Solved: cisco 2800 series router

Srinivas N · ‎06-16-2012

Hi Friends,

I have 2800 series router,

I have one public IP 115.119.187.x, and DNS IPs 121.242.190.180, 121.242.190.211

I want to configure the router for nearly 50 no of PCs for internet.

Please help me how to configure that router (cisco 2800) step by step,

since i am new to this config.

my understand is i need to configure nating, dhcp and dns.... is it ok?

is there required any access list?

Please help me step by step

Thanks,

Srinivas. N.

Thanks & Regards, Srinivas. N.

Peter Paluch · ‎06-16-2012

Hello Srinivas,

This should be a fairly simple task.

Please use the following configuration, adapting it in IP addresses as necessary.

interface FastEthernet0/0

description => Internal LAN network <=

ip address 10.0.0.1 255.255.255.0

ip nat inside

no shutdown

exit

interface FastEthernet0/1

description => Internet connection <=

ip address 115.119.187.x M.M.M.M ! Insert the correct address and mask

ip nat outside

no shutdown

exit

ip route 0.0.0.0 0.0.0.0 G.G.G.G ! Insert the correct ISP's gateway address

ip dhcp excluded-address 10.0.0.0 10.0.0.10

ip dhcp pool LAN

network 10.0.0.0 /24

default-router 10.0.0.1

dns-servers 121.242.190.180 121.242.190.211

exit

ip access-list standard NAT

permit 10.0.0.0 0.0.0.255

exit

ip nat inside source list NAT interface FastEthernet0/1 overload

Here I assume that your PCs will be connected to Fa0/0 interface via an external switch, and your 2800 router will be connected to the ISP via Fa0/1 interface.

Please feel welcome to ask further.

Best regards,

Peter

View solution in original post

Peter Paluch · ‎06-16-2012

Hello Srinivas,

This should be a fairly simple task.

Please use the following configuration, adapting it in IP addresses as necessary.

interface FastEthernet0/0

description => Internal LAN network <=

ip address 10.0.0.1 255.255.255.0

ip nat inside

no shutdown

exit

interface FastEthernet0/1

description => Internet connection <=

ip address 115.119.187.x M.M.M.M ! Insert the correct address and mask

ip nat outside

no shutdown

exit

ip route 0.0.0.0 0.0.0.0 G.G.G.G ! Insert the correct ISP's gateway address

ip dhcp excluded-address 10.0.0.0 10.0.0.10

ip dhcp pool LAN

network 10.0.0.0 /24

default-router 10.0.0.1

dns-servers 121.242.190.180 121.242.190.211

exit

ip access-list standard NAT

permit 10.0.0.0 0.0.0.255

exit

ip nat inside source list NAT interface FastEthernet0/1 overload

Here I assume that your PCs will be connected to Fa0/0 interface via an external switch, and your 2800 router will be connected to the ISP via Fa0/1 interface.

Please feel welcome to ask further.

Best regards,

Peter

Srinivas N · ‎06-16-2012

Hi Peter,

Thanks for u r reply,

with below config it is working file.

User Access Verification

Password:

Router>en

Password:

Router#sh run

Building configuration...

Current configuration : 1279 bytes

!

version 15.0

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Router

!

boot-start-marker

boot-end-marker

!

enable password xxxx

!

no aaa new-model

!

dot11 syslog

ip source-route

!

ip cef

ip dhcp excluded-address 192.168.1.0 192.168.1.10

!

ip dhcp pool ADMIN-II

network 192.168.1.0 255.255.255.0

default-router 192.168.1.1

dns-server 121.242.190.x 121.242.190.x

!

multilink bundle-name authenticated

!

license udi pid CISCO2811 sn FHK1450F1PV

!

redundancy

!

interface Loopback0

no ip address

!

interface FastEthernet0/0

description # WAN Network #

ip address 115.119.187.x 255.255.255.x

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

!

interface FastEthernet0/1

description # Lan Network #

ip address 192.168.1.1 255.255.255.0

ip nat inside

ip virtual-reassembly

duplex auto

speed auto

!

ip forward-protocol nd

no ip http server

no ip http secure-server

!

ip nat inside source list 10 interface FastEthernet0/0 overload

ip route 0.0.0.0 0.0.0.0 115.119.187.x

!

access-list 10 permit any

!

control-plane

!

line con 0

line aux 0

line vty 0 4

password xxxx

login

!

scheduler allocate 20000 1000

end

Router#

Thanks & Regards, Srinivas. N.

Srinivas N · ‎06-16-2012

Hi peter,

for the same router, plz tel me how to config bandwidth limit.

I need to config 1Mbps for fa0/1.

Thanks,

Srinivas. N.

Thanks & Regards, Srinivas. N.

Peter Paluch · ‎06-17-2012

Hello Srinivas,

There is one problem in your configuration - your access-list 10 is currently of the form permit any. This configuration might work but officially, it is not supported and Cisco insists very strongly that an ACL used for NAT is made more specific.

I suggest correcting your ACL by entering the following commands:

no access-list 10

access-list 10 permit 192.168.1.0 0.0.0.255

In addition, if you want to perform rate limiting on Fa0/1, add these lines to the configuration:

policy-map fa0/1-out
 class class-default
  fair-queue
  shape average 1000000
!
interface fa0/1
 service-policy output fa0/1-out

Best regards,

Peter

Srinivas N · ‎06-17-2012

Hellow Peter,

I really appreshate your quick reply...

I will modify and for retelimit i given the command...

for fa0/1

rate-limit input 1024000 192000 384000 conform-action transmit exceed-action drop

rate-limit output 1024000 192000 384000 conform-action transmit exceed-action drop

It won't make any issue?

Thanks,

Srinivas. N

Thanks & Regards, Srinivas. N.

luis.beirao · ‎06-28-2018

Hi Peter,

I just follow this but doesn´t work in my side! I can ping from PC to LAG gateway and WAN port but not the ISP gateway and from Router I cannot ping any PC in my network!

Please assist.

Luis

Adusumalli Harikrishna · ‎06-17-2012

Hi Srinivas,

Apply a rate-limit on f0/1 interface.

Sent from Cisco Technical Support Android App