cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
735
Views
0
Helpful
2
Replies

1841 setup problem, dhcp clients cannot see internet

stranm154
Level 1
Level 1

I'm trying to get a small branch office up and running. It has a newly installed T1 Line and a cisco 1841 router. The network is mixed topology with linux, mac and windows, no servers to speak of. We want to run dhcp and nat from the 1841 and seem to have hit a wall with this. The network connections are all good, the T1 is working and if I configure fastethernet 0/0 with an outside IP address and give clients static IP addresses things do work but we need to share an IP address. I've included the setup config from the router, any hints or help would be greatly appreciated since the clients can't connect to or ping the internet as soon as they try and use dhcp (though they do get valid dhcp ip addresses within the range specified).  The DHCP pool address is the valid external IP address that we want to use for all traffic going out from all the PC's hooked up through the switch (there is a dlink switch hooked to fastethernet 0/0).

Config:

smallmouth#show config

Using 1446 out of 196600 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname smallmouth

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$4eEN$65vLCb8GnvRzQoOwZoT.K0

enable password XXXXXX

!

no aaa new-model

dot11 syslog

ip cef

!

!

no ip dhcp use vrf connected

ip dhcp excluded-address 192.168.1.1 192.168.1.99

!

ip dhcp pool pool1

   import all

   network 192.168.1.0 255.255.255.0

   default-router 192.168.1.1

   dns-server 4.2.2.2

   lease infinite

!        

!        

!        

multilink bundle-name authenticated

!        

!        

!        

!        

archive  

log config

  hidekeys

!        

!        

!        

!        

!        

!        

!        

interface Tunnel1

no ip address

!        

interface FastEthernet0/0

ip address 192.168.1.1 255.255.255.0

ip nat inside

ip nat enable

ip virtual-reassembly

speed 100

full-duplex

!        

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!        

interface Serial0/0/0

ip address 10.176.30.6 255.255.255.252

ip nat outside

ip nat enable

ip virtual-reassembly

encapsulation ppp

!        

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 10.176.30.5

!        

!        

no ip http server

no ip http secure-server

ip nat pool mypool 199.116.110.9 199.116.110.9 netmask 255.255.255.248

ip nat inside source list 7 pool mypool overload

!        

access-list 7 permit 192.168.1.0 0.0.0.200

snmp-server community public RO

!        

!        

!        

!        

!        

!        

control-plane

!        

!        

!        

line con 0

line aux 0

line vty 0 4

password XXXXXX

login   

!        

scheduler allocate 20000 1000

end      

1 Accepted Solution

Accepted Solutions

mikeburr1234
Level 1
Level 1

I think this might be your typo,

access-list 7 permit 192.168.1.0 0.0.0.200

If you want all of the 192.168.1.0 to be NATd out the serial interface, then this hould be:

access-list 7 permit 192.168.1.0 0.0.0.255

Hope this helps.


Mike Burr

Mike's Technology and Finance Blog

View solution in original post

2 Replies 2

mikeburr1234
Level 1
Level 1

I think this might be your typo,

access-list 7 permit 192.168.1.0 0.0.0.200

If you want all of the 192.168.1.0 to be NATd out the serial interface, then this hould be:

access-list 7 permit 192.168.1.0 0.0.0.255

Hope this helps.


Mike Burr

Mike's Technology and Finance Blog

That was it... just a typo...but after hours of starring at documentation, the eyes, they get blurry.

Thanks Again for your help!!!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: