[afnog] Cisco 1841 ISR problem

Gwladys Hountomey gwladysh at iservices.tg
Mon Oct 10 23:25:09 UTC 2011 

I don't know how you want to design your network but
1- You are using /27 with 0.0.0.255 wildcard mask.
2- Remove access-list 1 permit 192.168.0.0 0.0.0.255 (I don't know if it is necessary)

Please can you try like this in order (maybe I'm wrong, but there is a need to see the result): 

interface FastEthernet0/1
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 duplex auto
 speed auto
!
interface FastEthernet0/0
 ip address **.***.***.*** 255.255.255.248
 ip nat outside
 duplex auto
 speed auto
!
ip nat inside source list 1 interface FastEthernet0/0 overload
!
ip classless
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
!
!
access-list 1 permit 192.168.1.0 0.0.0.255

  ----- Original Message ----- 
  From: david aliata 
  To: afnog at afnog.org 
  Sent: Monday, October 10, 2011 5:18 PM
  Subject: [afnog] Cisco 1841 ISR problem


  Dear Guys,

  Could someone help me spot my problem in my basic config below.I am able to get connectivity and browse(go out for 10 or so mins only) then i get disconnected from the outside interface.When i telnet to the router i can ping out (e.g ping yahoo.com) very well from the router but i cant ping my outside interface when connected through the LAN nor my ISP gateway.I guess its a NAT issue but why should it work for a couple of mins only?.Please help 

  Building configuration...

  Current configuration : 4033 bytes
  !
  version 12.3
  service timestamps debug datetime msec
  service timestamps log datetime msec
  no service password-encryption
  !
  hostname 
  !
  boot-start-marker
  boot-end-marker
  !
  logging buffered 51200 warnings
  enable secret 5 
  !
  no aaa new-model
  !
  resource policy
  !
  mmi polling-interval 60
  no mmi auto-configure
  no mmi pvc
  mmi snmp-timeout 180
  ip subnet-zero
  ip cef
  !
  !
  no ip dhcp use vrf connected
  !
  !
  ip domain name wecsee.org
  ip name-server 208.67.220.220
  ip name-server 208.67.222.222
  no ip ips deny-action ips-interface
  !
  no ftp-server write-enable
  !
  !
  !
  !
  !
  !
  !
  !
  !
  !
  !
  !
  !
  crypto pki trustpoint TP-self-signed-
   enrollment selfsigned
    revocation-check none
   rsakeypair TP-self-signed-
  !
  !

  username cisco privilege 15 secret 5 $1$0ib.$4xnqIcMXLqJFATdW8nvla0

  !
  !
  no crypto isakmp ccm
  !
  !
  !
  !
  interface FastEthernet0/0
   description link to 
   ip address **.***.***.*** 255.255.255.248
   ip nat outside
   ip virtual-reassembly
   duplex auto
   speed auto
  !
  interface FastEthernet0/1
   ip address 192.168.1.1 255.255.255.224
   ip nat inside
   ip virtual-reassembly
   duplex auto
   speed auto
  !
  interface Serial0/0/0
   no ip address
   shutdown
  !
  ip classless
  ip route 0.0.0.0 0.0.0.0 **.***.***.***
  !
  !
  ip http server
  ip http authentication local
  ip http secure-server
  ip http timeout-policy idle 600 life 86400 requests 10000
  ip nat inside source list 1 interface FastEthernet0/0 overload
  !
  access-list 1 permit 192.168.0.0 0.0.0.255
  access-list 1 permit 192.168.1.0 0.0.0.255
  !
  !
  !
  !
  control-plane
  !
  !
  !
  !
  !
  !
  !
  !
  banner login ^C
  -----------------------------------------------------------------------
  Cisco Router and Security Device Manager (SDM) is installed on this device.
  This feature requires the one-time use of the username "cisco"
  with the password "cisco".

  Please change these publicly known initial credentials using SDM or the IOS CLI.
  Here are the Cisco IOS commands.

  username <myuser>  privilege 15 secret 0 <mypassword>
  no username cisco

  Replace <myuser> and <mypassword> with the username and password you want to use.

  For more information about SDM please follow the instructions in the QUICK START
  GUIDE for your router or go to http://www.cisco.com/go/sdm
  -----------------------------------------------------------------------
  ^C
  !
  line con 0
   login local
  line aux 0
  line vty 0 4
   privilege level 15
   login local
   transport input telnet ssh
  line vty 5 15
   privilege level 15
   login local
   transport input telnet ssh
  !
  end

  wesscsj_router#

  -- 
  Regards!

  Aliata D.

  "I have seen something else under the sun: The race is not to the swift or the battle to the strong, nor does food come to the wise or wealth to the brilliant or favor to the learned; but time and chance happen to them all". Ecclesiastes 9:11






------------------------------------------------------------------------------


  _______________________________________________
  afnog mailing list
  http://afnog.org/mailman/listinfo/afnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://afnog.org/pipermail/afnog/attachments/20111010/60cabe00/attachment.html>

More information about the afnog mailing list