09-09-2009 11:49 AM - edited 03-04-2019 05:59 AM
I got two sets of public IP from my ISP, one /30 and /24. I have a 2811 router which is connect to the ISP cisco switch. On my router I have the /30 and and the next interface is the /24 which is connect to a switch. I can ping my ISP GW and DNS servers but I can't access the internet. Can anyone look at my config and tell me what I am missing.
=======
EDGE-Router>en
EDGE-Router#show run
Building configuration...
Current configuration : 3335 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname EDGE-Router
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
!
ip cef
!
!
ip domain name yourdomain.com
multilink bundle-name authenticated
!
!
!
archive
log config
hidekeys
!
!
!
!
!
interface Loopback0
no ip address
ip nat inside
ip virtual-reassembly
!
interface FastEthernet0/0
description LINK TO ISP
ip address 69.177.74.206 255.255.255.252
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet0/1
description LINK TO ARTNET INTERNET SWITCH 23RD FLOOR
ip address 69.177.131.2 255.255.255.0
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet0/0/0
!
interface FastEthernet0/0/1
!
interface FastEthernet0/0/2
!
interface FastEthernet0/0/3
!
interface Vlan1
no ip address
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 69.167.64.205
!
!
ip http server
ip http access-class 23
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip access-list standard outside-nat-inside
permit 192.168.0.0 0.0.0.255 log
permit any log
!
access-list 23 permit 10.10.10.0 0.0.0.7
!
!
control-plane
!
!
line con 0
password 7 002501120A5E1F540472
logging synchronous
login
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
password 7 13240506050910782077
logging synchronous
login
transport input telnet
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet
!
scheduler allocate 20000 1000
!
end
09-09-2009 11:53 AM
Shane
This is a bit confusing. Your default route points to 69.167.64.205 which is the other end of the /30.
So what are you trying to achieve with the /24 ?
Jon
09-09-2009 12:09 PM
With the /24 I want to connect any systems that is connected to the switch on that interface to access the internet or I can access it from the internet since the /24 I have are public IP
09-09-2009 12:12 PM
69.167.64.205 sorry I mean 69.177.74.205 is the ISP gateway. from my router I can ping www.goolge.com but when I connect to the swicth which /24 is connected to I can ping up the the ISP gateway and DNS servers but can't access the internet.
09-09-2009 12:16 PM
Verify your ISP has a route back to your /24 subnet, if they don't - the internet won't know how to get back to you.
Your config is fine.
BTW, where are you implementing NAT in your network?
__
Edison.
09-09-2009 12:38 PM
Edison, I was thinking to do NAT but since two set of IP's are public do I have to do NAT?
09-09-2009 12:45 PM
Shane
No, you shouldn't have to.
As Edison says, your config looks good. Assuming you have the default-gateway etc. correct on your /24 subnet clients i would check with your ISP.
Have you ruled out DNS ie. have you pinged google's IP address rather than URL.
Jon
09-09-2009 01:02 PM
If every device internally is going to be on the public /24, you don't need NAT but I find it odd that you will use a public /24 for your internal network. What type of business environment is this? Hosting services?
BTW, I agree with Jon - try pinging an IP instead of name from the switch holding an IP from the /24 subnet. Try pinging 4.2.2.1
__
Edison.
09-09-2009 12:18 PM
Shane
Are you sure the ISP is routing the /24 back to you ?
Jon
09-09-2009 12:14 PM
Your default route is incorrect.
ip route 0.0.0.0 0.0.0.0 69.167.64.205
Based on the IP address on the WAN interface
description LINK TO ISP
ip address 69.177.74.206 255.255.255.252
it should be
ip route 0.0.0.0 0.0.0.0 69.177.74.205
09-09-2009 12:35 PM
the ip route 0.0.0.0 0.0.0.0 69.167.64.205 was a error I typed. the ISP gateway is 69.177.74.205.
09-09-2009 01:31 PM
Thanks a lot guy, I call my ISP and for some reason the engineer forget to route the /24 to me.
09-09-2009 01:34 PM
Shane
Yep, that would do it :-)
Glad you got it sorted.
Jon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide