Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

DHCP LAN customers won't connect to internet through CISCO 2620

i'm configure cisco 2620 as a internet router. my cisco 2620 router has 5  Ethernet interface. One FE and four Ethernet interface (NM-4E). i'm configure  the FE interface as ISP internet interface. and Ethernet 1/1 as a DHCP  LAN interface. as i see my config are ok. but unable to access the  internet from LAN side. below is my config. please help me to solve  this.

Current configuration : 1498 bytes

!

version 12.2

service config

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname xxx

!

enable secret 5 $1$LvPI$UtOZEPSXBrf

enable password xxxxxx

!

ip subnet-zero

no ip routing

!

!

ip name-server 100.12.13.13

ip name-server 200.100.12.12

ip dhcp excluded-address 192.168.5.1 192.168.5.10

!

ip dhcp pool insideDHCP

network 192.168.5.0 255.255.255.0

default-router 192.168.5.1

dns-server 100.12.13.13 200.100.12.12

!

!

call rsvp-sync

!

!

!

!

!

!

!

!

interface FastEthernet0/0

description Broadband Internet

ip address 20.110.211.154 255.255.255.240

ip nat outside

no ip route-cache

no ip mroute-cache

duplex auto

speed auto

no cdp enable

!

interface Ethernet1/0

no ip address

no ip route-cache

no ip mroute-cache

half-duplex

no cdp enable

!

interface Ethernet1/1

description DHCP LAN

ip address 192.168.5.1 255.255.255.0

ip nat inside

no ip route-cache

no ip mroute-cache

full-duplex

no cdp enable

!

interface Ethernet1/2

no ip address

no ip route-cache

no ip mroute-cache

shutdown

half-duplex

no cdp enable

!

interface Ethernet1/3

no ip address

no ip route-cache

no ip mroute-cache

full-duplex

no cdp enable

!

ip nat inside source list 1 interface FastEthernet0/0 overload

ip classless

ip route 0.0.0.0 0.0.0.0 0.110.211.155

no ip http server

!

!

dial-peer cor custom

!

!

!

!

!

line con 0

exec-timeout 0 0

password xxxxxxx

login

line aux 0

line vty 0 4

password xxxxxxxx

login

!

end

  • WAN Routing and Switching
Everyone's tags (3)
3 REPLIES
Hall of Fame Super Blue

Re: DHCP LAN customers won't connect to internet through CISCO 2

Your NAT statement is referencing an acl that you have not defined.

I generally use an extended acl ie.

access-list 101 permit ip 192.168.5.0 0.0.0.255 any

ip nat inside source list 101 interface fa0/0 overload

you can use a standard acl if you want but either way you need to define an acl.

Jon

New Member

Re: DHCP LAN customers won't connect to internet through CISCO 2

this is correct please make an ACL reflecting the source list 1

"ip access-list standard 1"

"permit 192.168.5.0 0.0.0.255 any"

Hall of Fame Super Silver

DHCP LAN customers won't connect to internet through CISCO 2620

I offer a slightly different alternative. In my experience using extended access  lists for NAT where you are going to permit any destination can produce some complications which are avoided when you use a standard access list. So if you are going to use permit ip 192.168.5.0 0.0.0.255 any then I suggest that you make it into a standard access list and permit ip 192.168.5.0 0.0.0.255.

I also note an issue that I hope is just a typo in the default route

ip route 0.0.0.0 0.0.0.0 0.110.211.155

If this is really what is in the config then I can certainly see why nothing can access the Internet.

HTH

Rick

281
Views
5
Helpful
3
Replies
This widget could not be displayed.