Working 2621XM Config Required

Unanswered Question
Apr 4th, 2009
User Badges:

Hi all,


I am having plenty of trouble trying to get my network connecting to the internet via a 2621XM router.


I currently have my network connecting to the internet through an ISA Firewall/Proxy but am wanting to replace this with the 2621XM.


The router has been configured correctly (I assume) from what I have read on the net as wel as from a few colleagues who know more about the ins and outs or this stuff. Access to the internet is still not happening.

I have configured FA0/0 as the outside interface and FA0/1 as the interface. The config for my router is attached. (See file 2621XM_Config - Original.txt)


Once thing that my friends told me was to configure the outside interface with the static IP supplied to me by my ISP.

I know I would only do this if I had my modem in Bridged mode, but as it is currently NAT'ing from my static IP to a 10.x.x.x address, i need not bother with altering it. Should I change it?

(See file 2621XM_Config - Modified.txt)


My internet service is via ADSL.


Neither method has not worked, so I am thinking that there is something missing in each of the configs.


Two questions need answering that I am unsure how to proceed with:

1. the ip domain-name... should this be my public domain name or my internal domain name?

2. the ip name-servers... should these be my ISP name servers or my internal name servers?


My ISA proxy/firewall is setup as a forwarding-only name server and uses my ISP name-servers to forward any requests my internals are unable to resolve. The 2621XM will effectively be doing this from now on.


Does anyone have a working config of a 2621XM that I would be able to use or work from to get my setup working correctly?


Thanking anyone in advance who an help me resolve this.


regards,

Darren



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
viyuan700 Sat, 04/04/2009 - 20:12
User Badges:
  • Silver, 250 points or more

Hi Darren,

Few problem i see in your config,


1. You have provided IP address to your LAN interface i.e FastEthernt0/1 then you are using subinterfaces.


When you use subinterfaces there should not be any IP address to that interface i.e F0/1.


Remove IP from that interface and add one more subinterface for that IP instead.


2. You need ip nat outside on your WAN interface


See if things works with these 2 changes

darrenoleary Sat, 04/04/2009 - 21:13
User Badges:

Hi,


Thanks for you quick response to this.

I should make a few things a bit clearer for future reference.


This config is for a router-on-a-stick setup as I am using 2960 switches (layer 2).


The command 'ip nat outside' is actually in my config on the router. It's just not in the config shown in the attachments. :-D


Re: your 1st point... are you saying that I should remove the 192.168.x.x address? This is only a management address for access to the router. This address will also be the default-gateway for any of my network devices in the 192.168.x.x range.


Can you provide an example of what I should have instead for this interface?



regards,

Darren

viyuan700 Sat, 04/04/2009 - 21:40
User Badges:
  • Silver, 250 points or more

Can you provide an example of what I should have instead for this interface?


this is the config of a router , there is no ip address below the interface.

interface fastethernet 0/0

no ip address


interface fastethernet 0/0.1

encapsulation dot1q 1 native


interface fastethernet 0/0.100

encapsulation dot1q 100

ip address 192.168.100.1 255.255.255.0


interface fastethernet 0/0.200

encapsulation dot1q 200

ip address 192.168.200.1 255.255.255.0


So remove that ip address to yourLAN interface f0/1 instead one more subinterface for such as interface FastEthernet0/1.1 for 192.168.74.254 255.255.255.0




darrenoleary Sat, 04/04/2009 - 22:44
User Badges:

Thanks again.


Is there a purpose behind doing this?


I have done as instructed and can continue to connect via telnet or ping the 192.168.74.254 address. However, I am still unable to ping anything beyond the router. I can ping my DSL modem (10.1.1.1) which then does it's own NAT'ing to my external (ISP) address.


I have included the updated running config for reference.


What else should I be doing to get this working?



Actions

This Discussion