Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

VLAN1 to WAN internet stumped...

Hello, I am working with a config from scratch for the first time on IOS for a 819 ISR. I have attempted this several times now and can't get this figured out. 

 

I have this so far. I just can't get VLAN1 to talk with the internet. I can ping the inside 122.1 address from the client PC. But I can't get passed that. I will eventually be building 2 site-to-site VPNs on this router also, but I need to be able to get outside first. I have the Giga0 set to DHCP for now, because I am utilizing my back up ISP which is static but stuck on my ASA MAC. so for now I will be using DHCP on the WAN Giga0 interface. The PC i can hook up to this line and it get's it's dhcp from my ISP and can get out, so I know that DCHP isn't the issue. I am newb when it comes to IOS. If this were ASA I would have this fixed....


 

version 15.3

service config

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname MAT122

!

boot-start-marker

boot-end-marker

!

aqm-register-fnf

!

no logging console

enable secret 5 ********

!

no aaa new-model

!
 

!

ip dhcp excluded-address 192.168.122.1 192.168.122.99

ip dhcp excluded-address 192.168.122.210

!

ip dhcp pool vlan1InsidePool

network 192.168.122.0 255.255.255.0

default-router 192.168.122.1

dns-server 8.8.8.8

!

!

!

no ip domain lookup

ip cef

no ipv6 cef

!

!

multilink bundle-name authenticated

!

chat-script lte "" "AT!CALL" TIMEOUT 20 "OK"

!

!

!

license udi pid C819G-4G-V-K9 sn FTX182083AB

!

!

controller Cellular 0

!

!

interface Loopback0

ip address 192.168.200.200 255.255.255.0

!

interface Cellular0

no ip address

encapsulation slip

dialer in-band

dialer string lte

!

interface FastEthernet0

no ip address

!

interface FastEthernet1

no ip address

!

interface FastEthernet2

no ip address

!

interface FastEthernet3

no ip address

!

interface GigabitEthernet0

ip address dhcp

ip nat outside

ip virtual-reassembly in

duplex auto

speed auto

!

interface Serial0

no ip address

shutdown

clock rate 2000000

!

interface Vlan1

ip address 192.168.122.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

!

ip forward-protocol nd

no ip http server

no ip http secure-server

!

!

ip nat inside source list 1 interface GigabitEthernet0

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0

!

!

access-list 1 permit 192.168.122.0 0.0.0.255

!

control-plane

!

!

!

mgcp behavior rsip-range tgcp-only

mgcp behavior comedia-role none

mgcp behavior comedia-check-media-src disable

mgcp behavior comedia-sdp-force disable

!

mgcp profile default

!

!

!

!

!

line con 0

no modem enable

line aux 0

line 2

no activation-character

no exec

transport preferred none

transport input all

stopbits 1

line 3

script dialer lte

no exec

line vty 0 4

password ********

login

transport input all

!

scheduler allocate 20000 1000

!

end

 

 

6 REPLIES

sh ip int br 

sh ip int br

 

New Member

Interface                  IP

Interface                  IP-Address      OK? Method Status                Prot          ocol
Cellular0                  unassigned      YES unset  up                    up            
FastEthernet0              unassigned      YES unset  up                    up            
FastEthernet1              unassigned      YES unset  up                    down          
FastEthernet2              unassigned      YES unset  up                    down          
FastEthernet3              unassigned      YES unset  up                    down          
GigabitEthernet0           173.xx.xx.xx    YES DHCP   up                    up            
Loopback0                  192.168.200.200 YES manual up                    up            
NVI0                       173.xx.xx.xx    YES unset  up                    up            
Serial0                    unassigned      YES unset  administratively down down          
Vlan1                      192.168.122.1   YES manual up                    up            

New Member

Total active translations: 0

Total active translations: 0 (0 static, 0 dynamic; 0 extended)
Peak translations: 0
Outside interfaces:
  GigabitEthernet0
Inside interfaces:
  Vlan1
Hits: 0  Misses: 0
CEF Translated packets: 0, CEF Punted packets: 0
Expired translations: 0
Dynamic mappings:
-- Inside Source
[Id: 1] access-list 1 interface GigabitEthernet0 refcount 0

Total doors: 0
Appl doors: 0
Normal doors: 0
Queued Packets: 0

Finally got the "sh ip nat stat"

Cisco Employee

try changing ip nat inside

try changing 

ip nat inside source list 1 interface GigabitEthernet0 

to

ip nat inside source list 1 interface GigabitEthernet0 overload.

if still not up after that can you post a sh ip nat translation as well as the sh ip int br previously requested

The rest of the config looks ok to me.

New Member

ip nat inside source list 1

ip nat inside source list 1 interface GigabitEthernet0 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0
!
!
access-list 1 permit 192.168.122.0 0.0.0.255
access-list 101 permit icmp any any

 

 

I thought of this already, changed after I posted. Still not getting to internet. I can ping the inside VLAN1 ip address but fails to get to the outside world. Any other diag. I can post? Also for some reason, I can't ping say 4.2.2.2 from the router now, when I thought I was able to do so previously, this very well could be my access-list now.

 

sh ip nat tran  

 

Nothing comes up. 

New Member

SOLVED!!!!!!!!!!!! the issue

SOLVED!!!!!!!!!!!! the issue wasn't NAT it was the route statement. I guess the 800's need this added on the end of the route statement. 

 

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0   to ip route 0.0.0.0 0.0.0.0 GigabitEthernet0 dhcp 

 

this allowed the traffic to pass outside. 

60
Views
0
Helpful
6
Replies