Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Trouble With 2 Vlans.

Dear , I am a new cisco user.

I have Cisco 1760 router, with WIC-ADSL and WIC-4ESW.

IOS: c1700-advsecurityk9-mz.124-10.bin

My internet provider give to me block of 8 static ip addresses.

On router I create 2 vlan, one with 8 static ip and another with normal (like 10.10.10.1).

For example:

Vlan1 91.84.xx.xx-91.84.xx.xx subnet 255.255.255.248

Vlan2 10.10.10.1-10.10.10.6 subnet 255.255.255.248

Configuration trouble:

Vlan1 not have access to internet, vlan2 have.

Please help me understand how to make internet access to vlan1.

My conf.file:

--------.

User Access Verification

Username: xxx

Password:

Router#sh running-config

Building configuration...

Current configuration : 1976 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Router

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

ip cef

!

!

!

!

ip name-server 212.104.xxx.xxx

ip name-server 212.104.xxx.xxx

!

!

!

!

username andriy privilege 15 password xxxxxxxxxxx

!

!

!

!

!

interface ATM0/0

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

ip route-cache flow

no atm ilmi-keepalive

dsl operating-mode auto

!

interface ATM0/0.1 point-to-point

no snmp trap link-status

pvc 0/38

encapsulation aal5mux ppp dialer

dialer pool-member 1

!

!

interface FastEthernet0/0

no ip address

shutdown

speed auto

!

interface FastEthernet1/1

!

interface FastEthernet1/2

switchport access vlan 2

!

interface FastEthernet1/3

!

interface FastEthernet1/4

!

interface Vlan1

ip address 10.10.10.1 255.255.255.248

ip access-group vlan1_in in

no ip redirects

no ip unreachables

no ip proxy-arp

ip nat inside

ip virtual-reassembly

ip route-cache flow

ip tcp adjust-mss 1452

!

interface Vlan2

ip address 91.84.xx.xx 255.255.255.248

ip access-group vlan2_in in

no ip redirects

no ip unreachables

no ip proxy-arp

ip nat inside

ip virtual-reassembly

ip route-cache flow

ip tcp adjust-mss 1452

!

interface Dialer0

ip address negotiated

ip access-group dialer0_in in

no ip redirects

no ip unreachables

no ip proxy-arp

ip virtual-reassembly

encapsulation ppp

ip route-cache flow

dialer pool 1

dialer-group 1

no cdp enable

ppp authentication chap pap callin

ppp chap hostname xxxxxxxxxx@xxxx.xxxxxx.xxx

ppp chap password xxxxxxxxxx

ppp pap sent-username xxxxxxxxxx@xxxx.xxxxxx.xxx password xxxxxxxxxx

!

ip route 0.0.0.0 0.0.0.0 Dialer0

!

no ip http server

no ip http secure-server

!

!

control-plane

!

!

line con 0

login local

transport output telnet

line aux 0

line vty 0 4

privilege level 15

login local

!

end

Router#

3 REPLIES

Re: Trouble With 2 Vlans.

Your VLAN 1 is using a priavte Ip range and hence a NAT is required

ip nat pool test interface vlan 1 overload

ip nat inside source-list 100 pool test

access-list 100 permit ip 10.10.10.0 0.0.0.7 any

Also i see access-group statements which do not have corrs access-list statements and hence can be removed

int vlan 1

no ip access-group vlan1_in in

int vlan 2

ip access-group vlan2_in in

ip nat outside

HTH

Narayan

New Member

Re: Trouble With 2 Vlans.

Router(config)#ip nat pool test interface vlan 1 overload

% Invalid input detected at '^' marker.

Re: Trouble With 2 Vlans.

Instead of the pool can you try

ip nat inside source list 100 interface vlan 1 overload

Narayan

148
Views
0
Helpful
3
Replies