DNS not Working on Cisco 877

Answered Question
Aug 31st, 2010
User Badges:

Hi Guys,


I have a Cisco Route 877 to connect to the internet but it would not resolved any DNS. We do not have a DNS server and I am trying to use the 877 to resolve DNS. Am I missing something?


Below is my Config file for Cisco 877. Need your help.


/* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin-top:0in; mso-para-margin-right:0in; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0in; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin;}

Building configuration...


Current configuration : 5002 bytes

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname XXXXX

!

boot-start-marker

boot-end-marker

!

logging message-counter syslog

logging buffered 51200 warnings

enable secret 5 XXXXXXXXXXXX

!

no aaa new-model

clock timezone PCTime 10

clock summer-time PCTime date Mar 30 2003 3:00 Oct 26 2003 2:00

!

crypto pki trustpoint TP-self-signed-1189342284

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-1189342284

revocation-check none

rsakeypair TP-self-signed-1189342284

!

!

crypto pki certificate chain TP-self-signed-1189342284

certificate self-signed 01

  30820250 308201B9 A0030201 02020101 300D0609 2A864886 F70D0101 04050030

  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274

  69666963 6174652D 31313839 33343232 3834301E 170D3032 30333031 30313436

  30345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649

  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 31383933

  34323238 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281

  8100D825 AAE8EEAB 6F4D889E A14B96E3 EBB300B8 27ECF863 D66E316D


6C05DC4D

  ECF43846 7B51BE28 B2C1E8AF F1A08551 B24644A3 F2758E1E 15833A09 B1CB6D9F

  0B57D90D 0F82E8A7 DED2304D 775C28D0 1A2F3969 7B0604FF DE3A2406 5E11FF98

  B37DAE01 367D21D8 908799BE E87AD49C DEDFE06B 81360309 9A9D6F86 092F9221

  6A750203 010001A3 78307630 0F060355 1D130101 FF040530 030101FF 30230603

  551D1104 1C301A82 18466F6F 74736372 61792E79 6F757264 6F6D6169 6E2E636F

  6D301F06 03551D23 04183016 8014B7AE FEDE3F79 53DCC836 6B95B999 DA66803C

  7CC8301D 0603551D 0E041604 14B7AEFE DE3F7953 DCC8366B 95B999DA 66803C7C

  C8300D06 092A8648 86F70D01 01040500 03818100 71614F06 EA905A73 A41907DF

  D1D8C89A 4BE1E2C2 4B69D14D 02AABA12 89045005 B9D6E3D8 833628DA


CC4257AA

  4F213F9A 39A17E4B BB1BB316 38B0204F 711769E9 F972A368 60C5507E 85535559

  B18FBFDF 7D2D3904 40FA1FFC B6D042A8 777757F5 2D8747D4 90807B47 C2E3A59F

  6FF7000F A0EAC67B 04E2B625 D34518BE B79BC2E3

        quit

dot11 syslog

no ip source-route

ip dhcp excluded-address 10.3.3.254

!

ip dhcp pool ccp-pool1

   network 10.3.3.0 255.255.255.0

   default-router 10.3.3.254

!

!

ip cef

no ip bootp server

no ip domain lookup

ip domain name yourdomain.com

!

!

!

!

username admin privilege 15 secret 5 $1xxxxxxxxxxxxxx

!

!

!

archive

log config

  hidekeys

!

!

!

!

!

interface ATM0

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

no atm ilmi-keepalive

dsl operating-mode auto

!

interface ATM0.1 point-to-point

description $ES_WAN$$FW_OUTSIDE$

pvc 8/35

  pppoe-client dial-pool-number 1

!

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

!

interface Vlan1

description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$

ip address 10.3.3.254 255.255.255.0

no ip redirects

no ip unreachables

no ip proxy-arp

ip nat inside

ip virtual-reassembly

ip tcp adjust-mss 1412

!

interface Dialer0

ip address negotiated

no ip redirects

no ip unreachables

no ip proxy-arp

ip mtu 1452

ip nat outside

ip virtual-reassembly

encapsulation ppp

dialer pool 1

dialer-group 1

no cdp enable

ppp authentication chap pap callin

ppp chap hostname [email protected]

ppp chap password 0 abcde

ppp pap sent-username [email protected] password 0 abcde

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 Dialer0

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

ip nat inside source list 1 interface Dialer0 overload

!

access-list 1 remark INSIDE_IF=Vlan1

access-list 1 remark CCP_ACL Category=2

access-list 1 permit 10.3.3.0 0.0.0.255

dialer-list 1 protocol ip permit

no cdp run


!

!

!

!

control-plane

!

banner exec ^C

% Password expiration warning.

-----------------------------------------------------------------------


Cisco Configuration Professional (Cisco CP) is installed on this device

and it provides the default username "cisco" for  one-time use. If you have

already used the username "cisco" to login to the router and your IOS image

supports the "one-time" user option, then this username has already expired.

You will not be able to login to the router with this username after you exit

this session.


It is strongly suggested that you create a new username with a privilege level

of 15 using the following command.


username <myuser> privilege 15 secret 0 <mypassword>


Replace <myuser> and <mypassword> with the username and password you

want to use.


-----------------------------------------------------------------------

^C

banner login ^CAuthorized access only!

Disconnect IMMEDIATELY if you are not an authorized user!^C

!

line con 0

login local

no modem enable

line aux 0

line vty 0 4

privilege level 15

login local

transport input telnet ssh

!

scheduler max-task-time 5000

end


Thank you and regards

Michael

Correct Answer by kyukim about 6 years 10 months ago

Hi,

As Richard pointed out, you are missing two things here.


You need to make IOS router as dns forwarder.

You can do that by "ip name-server x.x.x.x" (x.x.x.x can be your ISP DNS server or public DNS server like 4.2.2.2)

Then, you need to configure DNS server in DHCP pool, so PC will get DNS server information when they get IP address from DHCP server.

So, do below.


Conf t

ip name-server x.x.x.x

ip name-server y.y.y.y --> usually, ISP give you primary and secondary DNS server IP addresses.

ip dhcp pool xxx

dns-server x.x.x.x y.y.y.y


KK

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
jaidan2003 Tue, 08/31/2010 - 21:27
User Badges:

Sorry Typo error on:


/* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin-top:0in; mso-para-margin-right:0in; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0in; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin;}

ppp chap hostname [email protected]

ppp chap password 0 abcde

ppp pap sent-username [email protected] password 0 abcde


But still cannot reolsve DNS


Regards
Michael

Richard Burts Tue, 08/31/2010 - 22:13
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Michael


The first issue is that I do not see anything in this router config that tell the router where any DNS server is that it could use to resolve names. In the information that the service provider gave you with the Internet connection was there any information about DNS servers that you should use? (and there are a number of DNS servers available in the Internet that you can use in addition to whatever your provider may have). Getting this configured is the first major step in resolving issues with how get name resolution.


HTH


Rick

Correct Answer
kyukim Wed, 09/01/2010 - 13:27
User Badges:
  • Cisco Employee,

Hi,

As Richard pointed out, you are missing two things here.


You need to make IOS router as dns forwarder.

You can do that by "ip name-server x.x.x.x" (x.x.x.x can be your ISP DNS server or public DNS server like 4.2.2.2)

Then, you need to configure DNS server in DHCP pool, so PC will get DNS server information when they get IP address from DHCP server.

So, do below.


Conf t

ip name-server x.x.x.x

ip name-server y.y.y.y --> usually, ISP give you primary and secondary DNS server IP addresses.

ip dhcp pool xxx

dns-server x.x.x.x y.y.y.y


KK

Actions

This Discussion