Cisco 2851 router, cant access internet.

[rudransh1981]

Hi,
I'm a newbee for cisco routers. I have got one cisco2851 router and would like to configure it , I followed cisco doc but things are not working for me.

My network diagram is a bit diferent,

I have 2 GigEthr card on router, one is connected to VLAN (192.168.1.0/23) on 4500 switch and one interface is connected to a hub [192.168.2.0/32]( isolated network).

My clients which are connected to 192.168.2.0 subnet (hub) can not access Internet, however from router console I can successfully do telnet

http://www.google.com

80.

The gateway is PIX firewall ( inside interface 192.168.1.123) for my router.

Pix fw and router GE 0/1 intf is connected to same VLAN (192.168.1.0/23) on switch.

My running conf

Current configuration : 1928 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname sws-router2800-01
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no network-clock-participate aim 0
no network-clock-participate aim 1
no aaa new-model
ip subnet-zero
!
!
ip cef
!
!
ip domain name labs.ca.com
ip name-server 10.170.250.10
no ftp-server write-enable
!
username cisco privilege 15 secret 5 $1$Xudp$gYtEA24mwHzFrJWPwWFZS1
!
!
!
interface GigabitEthernet0/0
description inside
ip address 192.168.2.1 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet0/1
description outside
ip address 192.168.1.190 255.255.255.0
duplex auto
speed auto
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.1.123
ip http server
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
!
control-plane
!
!
line con 0
login local
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet
line vty 5 15
privilege level 15
login local
transport input telnet
!
scheduler allocate 20000 1000
!
end

Please let me know if more info is required.

Early response would be a great help

Thanks,
-Rudra

 

[MrOyvind]

Hi the static route ip route 0.0.0.0 0.0.0.0 192.168.1.123
must be configured like this 0.0.0.0 0.0.0.0 Internet addr.
You must also configure NAT.

 

[burtsbees]

What is the outside interface (int ge0/1) connected to? If it is a modem connection, I would think that it is doing NAT, so NAT would NOT need to be configured on the router. I would guess this, due to the private IP on the gigabit 0/1 interface.

Burt

 

[rudransh1981]

Hi, I thank you both for the help.

Burstbeesand MrOyvind,

My outside interface ( int ge0/1- 192.168.1.190) is connected to Cisco 4500 switch VLAN ( say VLAN private). There is one Cisco Pix firewall (192.168.1.123) which is also part of this Private VLAN and act as gateway to all the devices on private VLAN, hence I'm also setting my route address to Pix Firewall IP (inside interface) address.

Natting is enabled on pixfirewall.


Now, the inside interface of router is directly connected to 8 port hub, I have connected two client machines to this hub network, this is isolate network and not at all routable/reachable from anywhere.

All I required that these clients should access Internet via router, from router console I can telnet

http://www.google.com

80 sucessfully

I guess somthing very basic is missing from my end, I have also tried enabling natting on router but it doesnt work out.

ip nat outside (ge 0/1)
ip nat inside ( ge 0/0) ,

By the way one quick question, does Cisco 2800 has predefined "inside" and "outside " keyword, I mean I'm assuming I can assign any GE 0/0 or 0/1 interface to inside or outside.

Your help would be greatly appreciated, as always I'm ready here to provide any info from my end ...

-Ramesh

 

[burtsbees]

Since the PIX is doing the NAT, it is not necessary in the Cisco.
Also, something I completely forgot...you need a crossover cable from the hub to the router, if it is indeed a hub and not a switch. From the hub to the workstations, you need a straight-thru cable.
One more thing...how could you possible telnet Google? Are you sure you don't mean ping???

Burt