cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3944
Views
13
Helpful
26
Replies

No Internet access via LAN clients

Hi All,

I have a Cisco 1841 router that is connected to a switch. I have WAN/LAN configured on the router and the switch is handing out internal IP's.

The issus that none of the client machines can access the Internet. From within the router console, I am able to ping external domain names, my ISP DNS servers.

Once the client machines picks up an IP they are unable to ping any external domain names or IP's and not even the ISP DNS servers, but they can ping the Cisco router IP. As a note I have tried my ISP DNS servers and as a test Google's DNS servers, but neither will allow access to the Internet.

I have checked google looking for an answer on why, but I am missing something I just don't know why. Any help would be helpful.

Thanks,

Ron

Below is the current running config:

Building configuration...

Current configuration : 1440 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname cisco

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$qY4A$6u.zFbIIHacEB51di1Sda.

enable password astec72

!

no aaa new-model

no ip routing

no ip cef

!

!

no ip dhcp use vrf connected

ip dhcp excluded-address 10.10.10.1 10.10.10.14

ip dhcp excluded-address 10.10.10.51 10.10.10.254

!

ip dhcp pool SpyTraer

   import all

   network 10.10.10.0 255.255.255.0

   default-router 10.10.10.1

   dns-server 8.8.8.8 8.8.4.4

!

!

ip name-server 8.8.8.8

ip name-server 8.8.4.4

!

!

!

!

!

!

interface FastEthernet0/0

description $ETH-LAN$

ip address 10.10.10.1 255.255.255.0

ip nat inside

no ip route-cache

speed auto

half-duplex

no cdp enable

no mop enabled

!

interface FastEthernet0/1

description $ETH-WAN$

ip address dhcp client-id FastEthernet0/1

ip nat outside

no ip route-cache

duplex auto

speed auto

no cdp enable

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 FastEthernet0/1 permanent

!

!

ip http server

no ip http secure-server

ip nat inside source list 1 interface FastEthernet0/1 overload

!

access-list 1 remark CCP_ACL Category=2

access-list 1 permit any

snmp-server community public RO

!

!

!

control-plane

!

!

!

line con 0

exec-timeout 0 0

line aux 0

line vty 0 4

password astec

login

!

scheduler allocate 20000 1000

no process cpu extended

no process cpu autoprofile hog

end

26 Replies 26

spped 100

full-duplex

Can you post:

sh int fa0/1

sh int fa0/0

sh ip route

sh ip nat trans

HTH, John *** Please rate all useful posts ***

I can bet that the switch has 100 , half-duplex auto-negociated

After you check , set on the router's interface.

default speed

default duplex

Dan

Dan,

Sorry I am new to Cisco. What would be the command to run from the router?

Hi Dan,

After running the commands you suggested I am still experncing 40% packet loss on pings and very slow Internet browsing speed.

Thanks,

Ron

On the link between the two interfaces where the packet loss is occurring, one of two things is going on

you must have half duplex being set for some reason...which is incorrect....make absolutely sure both of the links are hard set to the same parameters...if that is not the problem, there must be something physically wrong with the fiber or copper between the two interfaces..if a fiber link...have the light levels tested at both ends to verify no more than 4db light difference between the two ends...or you will start getting errors and dropped packets.

Sent from Cisco Technical Support iPad App

Hi Charlie,

I just ran show inf and both links are showing

Full-duplex, 100Mb/s 100BaseTX/FX

MTU 1500 bytes, BW 100000 Kbit

I have also changed out the switch that I had in place with another switch and the same speed issues remain.

Thanks,

Ron

Ron,

Do you lose packets if you ping 4.2.2.1 from the router? Try this:

ping 4.2.2.1 rep 5000

Let me know how this goes...

John

HTH, John *** Please rate all useful posts ***

Hi John,

Success rate is 48 percent (1295/2684), rounf-trip min/avg/max = 4/4/200 ms

Sorry for the delay

cisco#sh int fa0/1

FastEthernet0/1 is up, line protocol is down

  Hardware is Gt96k FE, address is 0023.ebd6.7e71 (bia 0023.ebd6.7e71)

  Description: $ETH-WAN$

  Internet address is 108.174.105.127/24

  MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,

     reliability 255/255, txload 1/255, rxload 1/255

  Encapsulation ARPA, loopback not set

  Keepalive set (10 sec)

  Auto-duplex, Auto Speed, 100BaseTX/FX

  ARP type: ARPA, ARP Timeout 04:00:00

  Last input 00:03:58, output 00:03:00, output hang never

  Last clearing of "show interface" counters never

  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

  Queueing strategy: fifo

  Output queue: 0/40 (size/max)

  5 minute input rate 0 bits/sec, 0 packets/sec

  5 minute output rate 0 bits/sec, 0 packets/sec

     3095 packets input, 1753793 bytes

     Received 212 broadcasts, 0 runts, 0 giants, 0 throttles

     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

     0 watchdog

     0 input packets with dribble condition detected

     3540 packets output, 321416 bytes, 0 underruns

     0 output errors, 0 collisions, 5 interface resets

     0 unknown protocol drops

     0 babbles, 0 late collision, 0 deferred

     0 lost carrier, 0 no carrier

     0 output buffer failures, 0 output buffers swapped out

cisco#

cisco#sh int fa0/0

FastEthernet0/0 is up, line protocol is up

  Hardware is Gt96k FE, address is 0023.ebd6.7e70 (bia 0023.ebd6.7e70)

  Description: $ETH-LAN$

  Internet address is 10.10.10.1/24

  MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,

     reliability 255/255, txload 1/255, rxload 1/255

  Encapsulation ARPA, loopback not set

  Keepalive set (10 sec)

  Full-duplex, 100Mb/s, 100BaseTX/FX

  ARP type: ARPA, ARP Timeout 04:00:00

  Last input 00:01:41, output 00:00:03, output hang never

  Last clearing of "show interface" counters never

  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

  Queueing strategy: fifo

  Output queue: 0/40 (size/max)

  5 minute input rate 0 bits/sec, 0 packets/sec

  5 minute output rate 0 bits/sec, 0 packets/sec

     9866 packets input, 1208741 bytes

     Received 1395 broadcasts, 0 runts, 0 giants, 0 throttles

     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

     0 watchdog

     0 input packets with dribble condition detected

     6692 packets output, 2740942 bytes, 0 underruns

     0 output errors, 41 collisions, 8 interface resets

     0 unknown protocol drops

     0 babbles, 0 late collision, 0 deferred

     0 lost carrier, 0 no carrier

     0 output buffer failures, 0 output buffers swapped out

cisco#sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     10.0.0.0/24 is subnetted, 1 subnets

C       10.10.10.0 is directly connected, FastEthernet0/0

S*   0.0.0.0/0 is directly connected, FastEthernet0/1

cisco#

cisco#sh ip nat trans

Pro Inside global      Inside local       Outside local      Outside global

tcp 108.174.105.127:50105 10.10.10.18:50105 208.48.254.107:80 208.48.254.107:80

tcp 108.174.105.127:50109 10.10.10.18:50109 208.28.224.10:80 208.28.224.10:80

tcp 108.174.105.127:50317 10.10.10.18:50317 208.28.224.18:80 208.28.224.18:80

tcp 108.174.105.127:50345 10.10.10.18:50345 65.55.121.241:80 65.55.121.241:80

tcp 108.174.105.127:50347 10.10.10.18:50347 65.55.239.146:80 65.55.239.146:80

tcp 108.174.105.127:50348 10.10.10.18:50348 208.28.224.49:80 208.28.224.49:80

tcp 108.174.105.127:50427 10.10.10.18:50427 173.194.37.32:443 173.194.37.32:443

tcp 108.174.105.127:50429 10.10.10.18:50429 184.28.190.176:443 184.28.190.176:443

tcp 108.174.105.127:50434 10.10.10.18:50434 184.28.190.176:443 184.28.190.176:443

tcp 108.174.105.127:50445 10.10.10.18:50445 184.28.98.176:443 184.28.98.176:443

tcp 108.174.105.127:50447 10.10.10.18:50447 184.28.98.176:443 184.28.98.176:443

tcp 108.174.105.127:50450 10.10.10.18:50450 184.28.98.176:443 184.28.98.176:443

tcp 108.174.105.127:50501 10.10.10.18:50501 184.28.212.176:443 184.28.212.176:443

tcp 108.174.105.127:50505 10.10.10.18:50505 184.28.212.176:443 184.28.212.176:443

tcp 108.174.105.127:50509 10.10.10.18:50509 184.28.212.176:443 184.28.212.176:443

tcp 108.174.105.127:50511 10.10.10.18:50511 184.28.212.176:443 184.28.212.176:443

tcp 108.174.105.127:50513 10.10.10.18:50513 184.28.212.176:443 184.28.212.176:443

tcp 108.174.105.127:50524 10.10.10.18:50524 184.28.212.176:443 184.28.212.176:443

tcp 108.174.105.127:50533 10.10.10.18:50533 65.54.93.17:80   65.54.93.17:80

I would delete the static default route :

no ip route 0.0.0.0 0.0.0.0 fa0/1 dhcp

And any default route configured. The default route is automatically configured from the information received via the DHCP.

Fa0/1 is and ethernet segment and you do not have any next hop set, just the interface.

Dan

Hi John and Dan,

I finally got it working. Per Dan's request to delete the static routes, I did not delete the static route, but instead I entered the forwarding next hop as the ISP gateway address (IP Address) and that fixed it.

Thank you both for your time and effort on this matter.

Regards,

Ron

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco