05-11-2017 09:07 AM - edited 03-08-2019 10:32 AM
I recent got an 891fw and was look for a basic config for DHCP from my ISP via my GI wan interface, w/ dhcp internal, NAT overload from vlan 1 to the GI wan and dhcp internally. Where can I find something that explains this? I have gone through several tutorials and the best I can get is pinging the outside of the router.
Solved! Go to Solution.
05-11-2017 09:53 AM
Here is a link on how to configure DHCP on the router:
http://www.firewall.cx/cisco-technical-knowledgebase/cisco-routers/812-cisco-router-dhcp-config.html
HTH
05-11-2017 09:53 AM
Here is a link on how to configure DHCP on the router:
http://www.firewall.cx/cisco-technical-knowledgebase/cisco-routers/812-cisco-router-dhcp-config.html
HTH
05-13-2017 03:02 PM
On a side not, have you got WiFi and NAT working as well ?
05-13-2017 03:44 PM
No, I do not have WiFi or NAT working as of yet.
05-15-2017 10:56 AM
Do you have anything regarding the WiFi?
05-11-2017 01:04 PM
Hey!!! The DHCP is running smooth and it totally makes sense. Thanks!1
05-11-2017 02:43 PM
Glad all is working for you and thanks for the rating!
05-11-2017 02:52 PM
Any ideas about the NAT overload and WiFi?
05-11-2017 06:19 PM
Can you post "sh run" from the router and point out what interface is connecting to the provider (Internet) and what interface is internal?
HTH
05-13-2017 01:20 PM
Building configuration...
Current configuration : 3401 bytes
!
! Last configuration change at 19:52:23 UTC Thu May 11 2017 by admin
!
version 15.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname oakland
!
boot-start-marker
boot-end-marker
!
!
security authentication failure rate 10 log
security passwords min-length 6
logging console critical
enable secret 5 $1$i9ud$.
enable password 7
!
aaa new-model
!
!
aaa authentication login local_auth local
!
!
!
!
!
aaa session-id common
service-module wlan-ap 0 bootimage autonomous
!
!
no ip source-route
no ip gratuitous-arps
!
!
!
!
!
!
!
!
!
ip dhcp excluded-address 172.26.8.1 172.26.8.150
!
ip dhcp pool NET-POOL
 network 172.26.8.0 255.255.255.0
 default-router 172.26.8.1
 dns-server 71.250.0.12 4.2.2.2
 domain-name oakland.local
 lease 8
!
!
!
no ip bootp server
ip domain name oakland.local
ip cef
no ipv6 cef
!
!
!
!
!
multilink bundle-name authenticated
!
isdn switch-type basic-5ess
!
!
!
!
!
!
license udi pid sn
!
!
username admin password 7
!
!
!
!
no cdp run
!
ip ssh time-out 60
ip ssh authentication-retries 2
!
!
!
!
!
!
!
!
!
!
!
interface BRI0
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 encapsulation hdlc
 shutdown
 isdn switch-type basic-5ess
 isdn termination multidrop
 isdn point-to-point-setup
!
interface FastEthernet0
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 shutdown
 duplex auto
 speed auto
!
interface GigabitEthernet0
 no ip address
!
interface GigabitEthernet1
 no ip address
!
interface GigabitEthernet2
 no ip address
!
interface GigabitEthernet3
 no ip address
!
interface GigabitEthernet4
 no ip address
!
interface GigabitEthernet5
 no ip address
!
interface GigabitEthernet6
 no ip address
!
interface GigabitEthernet7
 no ip address
!
interface GigabitEthernet8
 ip address dhcp
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 duplex auto
 speed auto
!
interface Wlan-GigabitEthernet8
 no ip address
!
interface wlan-ap0
 no ip address
 shutdown
!
interface Vlan1
 ip address 172.26.8.1 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
!
interface Async3
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 encapsulation slip
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
!
!
logging trap debugging
logging facility local2
dialer-list 1 protocol ip permit
!
access-list 100 permit udp any any eq bootpc
!
!
!
control-plane
!
!
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
!
mgcp profile default
!
!
!
!
!
!
banner motd ^C Stay OUT ^C
!
line con 0
 login authentication local_auth
 no modem enable
 transport output telnet
line aux 0
 exec-timeout 15 0
 login authentication local_auth
 transport output telnet
line 2 3
 exec-timeout 15 0
 login authentication local_auth
 no activation-character
 no exec
 transport preferred none
 transport input all
 stopbits 1
line vty 0 4
 password 7 105D29091547001F1F243A3B743A27
 login authentication local_auth
 transport input telnet ssh
!
scheduler allocate 20000 1000
!
!
end
oakland#Current configuration : 3401 bytes
        ^
05-13-2017 04:22 PM
Assuming inter gi8 is the one that connects to Internet, you need this command under the interface
config
int gi8
ip nat outside
Assuming vlan1 is the interface serving internal network, you need this command under the vlan interface
config t
int vlan 1
ip nat inside
you also need to configure an access list
access list 101 permit ip 172.26.8.0 0.0.0.255 any
you also need a NAT statement:
ip nat inside source list 101 interface gi8 overload
Also, here is good doc with an examle on how to configure NAT
http://www.firewall.cx/cisco-technical-knowledgebase/cisco-routers/260-cisco-router-nat-overload.html
HTH
05-14-2017 06:29 AM
I had attempted to implement settings similar to what you sent me without success until now!! Thanks... It works and makes sense!!! Now all I need is the WiFi so I can replace the old router.
05-15-2017 12:23 PM
Glad to know that is working too.
Can you provide more info regarding what you are trying to do with WiFi?
05-15-2017 02:34 PM
I just want agn to all work on vlan 1, if that is the simplest thing to do. I want them to share the same subnet and dhcp. It would be nice to also have a guest network.
Get Outlook for iOS
05-17-2017 01:43 PM
I was able to configure the wireless but only with WPA. How can I change it to WPA2 so it is not left vulnerable to hackers?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: