New 861...now what?

Answered Question
Dec 3rd, 2008
User Badges:

Alright, I have taken classes in CISCO like 3 years ago, even have a degree in it, but I don't remember enough to get going, so I am looking for a little help.


I just purchased a new 861. I know how to use the console port, I know my way around but still are weak in some areas. Here is what I want to do to start, until I get the router in full working order to use has my main router, I want to get it working locally. Basically I have the WAN port plugged into a linksys router. For now, the WAN port will get its IP address via the linksys router through DHCP. So how do I configure the WAN port to use DHCP?


Next question. I want to run DHCP on the cisco router to assign IP addresses internally. Then have it so all the computer plugged into my cisco can get online. Does this make since. I am just trying to take it a step at a time. I am a very quick learner if I can see an example configuration or something. Just the minimum that I need to get this to work.


Thanks for any help.

Correct Answer by Jon Marshall about 8 years 5 months ago

Dale


You need to make the following changes -


1) remove the default-gateway entry on the router. This would only be used if the router was acting as an end host. So


Router(config)# no ip default-gateway 10.1.1.1


then add a default-route pointing to the linksys IP address ie.


Router(config)# ip route 0.0.0.0 0.0.0.0 192.168.84.x (where x = the address of the linksys.


3) Your next problem is the linksys device needs to know about your 10.1.1.0/24 network.

Easiest thing may be to NAT all your 10.1.1.x clients to the IP address of your fa4 interface. So add the following config to your router


access-list 101 permit 10.1.1.0 0.0.0.255 any


ip nat inside source list 101 interface fa4 overload


under the vlan1 interface


int vlan 1

ip nat inside


under the fa4 interface


int fa4

ip nat outside


Jon


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3.5 (2 ratings)
Loading.
webmastadj Wed, 12/03/2008 - 18:12
User Badges:

Yep, I have already started looking at that and now, since I have posted the last message, I have the cisco router assigning IP addresses via DHCP and it is connected to my linksys router via the wan. I can PING the linksys router with the cisco router and I can ping the cisco from any computer on the linksys network.


The problem I have now is ping the linksys network from the host on the cisco network. Also I can't seem to find the command to add the default gateway for WAN along with the DNS. This is the part I am having trouble with, getting the computer on the inside of the CISCO network to see the internet and all the computers on the LINKSYS network.


My cisco network is 10.1.1.0/24 and my linksys network is 192.168.84.0/24. I have attached my config so far.



Attachment: 
Correct Answer
Jon Marshall Wed, 12/03/2008 - 21:51
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Dale


You need to make the following changes -


1) remove the default-gateway entry on the router. This would only be used if the router was acting as an end host. So


Router(config)# no ip default-gateway 10.1.1.1


then add a default-route pointing to the linksys IP address ie.


Router(config)# ip route 0.0.0.0 0.0.0.0 192.168.84.x (where x = the address of the linksys.


3) Your next problem is the linksys device needs to know about your 10.1.1.0/24 network.

Easiest thing may be to NAT all your 10.1.1.x clients to the IP address of your fa4 interface. So add the following config to your router


access-list 101 permit 10.1.1.0 0.0.0.255 any


ip nat inside source list 101 interface fa4 overload


under the vlan1 interface


int vlan 1

ip nat inside


under the fa4 interface


int fa4

ip nat outside


Jon


webmastadj Thu, 12/04/2008 - 04:40
User Badges:

Thanks. I was researching it more and found I needed a ip nat inside and ip nat outside setting on the interfaces just like you said. Also found this one forum with someone trying to do the same thing I am.


http://www.networking-forum.com/viewtopic.php?p=48940


He even has the PPPoE connection in there which is what I will need. I will take your advice and that example, I should be able to get it work.


Thank you for all your help.

webmastadj Thu, 12/04/2008 - 15:15
User Badges:

alright, I have it set-up now, working great. The computer internally on the CISCO can ping any computers on the linksys network (192.168.84.0) and google, so I do have internet connection.


I didn't make the linksys network know about my 10.1.1.0/24 network with the NAT, because it is my test "cloud." Don't want the internet getting into all my computers. Make Sense?


I take it the ip route is what makes all the traffic to the internet go out the WAN? With the IP route I tried:


ip route 0.0.0.0 0.0.0.0 fa4

Didn't work


then tried:

ip route 0.0.0.0 0.0.0.0 192.168.84.1 <<-- fa4 ip

Didn't work


then tried:

ip route 0.0.0.0 0.0.0.0 192.168.84.25 <<--- linksys router ip

that worked.



My next and final step is to lock the router down. I need to open some ports and forward them to the correct host on the cisco network. for example, web server at 10.1.1.3...so all port 80 request have to go there. I am a bit confused on what to use, NAT or ACLs? I have been reading through my CCNA book on NAT and PAT, but still don't quite understand them. Any help?


I have also attached my updated config.





Attachment: 
John Blakley Thu, 12/04/2008 - 08:07
User Badges:
  • Purple, 4500 points or more

Try taking the ip default-gateway statement out, and put in:


ip route 192.168.84.0 255.255.255.0 192.168.84.x <--whatever your linksys interface is that connects to FA4, but not the .1 address. I assume that the Linksys may be .2?


OR, if you are trying to get out the internet through the linksys, you can do:


ip route 0.0.0.0 0.0.0.0 192.168.84.x <- whatever the linksys internal ip address is.


HTH,


John

Actions

This Discussion