TOPIC: First post with Cisco 2651 Questions

I admit I am a total noob on cisco routers. I wanted to learn something new and got a 2651 router that I would like to use as a learning tool in place of my Linksys WRT54GS router. I am sure I have many errors in the config but I did get the DHCP on the lan side working but I cannot obtain a wan ip nor ping on that side. My WAN side is a Linksys BEFCMU10 cable modem
Currently leaving the cisco 2651 I have a 3com superstack II 3900 switch (free) between the Cisco and the single PC.

Things I am not sure of:
DHCP on the WAN side
NAT setup
and do I need DNS?

Here is my current config:

Cisco1#show run
Building configuration...

Current configuration : 1271 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Cisco1
!
boot-start-marker
boot-end-marker
!
enable secret
enable password
!
aaa new-model
!
!
!
aaa session-id common
!
resource policy
!
clock timezone CST -6
clock summer-time CDT recurring 2 Sun Mar 2:00 1 Sun Nov 2:00
no network-clock-participate slot 1
no network-clock-participate wic 0
ip subnet-zero
no ip routing
no ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.1 192.168.1.99
!
ip dhcp pool DHCP_Pool
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 192.168.1.1
domain-name EJR.Local
!
!
no ftp-server write-enable
!
!
!
!
interface FastEthernet0/0
ip address 192.168.1.1 255.255.255.0
no ip route-cache
speed auto
full-duplex
no mop enabled
!
interface FastEthernet0/1
ip address dhcp
ip nat outside
no ip route-cache
duplex auto
speed auto
!
ip classless
!
ip http server
ip nat inside source list 1 interface FastEthernet0/1 overload
!
access-list 1 permit 192.168.0.0 0.0.0.255
snmp-server community Cisco_Pub_String RO
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
password
!
!
end

Welcome to fw.cx EricR

You'll have to find out first if the Linksys BEFCMU10 is already getting an IP from the ISP (which I think it is) since it is the one directly connected to the WAN link. NAT is also probably already done there.

If what I'm assuming above is correct, then you don't need to configure the 2651 to do NAT nor get an IP from the WAN side. You only need to set a static private IP on the interface facing the BEFCMU10 (FastEthernet0/1) or configure it to get a private IP by DHCP (as you have done using ip address dhcp) from the BEFCMU10. Then you'll need to configure proper routing and a default route on the 2651.

Ask if you need the details or explain if I assumed wrong.

Spoke with Linksys and the BEFCMU10 is doing nothing more than opbtaining the WAN ip, converting it to Ethernet and pumping it back out. This appears to be correct as the WRT54GS shows a WAN ip in the status page.
I am still not sure of my config as I cannot find anything in the Cisco 2651 that shows I am getting the DHCP wan ip.
To make matters worse, I killed the router last night and lost the magic number. Yes, it was a noob thing that I learned from and 7 hours later I am back in business again with a fresh load and no config.
If anyone has config ideas that would be great! I will take baby steps and test fa0/1 to make sure it is working first and build on that.

The reload may have been a good thing as it looks like I may have a firewall now also.

Well that clarifies things.

The following will setup the ip addresses and NAT, very similar to what you've done with few changes.

[code:1]interface FastEthernet0/0
ip address 192.168.5.1 255.255.255.0
ip nat inside
no shutdown

interface FastEthernet0/1
ip address dhcp
ip nat outside
no shutdown

ip nat inside source list 1 interface FastEthernet0/1 overload
access-list 1 permit 192.168.5.0 0.0.0.255
[/code:1]

I used the range 192.168.5.0/24 instead of 192.168.1.0/24 to avoid possible conflicts with the WAN link from the 2651 to the BEFCMU10.

Now the DHCP server for the internal LAN. But before that, you need to know the DNS servers IPs that you automatically get from the ISP via the wan link. I'll go for the simplest method, which is to statically define them but thats not the only way to do it.

Connect a PC to the WAN (Ethernet) link of the BEFCMU10. Configure the PC to automatically get an IP using DHCP. Once the PC gets the IP, go to the command prompt and use ipconfig /all. It should show you 2 IPs for the dns servers (the primary and secondary DNS servers IPs). Write/Copy those down then disconnect the PC and reconnect the router. Use the 2 DNS IPs in the following setup:

[code:1]ip dhcp excluded-address 192.168.5.1 192.168.5.10

ip dhcp pool DHCP_pool
network 192.168.5.0 255.255.255.0
default-router 192.168.5.1
dns-server <primary-dns-ip> <secondary-dns-ip>[/code:1]

Replace the <primary-dns-ip> and <secondary-dns-ip> with the dns IPs you got above. I've excluded the first 10 IPs (192.168.5.1 to 192.168.5.10) from DHCP just as an example. You could use your own range according to your existing servers/routers.

Now the default route. You need this to tell the 2651 where to send traffic that is not destined to your LAN:

[code:1]ip route 0.0.0.0 0.0.0.0 fa0/1[/code:1]

Hope this helps. Any one, if I missed any thing, please correct.

Note: There seams to be a way you can automatically let the 2651 fetch the the 2 DNS server IPs and feed them using DHCP to the LAN. But I never tried that. Check here: www.cisco.com/en/US/docs/ios/12_1t/12_1t...dhcpi.html#wp1021347

Another noob move.... note to self - reset cable modem as it will not broadcast DHCP a second time!

So, the configuration is at least working but with a few issues.
1. My WAN provider doesn't have a static DNS and the "import all" command doesn't seem to work. How do you handle a dynamic DNS?
2. Slow Slow Slow connection to the WAN (DNS related?)
3. MTU settings in the router? Wanted to set it at 1364
4. Where does the DNS suffix go? In my case it is my WAN provider mchsi.com
5. Did I say thank you for your help? If not, Thanks!

Here is my current config.

Cisco1#show running-config
Building configuration...

Current configuration : 1032 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Cisco1
!
boot-start-marker
boot-end-marker
!
enable secret xxxxxxxxxxxx
!
no network-clock-participate slot 1
no network-clock-participate wic 0
no aaa new-model
ip subnet-zero
ip cef
!
!
ip dhcp excluded-address 192.168.5.1 192.168.5.99
!
ip dhcp pool dhcp_pool
import all
network 192.168.5.0 255.255.255.0
default-router 192.168.5.1
!
ip audit po max-events 100
!
!
!
!
interface FastEthernet0/0
ip address 192.168.5.1 255.255.255.0
ip nat inside
duplex auto
speed auto
!
interface FastEthernet0/1
ip address dhcp
ip nat outside
duplex auto
speed auto
!
ip nat inside source list 1 interface FastEthernet0/1 overload
ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 FastEthernet0/1
!
!
access-list 1 permit 192.168.5.0 0.0.0.255
!
line con 0
password
login
line aux 0
password
login
line vty 0 4
password
login
!
!
end

Glad you figured out the [linksys] reset. That one even gets the experienced guys!

1.)
Your WAN provider definitely has a static DNS. They have to.

You should be able to obtain them by connecting a device (your PC) you are familiar with to the cable modem and allowing DHCP to configure your TCP/IP stack.

(assuming Windows OS)
Then, click start, run and type cmd, press enter.
at the prompt, type ipconfig /all.
Look for your DNS servers they may look something like this:
12.207.232.47
12.207.232.124

You can also use OpenDNS .
Preferred DNS server address for Open DNS is:
208.67.222.222
Alternate DNS server address for Open DNS is:
208.67.220.220

You should be able to set the dns server with the following syntax
Cisco1(config)#ip name-server A.B.C.D
(where A.B.C.D = Domain server IP address.
You can have a maximum of 6, so you can use all four or even more!)

2.)
Slow. Slow, Slow connection on the WAN is more likely related to a duplex mismatch than DNS.



3.)
You can set the MTU (the syntax is system mtu <1500-1998> MTU size in bytes).
You may not be able to set it under 1500.

Why did you want to set it to 1364?


4.)
Cisco1(config)#ip domain-name mchsi.com


5.)
Good Luck and You're Most Welcome (if I helped)



=-
Cheers!
_||=