Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

CISCO 2811

I have a 2800 series router with two ports FA0/0 (Local outside, DHCP) and FA0/1 (Local inside, 192.168.1.2 255.255.255.0). Fa0/1 can communicate can ping all computers. FA0/0 is not pulling a public I.P. address. If I shutdown FA0/1, FA 0/0 will get a private I.P. from DHCP on the 192.168.1.0 network. The problem is that both ports cannot be on the same network because they overlap. Why wont DHCP assign an public I.P. to Fa0/0?

ROUTER_1#show ip inter brief
Interface                  IP-Address      OK? Method Status                Protocol
FastEthernet0/0            unassigned      YES DHCP   up                    down
FastEthernet0/1            192.168.1.2     YES manual up                    down
Serial0/0/0                unassigned      YES NVRAM  administratively down down
NVI0                       unassigned      YES unset  administratively down down

 

 

ROUTER_1#show run
Building configuration...


Current configuration : 2391 bytes
!
! Last configuration change at 13:01:54 UTC Sun Jul 20 2014
!
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname ROUTER_1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$ZbQM$YcpdUqf/R9l.iFmf9ADYO0
!
no aaa new-model
!
!
!
!
dot11 syslog
ip source-route
!
!
ip cef
ip dhcp excluded-address 192.168.1.1 192.168.1.50
ip dhcp excluded-address 192.168.2.1 192.168.2.50
!
ip dhcp pool HOME_NETWORK
   network 192.168.1.0 255.255.255.0
   default-router 192.168.1.1
   dns-server 4.2.2.2 4.2.2.3 8.8.8.8
!
ip dhcp pool LAN
   dns-server 4.2.2.2 4.2.2.3 8.8.8.8
   default-router 192.168.1.1
!
ip dhcp pool OUTSIDE_NAT
   network 192.168.2.0 255.255.255.0
   default-router 192.168.1.1
   dns-server 4.2.2.2 8.8.8.8
!
!
ip domain name lnawara.com
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
voice-card 0
!
!
!
!
!
license udi pid CISCO2811 sn FTX1145A0Y5
username lnawara password 7 071C244F5C0C0D
!
redundancy
!
!
ip ssh version 2
!
!
!
!
!
!
!
!
interface FastEthernet0/0
 description OUTSIDE_INTERFACE
 ip address dhcp
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
 !
!
interface FastEthernet0/1
 ip address 192.168.1.2 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
 !
!
interface Serial0/0/0
 no ip address
 shutdown
 !
!
router ospf 1
 log-adjacency-changes
 network 192.168.1.0 0.0.0.255 area 0
!
ip default-gateway 192.168.1.1
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat inside source list NAT_LIST interface FastEthernet0/0 overload
ip nat inside source list OUTSIDE_NAT interface FastEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 FastEthernet0/1
!
ip access-list standard NAT_LIST
 permit 192.168.0.0 0.0.255.255
ip access-list standard OUTSIDE_NAT
 permit 192.168.2.0 0.0.0.255
!
!
!
!
!
!
!
control-plane
 !
!
!
!
!
!
!
gateway
 timer receive-rtp 1200
!
!
!
gatekeeper
 shutdown
!
banner motd ^C
*****************************************************************************************
LARRY'S ROUTER
*****************************************************************************************
^C
!
line con 0
 password 7 120A0014000E18
 logging synchronous
 login
line aux 0
line vty 0 4
 password 7 04480E051D2458
 login local
 transport input all
!
scheduler allocate 20000 1000
end

 

Thank you,

 Larry


 

 

 

9 REPLIES
Bronze

can you attach a  topology

can you attach a  topology with Devices, interface and IP showing how they are connected ???

New Member

Ammahend,Thank you for the

Ammahend,

Thank you for the assistance. I am student studying for my CCNA and these configurations are from my home lab.

 

 

 

ROUTER_1#show interfaces
FastEthernet0/0 is up, line protocol is down
  Hardware is MV96340 Ethernet, address is 001e.1336.4648 (bia 001e.1336.4648)
  Internet address will be negotiated using DHCP
  MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Auto-duplex, Auto Speed, 100BaseTX/FX
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 01:46:45, output 00:00:08, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     207472 packets input, 238718672 bytes
     Received 207459 broadcasts, 8 runts, 0 giants, 0 throttles
     24 input errors, 5 CRC, 0 frame, 0 overrun, 11 ignored
     0 watchdog
     0 input packets with dribble condition detected
     306307 packets output, 106844458 bytes, 0 underruns
     0 output errors, 0 collisions, 3 interface resets
     0 unknown protocol drops
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier
     0 output buffer failures, 0 output buffers swapped out
FastEthernet0/1 is up, line protocol is up
  Hardware is MV96340 Ethernet, address is 001e.1336.4649 (bia 001e.1336.4649)
  Internet address is 192.168.1.3/24
  MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Full-duplex, 100Mb/s, 100BaseTX/FX
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:00:01, output 00:00:01, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     6225 packets input, 557952 bytes
     Received 1341 broadcasts, 0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog
     0 input packets with dribble condition detected
     5459 packets output, 461629 bytes, 0 underruns
     0 output errors, 0 collisions, 2 interface resets
     0 unknown protocol drops
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier
     0 output buffer failures, 0 output buffers swapped out
Serial0/0/0 is administratively down, line protocol is down
  Hardware is GT96K with integrated T1 CSU/DSU
  MTU 1500 bytes, BW 1536 Kbit/sec, DLY 20000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation HDLC, loopback not set
  Keepalive set (10 sec)
  Last input never, output never, output hang never
  Last clearing of "show interface" counters 04:08:27
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: weighted fair
  Output queue: 0/1000/64/0 (size/max total/threshold/drops)
     Conversations  0/0/256 (active/max active/max total)
     Reserved Conversations 0/0 (allocated/max allocated)
     Available Bandwidth 1152 kilobits/sec
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     0 packets input, 0 bytes, 0 no buffer
     Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
     0 packets output, 0 bytes, 0 underruns
     0 output errors, 0 collisions, 1 interface resets
     0 unknown protocol drops
     0 output buffer failures, 0 output buffers swapped out
     0 carrier transitions
     DCD=down  DSR=up  DTR=down  RTS=down  CTS=down

NVI0 is up, line protocol is up
  Hardware is NVI
  Interface is unnumbered. Using address of FastEthernet0/1 (192.168.1.3)
  MTU 1514 bytes, BW 56 Kbit/sec, DLY 5000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation UNKNOWN, loopback not set
  Keepalive set (10 sec)
  Last input never, output never, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     0 packets input, 0 bytes, 0 no buffer
     Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
     0 packets output, 0 bytes, 0 underruns
     0 output errors, 0 collisions, 0 interface resets
     0 unknown protocol drops
     0 output buffer failures, 0 output buffers swapped out

Hall of Fame Super Silver

So if this is from your home

So if this is from your home lab then please tell us what is physically connected to Fast0/0? And is that device configured to supply public IP addresses using DHCP?

 

HTH

 

Rick

New Member

Richard,My DSL Motorola modem

Richard,

My DSL Motorola modem is directly connected to Fa0/0. Yes it normally supplies a public IP addresses using DHCP. If I connect it directly to my computer then it will give me public IP address.

 I have erased the startup-config three times in an attempt to identify where I was going wrong in the configuration. If I shutdown Fa0/1, Fa0/0 will receive a private IP and I am able to ping outside of my network. Then if I issue the NO SHUTDOWN command to Fa0/1 it tells me that my network overlaps the 192.168.1.0 network.

 Thank you,

 Larry

Hall of Fame Super Silver

Larry Thank you. The

Larry

 

Thank you. The additional information is quite helpful. I believe that this is your situation:

- your Motorola modem is configured with a private address in the 192.168.1 network.

- your Motorola modem is configured to assign addresses using DHCP for the 192.168.1 network on its connected interface.

- your Motorola modem is doing address translation for traffic received from the 192.168.1 network to allow it to access the Internet.

- when you configure interface Fast0/1 with an address in 192.168.1 it does create a conflict/duplicate address issue.

 

My suggestion is that you configure interface Fa0/1 with an address in some different network - and that you configure your router to perform address translation on the traffic received through Fa0/1 using the interface address of Fa0/0.

 

HTH

 

Rick

New Member

Richard, I did what you

Richard,

 I did what you suggested with no luck. It still giving a private DHCP address for my outside port Fa0/0. I cannot ping anything outside my LAN.

 

FastEthernet0/0            192.168.1.64    YES DHCP   up                    up 
FastEthernet0/1            192.168.2.3     YES manual up                    up 
Serial0/0/0                unassigned      YES unset  administratively down down
NVI0                       192.168.2.3     YES unset  up                    up 
 

 

     192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.2.0/24 is directly connected, FastEthernet0/1
L        192.168.2.3/32 is directly connected, FastEthernet0/1

 

ip cef
ip dhcp excluded-address 192.168.1.1 192.168.1.50
ip dhcp excluded-address 192.168.2.1 192.168.2.50
!
ip dhcp pool LAN
   network 192.168.1.0 255.255.255.0
   dns-server 4.2.2.2 4.2.2.3 8.8.8.8
   default-router 192.168.1.3
!
ip dhcp pool INSIDE_NAT
   domain-name lnawara.com
!
ip dhcp pool LAN_2
   network 192.168.2.0 255.255.255.0
   dns-server 4.2.2.2 4.2.2.3 8.8.8.8
   default-router 192.168.2.1
interface FastEthernet0/0
 ip address dhcp
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
 !
!
interface FastEthernet0/1
 ip address 192.168.2.3 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
 !
!
interface Serial0/0/0
 no ip address
 shutdown
 !
!
router ospf 1
 log-adjacency-changes
 network 192.168.1.0 0.0.0.255 area 0
!
ip default-gateway 192.168.2.1
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat inside source list INSIDE_NAT interface FastEthernet0/0 overload
ip nat inside source list NAT-2 interface FastEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
!
ip access-list standard INSIDE_NAT
 permit 192.168.1.0 0.0.0.255
ip access-list standard NAT-2
 permit 192.168.2.0 0.0.0.255
!
access-list 1 permit any
access-list 2 permit any
!
!
control-plane
!
!
gatekeeper
 shutdown
!
!
line con 0
 exec-timeout 0 0
 password 7 04480E051D2458
 logging synchronous
 login
line aux 0
line vty 0 4
 password 7 0832494D1B1C11
 login local
!
scheduler allocate 20000 1000
end
interface FastEthernet0/0
 ip address dhcp
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
 !
!
interface FastEthernet0/1
 ip address 192.168.2.3 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
 !
!
interface Serial0/0/0
 no ip address
 shutdown
 !
!
router ospf 1
 log-adjacency-changes
 network 192.168.1.0 0.0.0.255 area 0
!
ip default-gateway 192.168.2.1
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat inside source list INSIDE_NAT interface FastEthernet0/0 overload
ip nat inside source list NAT-2 interface FastEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
!
ip access-list standard INSIDE_NAT
 permit 192.168.1.0 0.0.0.255
ip access-list standard NAT-2
 permit 192.168.2.0 0.0.0.255
!
access-list 1 permit any
access-list 2 permit any
!
control-plane
 !
!
gatekeeper
 shutdown
!
!
line con 0
 exec-timeout 0 0
 password 7 04480E051D2458
 logging synchronous
 login
line aux 0
line vty 0 4
 password 7 0832494D1B1C11
 login local
!
scheduler allocate 20000 1000
end

!
 


 

Hall of Fame Super Silver

I would suggest that you

I would suggest that you remove this line

ip nat inside source list INSIDE_NAT interface FastEthernet0/0 overload

and probably remove access list INSIDE_NAT since it references a network that you no longer want to translate.

 

Give this a try and let us know the results.

 

HTH

 

Rick

New Member

Robert, Thanks for the

Robert,

 Thanks for the insight. It still did not work, so I took it to my school and had the instructor set it up with the schools static public I.P. and it worked just fine. The only theory that we can come up with is that my AT&T 5MgPs DSL some how is recognizing my router and then preventing it from communicating on their network. Do you think this is plausible?

 

Larry

Hall of Fame Super Silver

Larry I think that it might

Larry

 

I think that it might be possible but is not likely. I suggest this experiment:

- connect your PC to the connection.

- do something that demonstrates connectivity to the Internet (ping something or browse to some web site) successfully.

- do ipconfig on the PC and post the output.

 

HTH

 

Rick

85
Views
0
Helpful
9
Replies