Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Can ping from router to internet but not from VLANs on a switch.

Hey guys its been a while for me since I have done some of this command line routing so I am trying to knock some of this rust off. I think I might be missing a default route or the default rout might be wrong. I can ping from the router to the internet and from the router to the PCs. From the PC to the router but not from the PCs to the internet. Here is my configurations.


Building configuration...

Current configuration : 1545 bytes
!
! Last configuration change at 02:22:06 est Sun Aug 24 2014
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ASrouter
!
boot-start-marker
boot-end-marker
!
! card type command needed for slot/vwic-slot 0/3
enable secret 5 $1$fhqR$y8Bv6veRwKf/zzUhwtSQn.
!
no aaa new-model
clock timezone est -5
clock summer-time est recurring 2 Sun Mar 2:00 1 Sun Nov 2:00
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.7.20.1 10.7.20.2
!
ip dhcp pool AShome
   network 10.7.20.0 255.255.255.0
   default-router 10.7.20.1
   dns-server 8.8.8.8 8.8.4.4
!
!
!
multilink bundle-name authenticated
!
!
voice-card 0
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
 ip dhcp client hostname ASrouter
 ip address dhcp
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
!
interface FastEthernet0/1.10
 description Network VLAN
 encapsulation dot1Q 10
 ip address 10.7.10.1 255.255.255.0
!
interface FastEthernet0/1.20
 description DHCP VLAN
 encapsulation dot1Q 20
 ip address 10.7.20.1 255.255.255.0
!
interface FastEthernet0/1.30
 description VMware VLAN
 encapsulation dot1Q 30
 ip address 10.7.30.1 255.255.255.0
!
ip default-gateway 192.168.0.1
!
!
ip http server
no ip http secure-server
!
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
 password Password
 login
line aux 0
 password Password
 login
line vty 0 4
 password Password
 login
!
scheduler allocate 20000 1000
end


Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 192.168.0.1 to network 0.0.0.0

     10.0.0.0/24 is subnetted, 3 subnets
C       10.7.10.0 is directly connected, FastEthernet0/1.10
C       10.7.30.0 is directly connected, FastEthernet0/1.30
C       10.7.20.0 is directly connected, FastEthernet0/1.20
C    192.168.0.0/24 is directly connected, FastEthernet0/0
S*   0.0.0.0/0 [254/0] via 192.168.0.1

 

1 ACCEPTED SOLUTION

Accepted Solutions

Helloyour router /switch isn

Hello

your router /switch isn't routing  is set as a host device

 

However since your performing l3 with your subinterfaces I suggest enable  ip routing and use a static default route instead of a default gateway:

 

ip routing

ip route 0.0.0.0 0.0.0.0. dhcp

 

res

paul

Ps I assume your ISP is natting on your behalf?
Please don't forget to rate any posts that have been helpful. Thanks.
4 REPLIES
New Member

Hi Jsmith,So from the above

Hi Jsmith,

So from the above config output you have a default gateway set up (192.168.0.1) as well as a static route to said network in your routing table (the default gateway address as I see from the above is a dynamically assigned address!!! you should really consider using a statically assigned IP address to prevent problems down the road).

As it stands, you have all unknown traffic being sent to the Fa0/0 interface, not the next hop router.

Whats the next hop device IP address? Is is an ISP presentation?

If you have an IP address from your ISP use this, if you have a next hop router then I would suggest using its IP address.

I'll throw this out there as well, I know you say you can ping the internet and PC's from the router but not the PC's to the internet, but do you have a device in between the internet and the router that is actively NATing the 10.x.x.x address range? Obviously you can't sent a 10.0.0.0/8 address out on to the internet.

Helloyour router /switch isn

Hello

your router /switch isn't routing  is set as a host device

 

However since your performing l3 with your subinterfaces I suggest enable  ip routing and use a static default route instead of a default gateway:

 

ip routing

ip route 0.0.0.0 0.0.0.0. dhcp

 

res

paul

Ps I assume your ISP is natting on your behalf?
Please don't forget to rate any posts that have been helpful. Thanks.
New Member

Here was the final settings

Here was the final settings and it all works.

Building configuration...

Current configuration : 1978 bytes
!
! Last configuration change at 22:52:54 est Sun Aug 24 2014
! NVRAM config last updated at 16:42:37 est Sun Aug 24 2014
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ASrouter
!
boot-start-marker
boot-end-marker
!
! card type command needed for slot/vwic-slot 0/3
enable secret 5 $1$fhqR$y8Bv6veRwKf/zzUhwtSQn.
!
no aaa new-model
clock timezone est -5
clock summer-time est recurring 2 Sun Mar 2:00 1 Sun Nov 2:00
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.7.20.1 10.7.20.2
ip dhcp excluded-address 10.7.20.3
!
ip dhcp pool AShome
   network 10.7.20.0 255.255.255.0
   default-router 10.7.20.1
   dns-server 8.8.8.8 8.8.4.4
!
!
!
multilink bundle-name authenticated
!
!
voice-card 0
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
 ip dhcp client hostname ASrouter
 ip address dhcp
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
!
interface FastEthernet0/1.10
 description Network VLAN
 encapsulation dot1Q 10
 ip address 10.7.10.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
!
interface FastEthernet0/1.20
 description DHCP VLAN
 encapsulation dot1Q 20
 ip address 10.7.20.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
!
interface FastEthernet0/1.30
 description VMware VLAN
 encapsulation dot1Q 30
 ip address 10.7.30.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
!
ip route 0.0.0.0 0.0.0.0 dhcp
!
!
ip http server
no ip http secure-server
ip nat inside source list 1 interface FastEthernet0/0 overload
!
access-list 1 permit 10.7.10.0 0.0.0.255
access-list 1 permit 10.7.20.0 0.0.0.255
access-list 1 permit 10.7.30.0 0.0.0.255
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
 password *********
 login
line aux 0
 password *********
 login
line vty 0 4
 password *********
 login
!
scheduler allocate 20000 1000
end

New Member

Ahhhhh, I figured it out! So

deleted

2717
Views
4
Helpful
4
Replies