cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7331
Views
20
Helpful
71
Replies

2900 router problems

sirEgGhEaD
Level 1
Level 1

howdy. i'm fairly new to cisco stuff. i have an entire collection of cisco books, but i'm not too far in them. currently i'm deployed to iraq and one of my warrant officers here is a cisco instructor. i've learned some stuff from him and learned some stuff on my own. i've presented my situation to him, but it's extremely hard to learn from him in the first place because he's a little off the wall. but besides that, i don't know enough.

i'm a systems adminstrator here in iraq and head of the helpdesk. i've been in IT for over 20 years. i have experience, just not when it comes to this.

so enough of the intro. we have the internet here in our rooms that we pay way too much for. there is one cable for my roommate and myself. we sign into a radius server with a 24 hour lease. the ip addresses are obviously assigned via dhcp. the cable from our room runs to a "dumb" switch. from the switch, a cat5 runs to a line of site radio that shoots to their office down the road. from there they host the internet via satellite obviously.

currently i have a linksys wrt300 acting as my router with the antennas disabled. i need to send this router home to my wife, so my whole grand plan for this expensive router is only to catch the outside ip address given by my isp, and run a dhcp server to host my inside lan. on this switch there are, of course, 2 built-in fastethernet interfaces, a t1/dsu port on the serial interface, and something else that says t1 on the voice interface.

i've tried a few things. i've created an access list, configured nat on the 2 fe interfaces, and semi-setup the dhcp. i have a few problems. obviously, i can't pull up a webpage. i don't receive ping from everything, even from the router console. for instance yahoo.com i cannot receive a ping from. even the default gateway for the isp i can't receive a ping from. but i've randomly pinged a few ips here from behind their radio. another problem is i don't know how to get dhcp to push itself (192.168.1.1) as the gateway down to the computer connected to it. i have to set it manually.

a few other problems that don't really regard the internet side of my problem is somehow i must have fat-fingered my password when i initially set it up, so i had to follow the recovery instructions at cisco.com. since then, the router won't hold a password when it reboots. show config shows the password, but it still doesn't hold. another thing is dir doesn't show anything other than a .bin file. i don't remember which one, but it isn't my ios.

i know this is quite a lot for one post, but i would definately appreciate some help.

thomas

71 Replies 71

it's 1:30 in the morning over here. i'm off to bed for the night. i'll check back in same time tomorrow after work. thanks a million for all the help. hope you're around tomorrow.

take care,

thomas

RIP or any other dynamic routing protocol is certainly not needed in this setup. Also, if it was, you won't have been able to go online by connecting your computer directly.

Anyways, I would suggest some very basic stuff here. First off, we need to determine if the fa0/0 interface on the router is good. It's weird that we are unable ping anything from the router (with just the IP address and the default route configured), however, the same works when we plug in the computer directly. I don't suspect it could be an access-list as we have already erased the config. So, lets just follow the steps below in the same order and see what we infer.

1. Erase the config on the router. (I know we have done it before but, just don't want to take any chance here and miss on something). Reload the router and do NOT save the changes.

2. Assign static IPs on fa0/0 (10.1.1.1/24) and on fa0/1 (10.1.2.1/24).

3.Connect the router fa0/0 to the computer (use cross-over cable if connecting directly or a straight through if using a switch).

4. Assign static IP (10.1.1.2/24) on the computer and ping the router fa0/0 and vice versa.

Next, unplug the ethernet cable from fa0/0 and plug it in fa0/1. Assign static IP (10.1.2.2/24) on the computer and ping the router fa0/1 and reverse.

If you face any problem pinging the computer check for any firewall software running in the background.

If all the ping tests are successfull, we know the interfaces are good.

5. Connect the computer to the ISP directly (without any router) and configure it to obtain IP from DHCP. Now, ping 4.2.2.2 or any other public IP. Also try your default gateway. If you are able to ping a public IP move to the next step.

6. Unconfigure the IP address on fa0/0 and fa0/1. Set fa0/0 to receive the IP from DHCP.

7. Connect the cable from the ISP to fa0/0. Wait until fa0/0 receives the IP.

8. Configure a default route:

ip route 0.0.0.0 0.0.0.0 fa0/0

9. Check fa0/0 status using - 'show ip int brief'. It should have an IP address assigned from the DHCP and should be up/up.

Check the routing table for the default route - 'show ip route'.

10. If fa0/0 is good and the default route is there, ping the same public IP address which you were able to reach from the computer when it was connected directly.

Ping the IP from the router console.

To summarize, we have made just 2 changes to the default configuration on the router:

- Configured fa0/0 to obtain an IP from the DHCP (which is our ISP).

- Added a default route pointing to fa0/0

Now, this is same as connecting the computer directly to the ISP and logically should work.

Please follow the exact sequence and post the results (not necessarily outputs) for all the steps.

I would be travelling this weekend but may respond if you can post the results today.

-Vaibhav

everything worked pretty well until step 10.

first thing i did was wr erase, enter to confirm. then reload, no to save changes. after boot, enter to get started, no to initial config, yes i'm sure.

en

conf t

int fa0/0

ip address 10.1.1.1 255.255.255.0

no shut

exit

int fa0/1

ip address 10.1.2.1 255.255.255.0

no shut

exit

exit

assigned my computer nic 10.1.1.2 255.255.255.0, dg 10.1.1.1

plugged my pc into fa0/0

pinged 10.1.1.1 successfully from pc

pinged 10.1.1.2 successfully from console

unplugged cable from pc

assigned address 10.1.2.2 255.255.255.0, dg 10.1.2.1

plugged pc into fa0/1

pinged 10.1.2.1 successfully from pc

pinged 10.1.2.2 successfully from console

unplugged cable from pc

nic to automatic config

plugged in isp cable

logged into radius server

pinged 4.2.2.2 successfully

pinged 10.3.68.1 with 1 packet returned with 4 retries

(radius server only allows 1 mac on the account, so i log back off here)

i try pinging random 10.3.68 addresses until i get a result from .24

i ping it several times to be sure

then i conf t

int fa0/0

ip address dhcp

exit

ip route 0.0.0.0 0.0.0.0 fa0/0

plug my isp cable into fa0/0

wait for ip

show ip int brief

fa0/0 shows 10.3.68.29 yes dhcp up up

show ip route

shows C on fa0/0 and S on 0.0.0.0 i think

i try pinging 10.3.68.24 with no result

i worked my way up to .55 with no result

note that i cannot ping anything else without logging into radius server and i cannot log ingo radius server and then plug cable into router because of mac.

This looks good. I forgot to ask if you are able to ping the radius server from the router? Lets try this now:

- Assign static IP on fa0/1

int fa0/1

ip address 10.1.2.1 255.255.255.0

no shut

Connect this interface to the computer and assign 10.1.2.2 255.255.255.0 on the computer. Also, configure 10.1.2.1 as the default gateway on the computer.

Now try pinging the radius server or connecting to the radius server from the computer. If successfull, see if you can get on to the internet.

Looking forward to your response.

YES!! that worked like a charm! only thing is dns now. only ips are working with that.

by the way, the dg and radius are same ip...

Sounds great. For the DNS as a temporary workaround configure 4.2.2.2 as your DNS on the coumpter(s). I'll check how we can push the DNS onto the clients and will get back to you.

Let me know if the workaround works for you.

Please do remember to rate the posts, if these were helpful.

-Vaibhav

working just fine. one odd thing i noticed though. i logged into radius and it said my address is .32 yet my router still shows .29.

and i will most definately rate the posts. they were oustanding. i would just like to wait until a bit later in the night when the speed picks up a bit

thanks for all the help,

thomas

Thomas,

Here's the DHCP configuration:

Router(config)# ip dhcp excluded-address 192.168.1.1

ip dhcp pool InSayne

Router(dhcp-config)#network 192.168.1.1 255.255.255.0

default-router 192.168.1.1

dns-server 208.67.222.222 208.67.220.220

exit

Router(config)# no ip dhcp conflict logging

-----------

Configure static IP 192.168.1.1 255.255.255.0 on fa0/1.

Now, the client computers should be able to receive the IP address, default gateway as well as the DNS server IP from the router. You may remove the static DNS 4.2.2.2 assigned on the computer.

Let us know how it goes.

-Vaibhav

thanks. i'll check that out here in a bit. i have a slight problem. my roommate just woke up and i configured his 2 pcs to work on the router with the temp, and when i accessed a webpage, it sent me to the radius login. it works fine until another computer tries to access something. then it send everyone back to the radius login. as long as only one computer is in use on the net, it's fine. when more than one are in use, it shoots to the radius login. not very nice. :o(

i have another problem. ever since i changed the net config to 192.168.1 i can't access anything on fa0/0 anymore. not even by ip address. it's back to doing what it was when i first started.

Im not sure if I understand you correctly. Do you mean, everything was working fine until fa0/1 was 10.1.2.1 and now with 192.168.1.1 it does not? Have you configured the dhcp commands on the router and is that working fine? Are the clients getting IP, DG and DNS IP? Did you make any other changes as well? Are there any other devices connected to the switch in 192.168.1.x network ?

Also, please try by removing the dhcp commands and see if that helps. What if we remove the dhcp commands but continue to use 192.168.1.x for the local network?

If the problem persists, attach 'show run' here.

-Vaibhav

yeah, everything worked great until i configured it for 192.168.1.1 except for the problem i started having when i had more than one machine active on the net. yeah, the machines are getting all the info from dhcp. the only other change i made was the enable password. i have 3 computers that are running on that switch constantly. all pulling dhcp from my linksys router.

i'll remove the commands this evening when i get off work and post an update.

thanks again,

thomas

i changed my dhcp to the 10.1.2 lan and it's working now. but i still have my other problem - when more than one computer is trying to access the internet, it sends us to the radius login screen. as long as one person doesn't touch the computer, the other can log into radius and surf freely. but once that other machine tries to access the inet, it sends us to the login. it almost sounds like their router is seeing our individual addresses and not the address caught by my router from dhcp.

speaking of that address...how can i release and renew the address caught by fa0/0? because every time i plug in, it catches .29 yet when i plug in with my computer or my other router, it will catch some other address. i just really don't want to cause an ip conflict on their net.

posted below is my current running-config:

InSayneLAN#show run

Building configuration...

Current configuration : 1093 bytes

!

version 12.3

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname InSayneLAN

!

boot-start-marker

boot-end-marker

!

enable password *********

!

no aaa new-model

!

resource policy

!

no network-clock-participate slot 1

no network-clock-participate wic 0

voice-card 1

!

ip subnet-zero

ip cef

!

!

no ip dhcp use vrf connected

no ip dhcp conflict logging

ip dhcp excluded-address 10.1.2.1

!

ip dhcp pool InSayne

network 10.1.2.0 255.255.255.0

default-router 10.1.2.1

dns-server 208.x.x.222 208.67.220.220

!

!

no ftp-server write-enable

!

!

!

!

!

!

!

!

!

!

!

!

!

!

controller T1 1/0

framing sf

linecode ami

!

!

!

interface FastEthernet0/0

ip address dhcp

duplex auto

speed auto

!

interface Serial0/0

no ip address

shutdown

no fair-queue

no dce-terminal-timing-enable

!

interface FastEthernet0/1

ip address 10.1.2.1 255.255.255.0

duplex auto

speed auto

!

ip classless

ip route 0.0.0.0 0.0.0.0 FastEthernet0/0

!

ip http server

!

!

!

control-plane

!

!

!

!

!

!

!

!

line con 0

line aux 0

line vty 0 4

!

!

end

InSayneLAN#

thanks for all the help. hope you have a great weekend.

thomas

i just removed all dhcp from my router and manually configed my pc to 192.168.1 net and set fa0/1 to .1 and i wasn't able to get anywhere. then i set fa0/1 to 172.16.1.1 and put my computer on that net, and i'm back to working. so obviously something is going on with 192.168 addresses. i configured dhcp for 172.16.1 net, logged into radius and hooked up another pc up to the network and tried browsing and got shot to the radius login again. same problem as on the 10.1.2 net.

well i've alleviated my problem of allowing multiple computers on the net. i configured nat to an extent. i'm not too knowledgable on the whole overload concept. but this is what i added to my last posted config:

ip nat pool InSayne 172.16.1.1 172.16.1.255 prefix-length 24

ip nat inside source list 15 interface FastEthernet0/0 overload

!

access-list 15 permit 172.16.1.0 0.0.0.255

and then of course fa0/0 as outside and fa0/1 as inside. let me know if i'm missing something, and i'll keep you posted as to how well this works over the weekend.

thanks again!

thomas

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: