Question:
I'm fairly new to Cisco 3945 router Cisco routing, and I'm a bit lost on this issue. I have a 1921 that is going to be a WAN router for a fiber Internet connection. It will sit in front of the network firewall and needs to route all traffic to the Internet. I thought I had the config set right with a default route of '0.0.0.0 0.0.0.0 <wan gateway>' but it doesn't seem to be working. Config is below.
The router can ping from itself to hosts on both sides and hosts on the Internet with no problem, but a laptop connected to the "LAN" side and assigned a public IP address can ping both sides of the router but no further.
I've done a bit of searching on the forums but every similar issue I've found seems to involve NAT - I have another device doing NAT so I don't want to do NAT on this router (traffic needs to be able to reach the public IP addresses on the "LAN" side).
hsw-comcast-rtr1#show run
Building configuration...
Current configuration : 5806 bytes
!
! No configuration change since last restart
version 15.1
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname hsw-comcast-rtr1
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200
logging console critical
enable secret 5 $1$KBXN$nCauuQhWW/hWlyVZHi94e1
!
no aaa new-model
clock timezone PCTime -6 0
clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
!
no ipv6 cef
no ip source-route
ip cef
!
!
!
!
!
no ip bootp server
no ip domain lookup
ip domain name comcast.net
multilink bundle-name authenticated
!
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-27425356
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-27425356
revocation-check none
rsakeypair TP-self-signed-27425356
!
!
crypto pki certificate chain TP-self-signed-27425356
certificate self-signed 01
<snip>
quit
license udi pid CISCO1921/K9 sn FTX161582TB
!
!
username routeradmin privilege 15 secret 5 $1$e/pA$p#SbrqCTS*7NiyKxbt0De/
!
!
ip tcp synwait-time 10
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
!
interface GigabitEthernet0/0
description LAN
ip address 50.202.39.222 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
duplex auto
speed auto
no mop enabled
!
interface GigabitEthernet0/1
description WAN
ip address 50.202.39.210 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
duplex auto
speed auto
no mop enabled
!
ip forward-protocol nd
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip route 0.0.0.0 0.0.0.0 50.202.39.209
!
logging trap debugging
access-list 23 permit 50.202.39.216 0.0.0.3
!
no cdp run
!
!
control-plane
!
!
banner exec ^C
<snip> (Cisco CP stuff)
^C
banner login ^C
<snip> (more Cisco CP stuff)
^C
!
line con 0
login local
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
end
Answer:
can you add auto mdix to the wan interface?
also can you check which kind of cable is connecting the 1941 to the ciena switch and reloading your router too? Cisco 3945 price
For more info, http://www.indyarocks.com/blog/1424577/Cisco-2-pair-HWIC-2SHDSL
没有评论:
发表评论