07-08-2007 07:06 AM - edited 03-05-2019 05:11 PM
Dear , I am a new cisco user.
I have Cisco 1760 router, with WIC-ADSL and WIC-4ESW.
IOS: c1700-advsecurityk9-mz.124-10.bin
My internet provider give to me block of 8 static ip addresses.
On router I create 2 vlan, one with 8 static ip and another with normal (like 10.10.10.1).
For example:
Vlan1 91.84.xx.xx-91.84.xx.xx subnet 255.255.255.248
Vlan2 10.10.10.1-10.10.10.6 subnet 255.255.255.248
Configuration trouble:
Vlan1 not have access to internet, vlan2 have.
Please help me understand how to make internet access to vlan1.
My conf.file:
--------.
User Access Verification
Username: xxx
Password:
Router#sh running-config
Building configuration...
Current configuration : 1976 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip cef
!
!
!
!
ip name-server 212.104.xxx.xxx
ip name-server 212.104.xxx.xxx
!
!
!
!
username andriy privilege 15 password xxxxxxxxxxx
!
!
!
!
!
interface ATM0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0/0.1 point-to-point
no snmp trap link-status
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface FastEthernet0/0
no ip address
shutdown
speed auto
!
interface FastEthernet1/1
!
interface FastEthernet1/2
switchport access vlan 2
!
interface FastEthernet1/3
!
interface FastEthernet1/4
!
interface Vlan1
ip address 10.10.10.1 255.255.255.248
ip access-group vlan1_in in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1452
!
interface Vlan2
ip address 91.84.xx.xx 255.255.255.248
ip access-group vlan2_in in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1452
!
interface Dialer0
ip address negotiated
ip access-group dialer0_in in
no ip redirects
no ip unreachables
no ip proxy-arp
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname xxxxxxxxxx@xxxx.xxxxxx.xxx
ppp chap password xxxxxxxxxx
ppp pap sent-username xxxxxxxxxx@xxxx.xxxxxx.xxx password xxxxxxxxxx
!
ip route 0.0.0.0 0.0.0.0 Dialer0
!
no ip http server
no ip http secure-server
!
!
control-plane
!
!
line con 0
login local
transport output telnet
line aux 0
line vty 0 4
privilege level 15
login local
!
end
Router#
07-08-2007 07:42 AM
Your VLAN 1 is using a priavte Ip range and hence a NAT is required
ip nat pool test interface vlan 1 overload
ip nat inside source-list 100 pool test
access-list 100 permit ip 10.10.10.0 0.0.0.7 any
Also i see access-group statements which do not have corrs access-list statements and hence can be removed
int vlan 1
no ip access-group vlan1_in in
int vlan 2
ip access-group vlan2_in in
ip nat outside
HTH
Narayan
07-08-2007 08:47 AM
Router(config)#ip nat pool test interface vlan 1 overload
% Invalid input detected at '^' marker.
07-09-2007 07:29 PM
Instead of the pool can you try
ip nat inside source list 100 interface vlan 1 overload
Narayan
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: