edison.

jillesmiedema Sun, 12/14/2008 - 09:09
User Badges:

ip nat inside source static tcp cccc bbbb interface FastEthernet4 bbbb


this is the command which works to let an host from wan(=outside) = fastethernet4 to remote desktop on port bbbb on a hostserver cccc on the vlan(=inside).


but the command names the inside adres as source(=originating) but it is a host on the wan which want to connect to the inside host


in the sdm screen the original adres is cccc, the thranslated adres the ipadres of the cisco router on the ethernet4 interface.





so in my logic the source adres or originating adres is the ip adres of the wan host because he wants to communicate with the server.


so ehy is the original inside adres the source adres.



jillesmiedema Sun, 12/14/2008 - 12:05
User Badges:

next problem


i have an public ip adres aaaa , then an adslmodem with inside adres ccc138 the fa4 of the cisco is connected to it with ip cccc01.


can i make acces rules with public ip adresses on the outside lan ccc0 of my cisco router because he sees only the gateway ccc138.


should i pass the public ip adres to my cisco router through the adslmodem to make acces lists on basis of public ip adresses of hosts i want to allow ?

Actions

This Discussion