3620 Router config for Cable modem ISP

3620 Router config for Cable modem ISP: Posted by Stephen on January 24th, 2004; Hello all,

I have tried to use a config that I found on Packetatack.com to
configure my 3620 for my Comcast internet provider. I have it connected
through a 3550 switch to my cable modem. I have changed the local
network ip's to match what already works for me.

I can see through the switch to other hosts on my network, but I cannot
reach the web from any of my computers.

Can anyone give me half a clue what is missing/wrong?

Thanks,
SPN

config follows except for passwords and usernames.

--
!
! begin configuration here
!
!
version 12.1
!
clock timezone EST -3
ip subnet-zero
!
!Use your favorite nameserver either ISP or other
!
ip name-server 68.38.224.5
ip name-server 68.39.224.6
!
!Use the router as a DHCP server for your network
!
no ip dhcp conflict logging
!
! exclude a range for your printers, router and any other static device
!
ip dhcp excluded-address 10.1.1.1 10.1.1.9
!
ip dhcp pool DHCP-POOL
network 10.1.1.0 255.255.255.0
domain-name cox.rr.com
dns-server 24.28.192.64 24.28.192.65
default-router 10.1.1.1
!
!
interface Ethernet0/0
description Outside interface to COX/RR
!
!This will force the assigned MAC(if needed) to the Ethernet interface
!
mac-address 0050.9999.c3be
ip address dhcp
ip nat outside
ip access-group 107 in
!
interface Ethernet0/1
description Inside interface to your network
ip address 10.1.1.1 255.255.255.0
ip nat inside
!
ip nat inside source list 1 interface Ethernet0/0 overload
ip classless
ip route 0.0.0.0 0.0.0.0
no http server
!
access-list 1 permit 10.1.1.0 0.0.0.255
!
!Access list 107 will deny private IP ranges from outside your network
to come it as a
!security measure. It also denies ICMP PINGs to help *hide* the router
from scanners. Lastly
!it denies the FINGER protocol.
!
access-list 107 deny ip 10.0.0.0 0.255.255.255 any log
access-list 107 deny ip 172.0.0.0 0.255.255.255 any log
access-list 107 deny ip 127.0.0.0 0.255.255.255 any log
access-list 107 deny ip 255.0.0.0 0.255.255.255 any log
access-list 107 deny ip 224.0.0.0 0.255.255.255 any log
access-list 107 deny ip 192.168.50.0 0.0.0.255 any log
access-list 107 deny icmp any any echo log
access-list 107 deny tcp any any eq finger
access-list 107 permit ip any any
! no cdp run; Posted by Thomas Larus on January 25th, 2004; Stephen:

The "ip route 0.0.0.0 0.0.0.0" in your configuration is not enough to point
to your outside next-hop. I see you have DHCP-assigned IP address on your
outside interface. Perhaps you can use it to get you default gateway, too.

http://www.cisco.com/en/US/customer/...080087cce.html

This link on CCO says:

"By using DHCP rather than the IP Control Protocol (IPCP), a DHCP client can
acquire other useful information such as DNS addresses, the DNS default
domain name, and the default route."

Alternatively, you could find out what the default gateway will be for the
range of addresses that you are a part of, and point to that with your
static route. Here is a Cisco document on connecting a Cisco behind a
non-Cisco cable modem.

http://www.cisco.com/en/US/customer/...094be1 .shtml

Both of the above links are customer links, so not everyone will be able to
open them. You may need to log in first.

I hope this helps.

Tom Larus, CCIE #10,014
Author of CCIE Warm-Up: Advice and Learning Labs
http://www.ipexpert.com/products_ser...asp?sku=ip7777

"Stephen" <stephen@soulphoto.net> wrote in message
news:20040124162119835-0500@news.nj.comcast.giganews.com...; Posted by Joop van der Velden on January 25th, 2004; Stephen wrote:
This is (with some cuts) the 2514 (12.2.12) config i am using for my
cable provider. Works fine for me. As you see there is no ip routing
statement - the box decides for itself (via dhcp client) that the router
on the outside interface is the gateway of last resort. Which is good,
since i have no way of knowing it in advance.

interface Ethernet0
mac-address 0060.xxxx.xxxx
ip address dhcp client-id Ethernet0
ip nat outside
!
interface Ethernet1
ip address 192.168.24.2 255.255.255.0
ip nat inside
!
ip nat inside source list 7 interface Ethernet0 overload
!
access-list 7 permit 192.168.24.0 0.0.0.255

--
Joop van der Velden
pe1dna@amsat.org
-- DIY GPS receiver: http://www.gpskit.nl/index-en.htm; Posted by ^V^ on January 26th, 2004; Thanks Tom. Thanks Joop.

Another of the problems I encountered was that the IOS running on the
router did not support dhcp. I'll try out your suggestions in a few
days.

Thanks again,
SPN

Joop van der Velden <pe1dna@amsat.org> wrote in message news:<VA.000002e5.0850c6fa@amsat.org>...

Similar Posts

ADSL Modem-Router that also works as Wireless Router for cable modem..? (Internet & Broadband) by Steph
Best Wi Fi Router for cable modem (Networking) by Remush via WindowsKB.com
Integrated Modem/Router and Cable Modem Compatibility (Internet & Broadband) by Ed
Router for cable modem (Computers & Technology) by Tommy
Modem/Router as a Cable Rounter - possible? (Internet & Broadband) by Individual.NET