Cisco Support Community
Community Member

Issue routing traffic through my 2851 router

I'm trying something EXTREMELY simple. ISP-->Modem-->Cisco 2851 Router-->Cisco 3560 Switch-->end-user devices.

As of now I can browse to the internet IF configured as such: ISP-->Modem-->Wifi Router-->end user devices.....BUT I cannot browse if using the desired configuration above.

I have taken the liberty of troubleshooting and I've attached my configurations (I've x'd out a few IP's for confidentiality - these are the publicly routable IP's that are specific to my ISP where I live).

From my router I can reach the internet - but from my switch and end user devices I'm not getting out. When I connect up my WIFI router between the modem and the lab router (2851 listed above) I can remotely manage my router in my house but I cannot get out to the internet. I've watched youtube tutorials, reviewed my old CCNA/CCNP books, I know many people have successfully used their lab devices to do this before.....but at the risk of asking a silly question, WHAT AM I DOING WRONG????

One things worthy of note: when I turn on "debug ip routing" I get this message across the screen periodically:


My default static route and gateway of last resort has been configured.

LAN-wise I'm good, but WAN connectivity for the switch and end-user devices is just not there. I'm out of ideas at this point.

Can someone please help - or just poor cold water on me and find my silly mistake because I've been at this for a while and I'm outta gas.

Attached is my config files and troubleshooting steps. BTW...I've rebooted the modem, write-erased the switch and router countless times, taken off ip-source-routing, ip cef.....not that that should matter here, but I've tried this multiple ways.



ALSO......I've tried setting up "ip nat inside" on all my sub-interfaces AND I've tried to just get rid of NAT all together.

I'm completely out of ideas.  See configuration attached.

Community Member

Re: Issue routing traffic through my 2851 router


You do have to have ip nat inside configured in your subinterfaces.

Let's narow this down a bit.  Have (at least) the following configured:

interface GigabitEthernet0/0

Ip address dhcp

ip nat outside

no shutdown

interface GigabitEthernet0/1

no ip address

no shutdown

interface GigabitEthernet0/1.16

encapsulation dot1Q 16

ip address

ip nat inside

ip nat inside source list 1 interface GigabitEthernet0/0 overload

access-list 1 permit

ip route dhcp


Router# ping

Assuming you get a successful reply, please try this:

Router# ping source

Do you get a reply?

CreatePlease to create content