Skip navigation
Cisco Learning Home > Connections > Find a Cisco User Group > Discussions

_Communities

This Question is Answered 2 Helpful Answers available (2 pts)
10407 Views 13 Replies Latest reply: May 9, 2009 1:23 AM by Conwyn RSS

Currently Being Moderated

I can not access my router from internet and can not share internet in my office

May 5, 2009 7:19 AM

tolkali 3 posts since
May 5, 2009

Hi,

 

I have Cisco 1812W-P integrated model router having 2 WAN Port, 8 L2 ports and 2 wireless node. I am much new in cisco and routing things.

 

I want to connect FastEthernet 0 (221.243.63.182/29) with the cable comming from ISP whose Gate way  is 221.243.63.177/29 and Primary DNS address is 61.122.127.74  and Secondary DNS addres is 61.122.116.174

 

Now I want to share internet from my 8 L2 ports to my internal PCs with the DHCP enable. Also I want to use the facilaities of wireless network. So laptops of my office can access internet from the wireless network.

Also I want to access this router from internet by doing ssh or telent from the ip 221.243.63.182/29.

 

After I did few configuration I can only access router by telnet from the  directly connected netowrk. I can not access this router from the internet. also I can not ping out side network from this router.

 

I used only follwing command

 

Router> enable

Router# configure terminal

Router (config)# no ip domain-lookup

Router (config)# interface fastethernet 0

Router (config-int)# ip address 221.243.63.182   255.255.255.248

Router (config-int)# no shutdown

Router (config-int)#exit

Router (config)# interface fastethernet 1

Router (config-int)# ip address 192.168.64.1   255.255.255.0

Router (config-int)# no shutdown

Router (config-int)#exit

Router (config)# line vty 0 8

Router (config)# password   ******

Router (config)#login

Router (config)# router rip

Router (config-router)# version 2

Router (config-router)# network 192.168.64.0

Router (config-router)# network 221.243.63.176

 

1) How I can give interent to other laptops and PCs from the  8 L2 port and from wireless

2) How I can access this router from outside interent by ssh or telent

 

 

  • Rickey 1,062 posts since
    Jul 3, 2008

    I could be wrong, but normally you attach the cable coming from your ISP to your want port (DSU/CSU) or something along those lines.  The router should have a T1 port of some type.

  • Ryan Patterson 2 posts since
    Oct 20, 2008

    you need to have a default route

     

    http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094374.shtml

     

     

     

    Enable SSH

    http://www.cisco.com/en/US/tech/tk583/tk617/technologies_tech_note09186a00800949e2.shtml#settingupaniosrouterasssh

     

     

    1. Type "ip domain-name yourdomain.com", and press the Enter key.

    2. Type, "ip ssh time-out 20", and press the Enter key.
    3. Type "ip ssh authentication-retries 3", and press the Enter key.
    4. Type, "ip ssh logging events", and press the Enter key.
    5. Type "crypto key generate rsa", and press the Enter key.      

  • Ryan Patterson 2 posts since
    Oct 20, 2008

    #ip route 0.0.0.0 0.0.0.0 221.243.63.177

    example
    router-3#configure terminal
       Enter configuration commands, one per line. End with CNTL/Z.
       router-3(config)#ip route 0.0.0.0 0.0.0.0 170.170.3.4
       router-3(config)#^Z
       router-3#

  • Instead of adding a static route - since there is only one way out - a default gateway could be used instead.

     

    ip default-gateway  221.243.63.177

     

     

     

    Also - to provide internet to the rest of your office, you would have to create a DHCP scope with a private network address, hand out the private IP range,and then NAT the Private IP range network to your public IP address via overload.

  • Conwyn 7,914 posts since
    Sep 10, 2008

    Hi Travis

     

    Did you mean ip default-gateway ?

     

    http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094374.shtml

     

    I do not think that will work.

     

    Regards Conwyn

  • Nilesh W 254 posts since
    Feb 20, 2009

    Hi

     

    My quetion is you have configured RIP protocol. Your ISP used the same protocol.

    If not then delete this configuration from ur router and give only default route.

    I have tried to configure same router for wireless use but not succeed If anyone know how to configure for wireless .

    Pls share information.

     

    Thanks.

     

    Nilesh

  • Conwyn 7,914 posts since
    Sep 10, 2008

    Hi Nilesh

     

    I think this is just a HWIC-AP card.

     

    Have a look at this

     

    http://www.cisco.com/en/US/docs/routers/access/1800/wireless/configuration/guide/s37ovrv.html

     

    and copy the Configuring Radio Settings section

     

    Regards Conwyn

  • Conwyn 7,914 posts since
    Sep 10, 2008

    Hi Tolkali

     

    This is a guess but the eight port switch may act similar to a NM-16ESW so try this.

     

    ip dhcp excluded-address 10.77.0.250

     

    ip dhcp pool test
       network 10.77.0.0 255.255.255.0
       default-router 10.77.0.250

       dns-server W.X.Y.Z                from ISP
       domain-name cisco.com

    !
    interface Vlan1
    ip address 10.77.0.250 255.255.255.0
    ip nat inside
    ip virtual-reassembly

     

    If the PC gets an IP address then we need to convert Internet traffic to the public address.

     

    interface FasteEthernet0/0

    ip nat outside

     

    ip nat inside source list 1 interface FastEthernet0/0 overload

    access-list 1 permit 10.77.0.0 0.0.0.255

     

    If that work we add security

     

    ip reflexive-list timeout 300

    ! create the named extended access list that "sees" the outbound packets
    ip access-list extended outbound-packet-watch
      permit tcp any any reflect reflexive-temporary-list
      permit udp any any reflect reflexive-temporary-list

    ! create the named extended access list that evaluates the inbound packets
    ip access-list extended inbound-packet-catcher

      deny icmp any any
    evaluate reflexive-temporary-list
     

    interface Fastethernet 0/0
      ! apply the named access list to watch packets leaving the secure network
      ! as they go out FA0/0
      ip access-group outbound-packet-watch out
      ip access-group inbound-packet-catcher in

     

     

    Regards Conwyn

  • Nilesh W 254 posts since
    Feb 20, 2009

    Hi conwyn,

     

    Thanks for ur document i have read this,

     

    I have configured router.

     

    interface Dot11Radio0
    no ip address
    !
    encryption key 3 size 128bit 0 12345678901234567890123456 transmit-key
    encryption mode wep mandatory
    ssid nileshwagh
    !
    speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
    station-role root
    !
    interface Dot11Radio1
    no ip address
    shutdown
    speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
    station-role root
    !
    interface Vlan1
    ip address 10.184.34.162 255.255.255.128

     

    But still SSID not broadcast.

     

    Can u suggest me pls where i am wrong.

     

    Thanks

  • Conwyn 7,914 posts since
    Sep 10, 2008

    Hi Nileshwagh and Tolkai

     

    Have a look at each others threads

     

     

    config t

    dot11 ssid nileshwagh

    authentication open

    authentication key-management wpa

    guest-mode

    wpa-psk ascii nileshwagh

     

    If it comes up try this

    config t

    bridge 1 protocol ieee

    bridge 1 route ip

    bridge irb

    interface dot11radio0

    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    bridge-group 1 spanning-disabled

    int vlan1

    no ip address

    no ip nat inside

    bridge-group 1

    int bvi1

    ip address 10.77.0.1 255.255.255.0 (or what ever you want)

    ip nat inside

     

    So what we have is this.

    Fa0/0 and Fa0/1 allow you to connect to the Internet.

    All PC plug into the 8 switch ports and they get there DHCP from the router.

    The wireless PC are bridged from the wireless to the BVI and the PCs are bridged to BVI

    traffic from the PC or Wireless can go to the Internet but we nat them to the Internet IP provided.

    We can ignore FA0/1.

    Later we can support multiple SSID on independent VLANs.

    We can connect a real DHCP/AD to one of the switchports.

     

    Regards Conwyn

  • Conwyn 7,914 posts since
    Sep 10, 2008

    Hi Paul

     

    Have a look at this it shows the bridged vlans

     

    http://ccie.pl/viewtopic.php?p=70025&sid=2289cbba8c6a946fe85ef2a7ddd6ae68

     

    Regards Conwyn

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)