Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
973
Views
10
Helpful
5
Replies

Questions about router config

Go to solution
Tracy Beekman
Level 1
Level 1

‎01-26-2012 07:54 AM - edited ‎03-07-2019 04:33 AM

Hi all,

Just wanted to get a little help here.  I am a bit green on routing and setting up routers.  I have never really had to do it in my career, but I find myself needing to re-educate myself.  With that, I have a Cisco 867VAE-K9 router.  I am connecting it to a cable modem set in bridge mode with static ip info from the ISP. To that router, I am connecting a AP1262N.  It will provide wireless to a building and eventually, as soon as I get the antenna up, public access Internet connection for a park.  I don't need a lot of security as far as prohibiting certain websites.  I am going to acheive this through openDNS.  So, with all of that, I was hoping someone could take a look at my current config and tell me what I am missing.  I know I am missing something...Thanks in advance for your help.  Also, if you see, the year is 1912, I can't for the life of me get it changed.  I am guessing that once I connect it to the provided modem, it will update with the correct year.....hopefully?

! Last configuration change at 09:31:36 gmt Fri Jan 26 1912

version 15.1

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname ParksRouter

!

boot-start-marker

boot-end-marker

!

!

enable secret 5 $1$vyTL$64bjmGFLqg/MLyex6SUIR1

!

no aaa new-model

wan mode ethernet

clock timezone gmt -6 0

no ipv6 cef

ip source-route

ip cef

!

!

!

ip dhcp excluded-address 10.10.10.1 10.10.10.20

!

ip dhcp pool ParksPool

import all

network 10.10.10.0 255.255.255.0

default-router 10.10.10.1

dns-server 68.113.206.10 24.217.0.5 <-- these are DNS given to me by ISP

domain-name duncanville.com

!

!

no ip domain lookup

ip domain name duncanville.com

ip name-server 68.113.206.10

ip name-server 24.217.0.5

!

!

!

crypto pki token default removal timeout 0

!

!

!

!

!

!

controller VDSL 0

shutdown

!

!

!

!

!

!

!

!

!

!

interface ATM0

no ip address

shutdown

no atm ilmi-keepalive

!

interface Ethernet0

no ip address

shutdown

!

interface FastEthernet0

no ip address

!

interface FastEthernet1

no ip address

!

interface FastEthernet2

no ip address

!

interface FastEthernet3

no ip address

!

interface GigabitEthernet0

no ip address

!

interface GigabitEthernet1

description Internet Out - Charter

ip address x.x.x.x 255.255.255.252

no ip proxy-arp

ip nat outside

ip virtual-reassembly in

no ip route-cache

duplex auto

speed auto

no cdp enable

!

interface Vlan1

description Internal LAN

ip address 10.10.10.1 255.255.255.0

no ip proxy-arp

ip nat inside

ip virtual-reassembly in

no ip route-cache

!

ip forward-protocol nd

no ip http server

no ip http secure-server

!

!

ip nat inside source list 1 interface GigabitEthernet1 overload

ip route 0.0.0.0 0.0.0.0 GigabitEthernet1

!

!

!

!

!

!

line con 0

exec-timeout 5 30

password

login

no modem enable

line aux 0

line vty 0 4

password

login

transport input all

!

scheduler allocate 60000 1000

end

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Edgar Collins
Level 1
Level 1

‎01-26-2012 09:28 AM

Tracy,

The config is incomplete, unless I am missing something where is the source list 1.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Edgar Collins
Level 1
Level 1

‎01-26-2012 09:28 AM

Tracy,

The config is incomplete, unless I am missing something where is the source list 1.

0 Helpful

Go to solution
Tracy Beekman
Level 1
Level 1
In response to Edgar Collins

‎01-26-2012 01:36 PM

Edgar,

Thanks....you weren't missing anything....so, all I need at this point is to add a line in the config as follows

access-list 1 permit 10.10.10.0 0.0.0.255

Should that be followed by "any" to permit all traffic or is that implied in the statement iteself?

Thanks,

Tracy

0 Helpful

Go to solution
ebarticel
Level 4
Level 4
In response to Tracy Beekman

‎01-26-2012 09:49 PM

Is this router connected to a switch? If yes what interface is connected to the switch?

0 Helpful

Go to solution
Tracy Beekman
Level 1
Level 1
In response to ebarticel

‎01-27-2012 06:08 AM

Eugen,

Thanks for the response, and no, it is not.  There will be a WAP attached providing WiFi service.  No need to call out a specific int on this device, they are all part of the default VLAN.

0 Helpful

Go to solution
cadet alain
VIP Alumni
VIP Alumni
In response to Tracy Beekman

‎01-27-2012 06:16 AM

Hi,

a standard ACL  like the one proided is enough: 

access-list 1 permit 10.10.10.0 0.0.0.255

But you should also do this on your interfaces:  ip route-cache cef

and change your static default route to point to next-hop ip instead of  outgoing interface

also if you want to communicate via name for router traffic you should reenable ip domain lookup.

Regards.

Alain

Don't forget to rate helpful posts.
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card