Re: can not access internet with cisco 2801 router configure for

vishu29121990 · ‎11-27-2013

hi,

i need help for configuring cisco 2801 router to terminate lease line on it.

after configuration from router i can ping to other end of lease line ie provider end ip 14.141.99.37

and i have connected a single laptop with ip:14.141.99.190/29 with gateway of 14.141.99.185 which is lan interface of router

wan ip subnet :14.141.99.38/30

lan ip subnet :14.141.99.184/29

vlan for wan :1549

dns 1: 121.242.190.180

dns 2:121.242.190.211

and so running is attach below. please help me.

hostname router

!

boot-start-marker

boot-end-marker

!

logging buffered 51200 warnings

no aaa new-model

resource policy

!

mmi polling-interval 60

no mmi auto-configure

no mmi pvc

mmi snmp-timeout 180

ip subnet-zero

ip gratuitous-arps

ip cef

!

ip finger

!

ip domain name yourdomain.com

ip name-server 121.242.190.180

ip name-server 121.242.190.211

ip ddns update method sdm_ddns1

DDNS both

!

crypto pki trustpoint TP-self-signed-4103328871

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-4103328871

revocation-check none

rsakeypair TP-self-signed-4103328871

!

crypto pki certificate chain TP-self-signed-4103328871

certificate self-signed 01

30820257 308201C0 A0030201 02020101 300D0609 2A864886 F70D0101 04050030

31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274

69666963 6174652D 34313033 33323838 3731301E 170D3038 31313235 31303534

31345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649

4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D34 31303333

32383837 3130819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281

8100B2E9 5CF5CCCB 02BF9ADA 1086A259 32A490A5 68A880B9 1805BC72 AA0B2255

6C55A2B0 76BB17C9 87CB933A 2F51BF2B DBF415D0 F56CD13E 4768D44F C5CC7D14

6724498F 6B5BB6C3 34737514 3E02985C F13070A8 927BEB94 1A96C383 DE1185D4

5E64453F 2DC3CB4B B4E49231 035BC38B 785F8856 87C2A2EE 08B6423C BF843D27

03330203 010001A3 7F307D30 0F060355 1D130101 FF040530 030101FF 302A0603

551D1104 23302182 1F4F494C 5F464945 4C442D52 4142414C 452E796F 7572646F

6D61696E 2E636F6D 301F0603 551D2304 18301680 14C82CF9 C804CEA9 94143082

2F178AE5 2C7FB0AA 80301D06 03551D0E 04160414 C82CF9C8 04CEA994 1430822F

178AE52C 7FB0AA80 300D0609 2A864886 F70D0101 04050003 818100B0 8FF51337

D6FB974F 6719221C 1FD62354 29B9A214 34ED3B07 2685176B 6BEBAF84 2C4BB769

8456DB42 83D86124 1D8EE9EB 48842442 0817D603 CA0D63DC D5E4D055 3DBA0931

FDDD4D1D E5B40F48 FA8F43F9 37AE3557 4A5017F4 2545C556 E7AEEFF7 E1ACD35B

50C44F07 95035313 1864DEF3 B1BA6241 89130C33 C696993C 73CBB1

quit

!

interface FastEthernet0/0

description ***WAN***

no ip address

ip mask-reply

ip directed-broadcast

ip nat outside

load-interval 30

speed 100

full-duplex

!

interface FastEthernet0/0.1549

encapsulation dot1Q 1549

ip address 14.141.99.38 255.255.255.252

no snmp trap link-status

!

interface FastEthernet0/1

description ****LAN****

ip address 14.141.99.185 255.255.255.248

ip mask-reply

ip directed-broadcast

ip nat inside

duplex auto

speed auto

!

interface Serial0/1/0

no ip address

shutdown

clock rate 2000000

!

interface Serial0/1/1

no ip address

shutdown

clock rate 2000000

!

router rip

version 2

passive-interface FastEthernet0/0

passive-interface FastEthernet0/1

network 14.0.0.0

no auto-summary

!

ip classless

ip route 0.0.0.0 0.0.0.0 14.141.99.37

ip route 14.141.99.184 255.255.255.248 14.141.99.37

!

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

ip nat inside source route-map Leased_line interface FastEthernet0/0.1549 overload

!

access-list 1 permit any

snmp-server community neter@tulip RO

route-map Leased_line permit 10

match ip address 1

match interface FastEthernet0/0 FastEthernet0/0.1549

!

line con 0

login

line aux 0

line vty 0 4

access-class 23 out

privilege level 15

login

transport input telnet ssh

line vty 5 15

privilege level 15

login

transport input telnet ssh

!

end

Angus Bishop · ‎11-28-2013

Dear Vishakha ,

We need to route the Lag segment ip to the lan side .

ip route 14.141.99.184 255.255.255.248 14.141.99.37

Change to

ip route 14.141.99.184 255.255.255.248 fastethernet 0/1 or the lan next hop .

Please try and let me know

Regards

Agnus

cadet alain · ‎11-28-2013

Hi,

a leased line is not an internet access like xdsl or cable modem, this is a private network between 2 routers done by the ISP.So can we call this a leased line ?

Also you forgot to categorize the wan interface as nat outside so nat won't be working and your route-map for nat is not correct, you should get rid of the match interface command.

Regards

Alain

Don't forget to rate helpful posts.

Richard Burts · ‎11-28-2013

There are several things in this post that puzzle me.

I agree with Alain that the terminology is not clear. Most of us do understand the term leased line to refer to a serial connection. This post uses the term for an Ethernet. But I can understand that it may not be clear what is the best term to refer to a leased Ethernet connection to Internet and that leased line may sort of fit.

I am also puzzled by this static route

ip route 14.141.99.184 255.255.255.248 14.141.99.37

Why is there a static route for the subnet connected to FastEther0/1? And why does the static route point out to the ISP address?

I am also puzzled why there is NAT at all. The addresses on both interfaces are public routable addresses. There is no indication that there are any private addresses in this network. So what is it that needs to be translated?

Perhaps the original poster can provide some clarification of these questions?

HTH

Rick

HTH

Rick

can not access internet with cisco 2801 router configure for lease line terminate