Any Cisco Guys Willing to Help with Basic Router Config?

[ShadowWolf810]

Title says it all, hoping to bump into someone with a lot of knowledge about Cisco router setup who'd be willing to help me out in something like skype screenshare or a live chat of some kind. I'm a student at a University and long story short my professor wants me to figure out how to configure this Cisco router as an extra project. Spent the week reading the Cisco website and watching tutorials but am running into problems that I can't seem to find much about online, brought it back in today and we're both stuck with how to proceed, admittedly neither of us are very well versed with network stuff of this caliber. It basically just needs to act as a DHCP server for the computers in the lab. 

 

I'm connected with a serial cable and have Putty installed on my Windows machine. If anybody could take awhile and help me out that would be awesome! 

Thanks

[tt2468]

2 minutes ago, ShadowWolf810 said:

Title says it all, hoping to bump into someone with a lot of knowledge about Cisco router setup who'd be willing to help me out in something like skype screenshare or a live chat of some kind. I'm a student at a University and long story short my professor wants me to figure out how to configure this Cisco router as an extra project. Spent the week reading the Cisco website and watching tutorials but am running into problems that I can't seem to find much about online, brought it back in today and we're both stuck with how to proceed, admittedly neither of us are very well versed with network stuff of this caliber. It basically just needs to act as a DHCP server for the computers in the lab. 

 

I'm connected with a serial cable and have Putty installed on my Windows machine. If anybody could take awhile and help me out that would be awesome! 

Thanks

So you want no routing/firewalling and just want it to be a dhcp server?

[ShadowWolf810]

1 minute ago, tt2468 said:

So you want no routing/firewalling and just want it to be a dhcp server?

So there's about 20 computers in the lab, all connected to the network through 2 switches. Because we learn stuff like distributed rendering, etc we want to be able to have our own local network that's just the lab for us to play around with whatever we're learning, and also be connected to the rest of the University and the internet. Firewalling is definitely less of a concern but if what I mentioned is what you mean by routing then it would need to do that as well. 

[Lurick]

What's the model of the router?

I can paste you a full baseline config but would need to know the make/model so it's accurate

[ShadowWolf810]

1 minute ago, Lurick said:

What's the model of the router?

Its an 890 series, specifically Cisco 892FSP

[Lurick]

5 minutes ago, ShadowWolf810 said:

Its an 890 series, specifically Cisco 892FSP

Cool, if you do a 'show ip interface brief' can you post the output here. Having a hard time finding the matching info online for some reason.

[ShadowWolf810]

7 minutes ago, Lurick said:

Cool, if you do a 'show ip interface brief' can you post the output here. Having a hard time finding the matching info online for some reason.

 

https://gyazo.com/388d68e3451096291eaba4b455623f64 Here's a screenshot!

[Lurick]

5 minutes ago, ShadowWolf810 said:

 

https://gyazo.com/388d68e3451096291eaba4b455623f64 Here's a screenshot!

Cool, everything was saying fast ethernet for the interfaces so wanted to make sure I had the nomenclature correct.

Try this config:

 

conf t
hostname LAN Router
ip domain-name (plug in here)
!
ip dhcp pool (give it a name)
dns-server x.x.x.x
network 192.168.1.0 255.255.255.0
!
int Gi0
ip add dhcp default
ip nat outside
!
int vlan 1
ip add 192.168.1.1 255.255.255.0
ip nat inside
!
access-list 10 permit 192.168.1.0 0.0.0.255
ip nat inside source list 10 interface Gi0 overload
!
int Gi1
switchport
switchport mode access
switchport access vlan 1
no shut
!
int Gi2
switchport
switchport mode access
switchport access vlan 1
no shut
!
int Gi3
switchport
switchport mode access
switchport access vlan 1
no shut
!
line con 0
 logging synchronous
 stopbits 1
line vty 0 4
 logging synchronous
 exec-timeout 30 0

 

[ShadowWolf810]

2 minutes ago, Lurick said:

Cool, everything was saying fast ethernet for the interfaces so wanted to make sure I had the nomenclature correct.

Try this config:

 

conf t
hostname LAN Router
ip domain-name (plug in here)
!
ip dhcp pool (give it a name)
dns-server x.x.x.x
network 192.168.1.0 255.255.255.0
!
int Gi0
ip add dhcp default
ip nat outside
!
int vlan 1
ip add 192.168.1.1 255.255.255.0
ip nat inside
!
access-list 10 permit 192.168.1.0 0.0.0.255
ip nat inside source list 10 interface Gi0 overload
!
int Gi1
switchport
switchport mode access
switchport access vlan 1
no shut
!
int Gi2
switchport
switchport mode access
switchport access vlan 1
no shut
!
int Gi3
switchport
switchport mode access
switchport access vlan 1
no shut
!
line con 0
 logging synchronous
 stopbits 1
line vty 0 4
 logging synchronous
 exec-timeout 30 0

 

Thanks so much, am confused about a few things. When it says domain name what exactly would I be putting there? And where would I find it? And same with dns-server, I'm guessing I'd need specific numbers to put in and not just x's? 

[Lurick]

1 minute ago, ShadowWolf810 said:

Thanks so much, am confused about a few things. When it says domain name what exactly would I be putting there? And where would I find it? And same with dns-server, I'm guessing I'd need specific numbers to put in and not just x's? 

Yah, so if you want to enable SSH for access instead of using a serial cable then you'll need to put in a domain name. It can be pretty much anything, you could use local.lab if you wanted. For DNS server you'll need to replace it with the IP address that resolves the domain names.

[ShadowWolf810]

2 minutes ago, Lurick said:

Yah, so if you want to enable SSH for access instead of using a serial cable then you'll need to put in a domain name. It can be pretty much anything, you could use local.lab if you wanted. For DNS server you'll need to replace it with the IP address that resolves the domain names.

Oh so if I were to make it local.lab that would mean that putting that into a web browser would bring up the Web UI correct? Still confused about the second part, networking is definitely not my thing, how would I go about finding that IP for the DNS server?

 

[Lurick]

1 minute ago, ShadowWolf810 said:

Oh so if I were to make it local.lab that would mean that putting that into a web browser would bring up the Web UI correct? Still confused about the second part, networking is definitely not my thing, how would I go about finding that IP for the DNS server?

 

Nah, domain name is what it will append if you try to lookup something from the router. Basically if you hit a bunch of random keys and then hit enter, it will try to lookup whatever that is .local.lab, lol. You can find the DNS servers you're using now from a computer such as going into Windows CMD and then ipconfig /all and taking the IP address for DNS server and using that.

[ShadowWolf810]

2 minutes ago, Lurick said:

Nah, domain name is what it will append if you try to lookup something from the router. Basically if you hit a bunch of random keys and then hit enter, it will try to lookup whatever that is .local.lab, lol. You can find the DNS servers you're using now from a computer such as going into Windows CMD and then ipconfig /all and taking the IP address for DNS server and using that.

Interesting, not sure I totally understand the domain name part, will need to do some more research. For the DNS server I'd need to be in the lab to see what one they're currently using. They're all on Macs there, do you know off the top of your head if that shows up in the Network Preferences on Mac? If not is there any downside to using Google's DNS server 8.8.8.8?  

[Lurick]

6 minutes ago, ShadowWolf810 said:

Interesting, not sure I totally understand the domain name part, will need to do some more research. For the DNS server I'd need to be in the lab to see what one they're currently using. They're all on Macs there, do you know off the top of your head if that shows up in the Network Preferences on Mac? If not is there any downside to using Google's DNS server 8.8.8.8?  

So basically the domain name part allows the router to lookup using the local domain name (so you can type in ping router2 and it will translate that to router2.domain.extension) and to generate SSH certificates for the router. As for the Mac part, I can't say for sure but I'm going to guess it probably will. The only downside to using google's DNS would be if you have to go to something local to the schools domain like blah.internal.school or something, you wouldn't be able to resolve that necessarily without their DNS servers.

[ShadowWolf810]

2 minutes ago, Lurick said:

So basically the domain name part allows the router to lookup using the local domain name (so you can type in ping router2 and it will translate that to router2.domain.extension) and to generate SSH certificates for the router. As for the Mac part, I can't say for sure but I'm going to guess it probably will. The only downside to using google's DNS would be if you have to go to something local to the schools domain like blah.internal.school or something, you wouldn't be able to resolve that necessarily without their DNS servers.

OHH I see, that makes more sense, well I think we'll definitely make a lot more progress thanks to you! I do have a few other questions. 

 

In the code you gave me I see its only configuring 3 or 4 of the ports, should I repeat those steps for all 8 GigabitEthernet ones if I want to be able to have up to those 8 connections?

 

Is it correct to assume that to check if everything's working from home that I could temporarily use Google's DNS server, then plug my ISP connection directly into this router, then my computer into the router and it should give my pc an IP address and have internet access?

 

Do you know of any online resources with a fully fleshed out class to take for free on this stuff? Short of a few youtube playlists I haven't found anything like that.  

[Lurick]

6 minutes ago, ShadowWolf810 said:

OHH I see, that makes more sense, well I think we'll definitely make a lot more progress thanks to you! I do have a few other questions. 

 

In the code you gave me I see its only configuring 3 or 4 of the ports, should I repeat those steps for all 8 GigabitEthernet ones if I want to be able to have up to those 8 connections?

 

Is it correct to assume that to check if everything's working from home that I could temporarily use Google's DNS server, then plug my ISP connection directly into this router, then my computer into the router and it should give my pc an IP address and have internet access?

 

Do you know of any online resources with a fully fleshed out class to take for free on this stuff? Short of a few youtube playlists I haven't found anything like that.  

1. Yes, you said you only had 2 switches so I just did it for a couple ports but if you want to hook stuff directly up to the router then you'll need to configure the other ports as well.

The only thing I'm not certain will work is under the Gi0 interface with ip add dhcp default. If that doesn't work then just do 'ip address dhcp' and then you'll need to add 'ip route 0.0.0.0 0.0.0.0 Gi0'

2. That should work, yes

3. Try to lookup CBT Nuggets on YouTube, they are pretty good and go in depth.

[ShadowWolf810]

6 minutes ago, Lurick said:

1. Yes, you said you only had 2 switches so I just did it for a couple ports but if you want to hook stuff directly up to the router then you'll need to configure the other ports as well.

The only thing I'm not certain will work is under the Gi0 interface with ip add dhcp default. If that doesn't work then just do 'ip address dhcp' and then you'll need to add 'ip route 0.0.0.0 0.0.0.0 Gi0'

2. That should work, yes

3. Try to lookup CBT Nuggets on YouTube, they are pretty good and go in depth.

1. Ok great I'll go ahead and just do it for all of them. I know there's a few other rooms/theaters/etc all connected to that lab because its the film lab, not exactly sure how all of it is handled so I'll just go ahead and configure those as well. 

 

2. When you say doesn't work, do you mean I try the original and it doesn't work meaning it kicks out an error and the command doesn't work, or like, doesn't work i.e I go back to campus and hook everything up still have no internet access. 

 

3. Thanks I'll check them out! 

 

New question 4. what else would I have to do to set up and access the web UI? I had seen the steps on Cisco's website but never could actually get it. It had "ip http server" and "ip http authentication local" and stuff like that but had no luck. I had originally assigned an IP to Vlan1 arbitrarily, then tried to connect to that in a browser, and by typing http://'router-name'/ which is my case was AtlasLab because I changed the hostname to that. Is that where the domain name part would come in instead?  

[CiscoFan]

You would need to configure an IP address on an interface such as Gig0 based on your router and the domain name comes from a DNS lookup, say if you have a Windows Server, you will need to configure the domain name on that and on the router. 

[Lurick]

11 hours ago, ShadowWolf810 said:

1. Ok great I'll go ahead and just do it for all of them. I know there's a few other rooms/theaters/etc all connected to that lab because its the film lab, not exactly sure how all of it is handled so I'll just go ahead and configure those as well. 

 

2. When you say doesn't work, do you mean I try the original and it doesn't work meaning it kicks out an error and the command doesn't work, or like, doesn't work i.e I go back to campus and hook everything up still have no internet access. 

 

3. Thanks I'll check them out! 

 

New question 4. what else would I have to do to set up and access the web UI? I had seen the steps on Cisco's website but never could actually get it. It had "ip http server" and "ip http authentication local" and stuff like that but had no luck. I had originally assigned an IP to Vlan1 arbitrarily, then tried to connect to that in a browser, and by typing http://'router-name'/ which is my case was AtlasLab because I changed the hostname to that. Is that where the domain name part would come in instead?  

1. Cool

2. Yah, it will spit out an error when you try to enter the command

3. I'll see if I can find more resources later and let you know

4. If you have ip http authentication local you also need a 'username blah privilege 15 password somepasswordhere'. The hostname is just of local significance to the router and helps to identify it when you access the device. The domain-name would come into play in a different role, mainly it's for SSH certification and HTTPS certificate generation. You can assign any IP address you like to VLAN 1 or make a new Vlan as well, just need to change the switchport access portion of the port you'll be plugged into. If you change the Vlan 1 IP address you'll need to change the pool of addresses and subnet mask as well for the DHCP pool.

[ShadowWolf810]

On 2/11/2017 at 5:13 AM, Lurick said:

1. Cool

2. Yah, it will spit out an error when you try to enter the command

3. I'll see if I can find more resources later and let you know

4. If you have ip http authentication local you also need a 'username blah privilege 15 password somepasswordhere'. The hostname is just of local significance to the router and helps to identify it when you access the device. The domain-name would come into play in a different role, mainly it's for SSH certification and HTTPS certificate generation. You can assign any IP address you like to VLAN 1 or make a new Vlan as well, just need to change the switchport access portion of the port you'll be plugged into. If you change the Vlan 1 IP address you'll need to change the pool of addresses and subnet mask as well for the DHCP pool.

So I've since procrastinated on working on this, assuming I'd have no problems like an idiot haha. Hopefully you're around tonight. The command you had mentioned that might not work didn't work like you said. So 

'ip add dhcp default' gave an error so then I tried 'ip address dhcp' like you said, but when I try to do that it gives an error and says IP addresses may not be configured on L2 links. Had this same problem before when trying to assign IPs to the interfaces.

[LAwLz]

15 minutes ago, ShadowWolf810 said:

'ip add dhcp default' gave an error so then I tried 'ip address dhcp' like you said, but when I try to do that it gives an error and says IP addresses may not be configured on L2 links. Had this same problem before when trying to assign IPs to the interfaces.

Haven't read the entire thread, but if it says "IP addresses may not be configured on L2 links" then you are dealing with a layer 3 switch.

 

You will need to type in the command:

Router(config-if)# no switchport

and then you can set the interface to use a DHCP server.

 

 

But if it's just going to be a local network then you don't need to use those commands at all, nor do you need the NAT commands and the access list.

[ShadowWolf810]

5 minutes ago, LAwLz said:

Haven't read the entire thread, but if it says "IP addresses may not be configured on L2 links" then you are dealing with a layer 3 switch.

 

You will need to type in the command:

Router(config-if)# no switchport

and then you can set the interface to use a DHCP server.

 

 

But if it's just going to be a local network then you don't need to use those commands at all, nor do you need the NAT commands and the access list.

Yeah its a router for a computer lab on my campus, and I'm supposed to configure it, it does need to be able to connect to the internet. So these were the instructions I got from someone else. So when I got to the 7th line of that text was the first time I got the error. The following instructions for Interface 1 through 3 worked correctly, I'm assuming because of the switch port command. For Gi0 should I do 'no switchport' and then 'add dhcp default'? For whatever reason, using the exact same instructions that worked for Interface 1 through 7 wouldn't work for 8. 'show ip interface brief' shows them as administratively down, and even though vlan 1 was configured through the steps below its not showing Vlan 1 anymore, and instead is NVI0

On 2/10/2017 at 4:33 PM, Lurick said:

 

 

conf t
hostname LAN Router
ip domain-name (plug in here)
!
ip dhcp pool (give it a name)
dns-server x.x.x.x
network 192.168.1.0 255.255.255.0
!
int Gi0
ip add dhcp default
ip nat outside
!
int vlan 1
ip add 192.168.1.1 255.255.255.0
ip nat inside
!
access-list 10 permit 192.168.1.0 0.0.0.255
ip nat inside source list 10 interface Gi0 overload
!
int Gi1
switchport
switchport mode access
switchport access vlan 1
no shut
!
int Gi2
switchport
switchport mode access
switchport access vlan 1
no shut
!
int Gi3
switchport
switchport mode access
switchport access vlan 1
no shut
!
line con 0
 logging synchronous
 stopbits 1
line vty 0 4
 logging synchronous
 exec-timeout 30 0

 

 

[ShadowWolf810]

19 minutes ago, LAwLz said:

Haven't read the entire thread, but if it says "IP addresses may not be configured on L2 links" then you are dealing with a layer 3 switch.

 

You will need to type in the command:

Router(config-if)# no switchport

and then you can set the interface to use a DHCP server.

 

 

But if it's just going to be a local network then you don't need to use those commands at all, nor do you need the NAT commands and the access list.

Also I just tried using the no switchport command you mentioned but I'm getting an error saying that its an incomplete command

[LAwLz]

26 minutes ago, ShadowWolf810 said:

Also I just tried using the no switchport command you mentioned but I'm getting an error saying that its an incomplete command

Yeah I looked up the router name and it only has 2 routed ports. So your WAN link (the one with the ip add dhcp command) will need to be gig8 or gig9. It can't be gig0.

 

But you have bigger problems that than. I am not that experienced with these router/switch combo units from Cisco, but if they are anything like their dedicated routers then the config posted above will not work. Among other things, it does not have any routes in it, so no traffic will be able to leave it. The DHCP scope does not specify any default gateway either, so your computers will have no idea of how to reach the Internet either.

 

Another issue I can think of is the way you connect the router. I assume your school hasn't rented a dedicated ISP line for this network by itself, right? I assume that this router will be connected to another switch or router at school, which the Internet traffic will go though. If that's the case then you can't just pick something like 192.168.1.0 for your DHCP scope because that might cause conflicts with the rest of the network. Even assuming that everything is correct in the router and switches you got, the rest of the network will have no idea how to reach you, and thus you will not get any Internet access.

 

I don't really have time to help you right now, but maybe someone else has. Those are the issues I've found by skimming though the config though.

[ShadowWolf810]

2 minutes ago, LAwLz said:

Yeah I looked up the router name and it only has 2 routed ports. So your WAN link (the one with the ip add dhcp command) will need to be gig8 or gig9. It can't be gig0.

 

But you have bigger problems that than. I am not that experienced with these router/switch combo units from Cisco, but if they are anything like their dedicated routers then the config posted above will not work. Among other things, it does not have any routes in it, so no traffic will be able to leave it. The DHCP scope does not specify any default gateway either, so your computers will have no idea of how to reach the Internet either.

 

Another issue I can think of is the way you connect the router. I assume your school hasn't rented a dedicated ISP line for this network by itself, right? I assume that this router will be connected to another switch or router at school, which the Internet traffic will go though. If that's the case then you can't just pick something like 192.168.1.0 for your DHCP scope because that might cause conflicts with the rest of the network. Even assuming that everything is correct in the router and switches you got, the rest of the network will have no idea how to reach you, and thus you will not get any Internet access.

 

I don't really have time to help you right now, but maybe someone else has. Those are the issues I've found by skimming though the config though.

Hmm I see, well I appreciate the help. I really don't know anything about these, everything I've learned about this router, and most of my networking knowledge, has just come from researching this thing. The school is a university and I know it has its own B Class network, and I believe this is the router at least for the whole building but I really don't know much beyond that. 

 

Its not imperative that I get it working by tomorrow, if you have time to help more later do let me know!