Question : Problem: Need help configuring a CISCO 1711 (a rookie question)

I am a developer just learning about configuring routers and am having some trouble configuring a CISCO 1711. I am just using this router for development of load balancing software. I also have a CISCO SOHO 91 and used the web configuration tool to set up the router and have used telnet to set some NAT settings.

What i would really like to accomplish is the following:

Have the router provide an internal private network on the inside but be able to use the DNS of the outside network (my corporate network). With the SOHO 91 i have accomplished this with the following configuration (external ip of 172.31.11.64):

version 12.3
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname keith
!
enable secret 5 xxxxx
!
username CRWS_Giri privilege 15 password 7 xxxxx
username keith password 7 xxxxx
no aaa new-model
ip subnet-zero
ip name-server 172.31.2.1
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool CLIENT
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
dns-server 172.31.2.1
domain-name xxxxx.com
lease 0 2
!
!
interface Ethernet0
ip address 10.10.10.1 255.255.255.0
ip nat inside
no ip mroute-cache
no cdp enable
hold-queue 32 in
!
interface Ethernet1
ip address 172.31.11.64 255.255.255.0
ip nat outside
no ip mroute-cache
duplex auto
no cdp enable
!
ip nat inside source list 102 interface Ethernet1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 172.31.11.254
ip http server
no ip http secure-server
!
access-list 102 permit ip 10.10.10.0 0.0.0.255 any
no cdp run
!
line con 0
exec-timeout 120 0
no modem enable
stopbits 1
line aux 0
line vty 0 4
exec-timeout 120 0
login local
length 0
!
scheduler max-task-time 5000
!
end

The current configuration i am using for the CISCO 1711 is the following (external IP of 172.31.11.78):

version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
enable secret 5 xxxxxxxx
enable password xxxxxx
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no aaa new-model
ip subnet-zero
!
!
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool CLIENT
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
dns-server 172.31.2.1
domain-name vitalimages.com
lease infinite
!
ip dhcp pool client
!
!
ip domain name xxxxxx.com
ip name-server 172.31.2.1
ip cef
ip ids po max-events 100
no ftp-server write-enable
!
!
interface FastEthernet0
ip address 172.31.11.78 255.255.255.0
ip nat inside
ip virtual-reassembly
no ip mroute-cache
duplex auto
speed auto
no cdp enable
hold-queue 32 in
!
interface FastEthernet1
switchport access vlan 100
no ip address
!
interface FastEthernet2
switchport access vlan 100
no ip address
!
interface FastEthernet3
switchport access vlan 100
no ip address
!
interface FastEthernet4
switchport access vlan 100
no ip address
!
interface Vlan100
ip address 10.10.10.1 255.255.255.0
!
interface Vlan1
no ip address
ip nat outside
ip virtual-reassembly
!
interface Async1
no ip address
!
ip default-gateway 172.31.11.254
ip classless
ip route 0.0.0.0 0.0.0.0 172.16.7.254
ip route 0.0.0.0 0.0.0.0 172.31.11.254
ip http server
no ip http secure-server
ip nat inside source list 102 interface FastEthernet1 overload
!
!
!
access-list 102 permit tcp 10.10.10.0 0.0.0.255 any
access-list 102 permit tcp 172.31.11.0 0.0.0.255 any
access-list 102 permit ip any 172.31.11.0 0.0.0.255
access-list 102 permit ip any any
!
!
control-plane
!
!
line con 0
line 1
stopbits 1
speed 115200
flowcontrol hardware
line aux 0
line vty 0 4
login
!
end

Currently the CISCO 91 works fine, i can ping the DNS (172.31.2.1) from a pc running on 10.10.10.2 plugged into the router private network jack(using the ping command). Also i can telnet the router from the pc.

However from the the CISCO 1711 can't ping the DNS, I try to ping the DNS (172.31.2.1) from a pc running on 10.10.10.3 plugged into the WIC and cannot. From telnet connection via the console (hyperterminal) i can ping the DNS(172.31.2.1) using the IOS ping command.

Again i am just trying to make a private network but would like to use the DNS of the corporate network.

Thanks in advance for your help

Answer : Problem: Need help configuring a CISCO 1711 (a rookie question)

I think I see the problem- you have

interface FastEthernet0
ip address 172.31.11.78 255.255.255.0
ip nat inside

interface FastEthernet4
switchport access vlan 100
no ip address
!
interface Vlan100
ip address 10.10.10.1 255.255.255.0
!
interface Vlan1
no ip address
ip nat outside

You need
interface FastEthernet0
ip address 172.31.11.78 255.255.255.0
ip nat outside
interface Vlan100
ip address 10.10.10.1 255.255.255.0
ip nat inside

And shut down VLAN 1, or at least remove ip nat outside from it.

Random Solutions

Problem: HOW TO INSTALL INTEL PRO WIRELESS DRIVERS ON DELL LATITUDE D830 WITH WINDOWS SERVER 2003 R2 X64

Problem: Sound from both headphone jack and speaker jack poor and scratchy

Problem: BackupExec - Exchange Backup fast by only 1 Storage Group

Problem: How can I set the front side bus speed on a Gigabyte GA-8IHXP motherboard

Problem: Use blackberry's to know who is at the office

Problem: How do I configure software to consistently monitor Cisco switches?

Problem: Cost per page

Problem: Networking Ethernet handoff config

Problem: Win XP Doesn't recognize Flash Drive

Problem: Adding a second Farm/license server to existing environment.