Have two sets of Public IP and can't access the internet

Unanswered Question
Sep 9th, 2009

I got two sets of public IP from my ISP, one /30 and /24. I have a 2811 router which is connect to the ISP cisco switch. On my router I have the /30 and and the next interface is the /24 which is connect to a switch. I can ping my ISP GW and DNS servers but I can't access the internet. Can anyone look at my config and tell me what I am missing.

=======

EDGE-Router>en

EDGE-Router#show run

Building configuration...

Current configuration : 3335 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname EDGE-Router

!

boot-start-marker

boot-end-marker

!

logging buffered 51200 warnings

!

no aaa new-model

!

!

ip cef

!

!

ip domain name yourdomain.com

multilink bundle-name authenticated

!

!

!

archive

log config

hidekeys

!

!

!

!

!

interface Loopback0

no ip address

ip nat inside

ip virtual-reassembly

!

interface FastEthernet0/0

description LINK TO ISP

ip address 69.177.74.206 255.255.255.252

ip virtual-reassembly

duplex auto

speed auto

!

interface FastEthernet0/1

description LINK TO ARTNET INTERNET SWITCH 23RD FLOOR

ip address 69.177.131.2 255.255.255.0

ip virtual-reassembly

duplex auto

speed auto

!

interface FastEthernet0/0/0

!

interface FastEthernet0/0/1

!

interface FastEthernet0/0/2

!

interface FastEthernet0/0/3

!

interface Vlan1

no ip address

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 69.167.64.205

!

!

ip http server

ip http access-class 23

ip http authentication local

ip http timeout-policy idle 60 life 86400 requests 10000

!

ip access-list standard outside-nat-inside

permit 192.168.0.0 0.0.0.255 log

permit any log

!

access-list 23 permit 10.10.10.0 0.0.0.7

!

!

control-plane

!

!

line con 0

password 7 002501120A5E1F540472

logging synchronous

login

line aux 0

line vty 0 4

access-class 23 in

privilege level 15

password 7 13240506050910782077

logging synchronous

login

transport input telnet

line vty 5 15

access-class 23 in

privilege level 15

login local

transport input telnet

!

scheduler allocate 20000 1000

!

end

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Wed, 09/09/2009 - 11:53

Shane

This is a bit confusing. Your default route points to 69.167.64.205 which is the other end of the /30.

So what are you trying to achieve with the /24 ?

Jon

shanemcanuff Wed, 09/09/2009 - 12:09

With the /24 I want to connect any systems that is connected to the switch on that interface to access the internet or I can access it from the internet since the /24 I have are public IP

shanemcanuff Wed, 09/09/2009 - 12:12

69.167.64.205 sorry I mean 69.177.74.205 is the ISP gateway. from my router I can ping www.goolge.com but when I connect to the swicth which /24 is connected to I can ping up the the ISP gateway and DNS servers but can't access the internet.

Edison Ortiz Wed, 09/09/2009 - 12:16

Verify your ISP has a route back to your /24 subnet, if they don't - the internet won't know how to get back to you.

Your config is fine.

BTW, where are you implementing NAT in your network?

__

Edison.

shanemcanuff Wed, 09/09/2009 - 12:38

Edison, I was thinking to do NAT but since two set of IP's are public do I have to do NAT?

Jon Marshall Wed, 09/09/2009 - 12:45

Shane

No, you shouldn't have to.

As Edison says, your config looks good. Assuming you have the default-gateway etc. correct on your /24 subnet clients i would check with your ISP.

Have you ruled out DNS ie. have you pinged google's IP address rather than URL.

Jon

Edison Ortiz Wed, 09/09/2009 - 13:02

If every device internally is going to be on the public /24, you don't need NAT but I find it odd that you will use a public /24 for your internal network. What type of business environment is this? Hosting services?

BTW, I agree with Jon - try pinging an IP instead of name from the switch holding an IP from the /24 subnet. Try pinging 4.2.2.1

__

Edison.

Edison Ortiz Wed, 09/09/2009 - 12:14

Your default route is incorrect.

ip route 0.0.0.0 0.0.0.0 69.167.64.205

Based on the IP address on the WAN interface

description LINK TO ISP

ip address 69.177.74.206 255.255.255.252

it should be

ip route 0.0.0.0 0.0.0.0 69.177.74.205

shanemcanuff Wed, 09/09/2009 - 12:35

the ip route 0.0.0.0 0.0.0.0 69.167.64.205 was a error I typed. the ISP gateway is 69.177.74.205.

shanemcanuff Wed, 09/09/2009 - 13:31

Thanks a lot guy, I call my ISP and for some reason the engineer forget to route the /24 to me.

Actions

This Discussion