How to Configurate NAT on Cisco 1941

When you want to connect a local network to the Internet and you don’t have that much IP addresses.

There are two types of NAT that can be configured on a Cisco router Cisco 3925E; static, and dynamic.

Static NAT Configuration:

 This type is used when you want to do one-to-one assignment of local IP addresses to global IP addresses.

 1. Establish static translation between an inside local address and an inside global address,

 Router(config)#ip nat inside source static XXX.XXX.XXX.XXX YYY.YYY.YYY.YYY

 where,

 XXX.XXX.XXX.XXX is the (inside) local address

 YYY.YYY.YYY.YYY is the (inside) global address

2. Specify the local interface. This is done by going to the interface configuration mode and issuing,

 Router(config-if)#ip nat inside

3. Specify the global address. This is done by going to the interface configuration mode and issuing,

 Router(config-if)#ip nat outside

Dynamic NAT Configuration:

 This type is used when you want the router to do the mapping dynamically. This method is useful when you have too many global and local addresses and you do not want to do the mapping manually, or when the number of global addresses available is less than the local addresses.

This would lead us to two different scenarios,

A. The number of global IP addresses is equal or less than the local addresses and more than one. (global >= local >1)

1. Define a pool of global addresses that would be employed in the translation,

Router(config)#ip nat pool NAME XXX.XXX.XXX.XXX YYY.YYY.YYY.YYY netmask ZZZ.ZZZ.ZZZ.ZZZ

where,

NAME is the name of the pool

XXX.XXX.XXX.XXX is the starting IP address of the pool

YYY.YYY.YYY.YYY is the end IP address of the pool

ZZZ.ZZZ.ZZZ.ZZZ is the subnet mask of the network that the pool is part of.

Below are the details for the Cisco 1941 NAT configuration:

<iframe width="420" height="315" src="//www.youtube-nocookie.com/embed/Rs2tN6kAinU" frameborder="0" allowfullscreen></iframe>

http://www.youtube.com/watch?v=Rs2tN6kAinU

It is refered from: www.routergeek.net/general.

How to Password Recovery for the Cisco 2900

There are no specific requirements for recovery passwprd for the Cisco 2900, taking Cisco 2921 router and Cisco 2951 router for examples

The steps:

1 Either switch off or shut down the router.

2 Remove the compact flash that is on the rear of the router. This image shows the rear of the 2951 router:

For more information, refer to Back Panel Slots and Connectors on the Cisco 2921 and 2951 Routers.

3 Switch on the router.

4 Once the router is on Rommon mode, reinsert the compact flash.

5 Type confreg 0x2142 at the rommon 1> prompt in order to boot from Flash.

This step bypasses the startup configuration where the passwords are stored.

6 Type reset at the rommon 2> prompt.

The router reboots, but ignores the saved configuration.

7 Type no after each setup question, or press Ctrl-C in order to skip the initial setup procedure.

8 Type enable at the Router> prompt.

You are in enable mode and should see the Router# prompt.

9 Type configure memory or copy startup-config running-config in order to copy the nonvolatile RAM (NVRAM) into memory.

Warning:  Do not enter copy running-config startup-config or write. These commands erase your startup configuration.

10 Issue the show running-config command.

The show running-config command shows the configuration of the router. In this configuration, the shutdown command appears under all interfaces, which indicates all interfaces are currently shut down. In addition, the passwords (enable password, enable secret, vty, and console passwords) are in either an encrypted or unencrypted format. You can reuse unencrypted passwords. You must change encrypted passwords to a new password.

11 Type configure terminal.

The hostname(config)# prompt appears.

12 Type enable secret <password> in order to change the enable secret password. For example:

hostname(config)#enable secret cisco

13 Issue the no shutdown command on every interface that you use.

If you issue a show ip interface brief command, every interface that you want to use should display up up.

14 Type config-register <configuration_register_setting> . Where <configuration_register_setting> is either the value you recorded in step 2 or 0x2102 . For example:

hostname(config)#config-register 0x2102

15 Press Ctrl-z or end in order to leave the configuration mode.

The hostname# prompt appears.

16 Type write memory or copy running-config startup-config in order to commit the changes.

The Cisco 2951 price and Cisco 1921 price, please refer the below links:

http://www.3anetwork.com/cisco-cisco2951/k9-price_p240.html

http://www.3anetwork.com/cisco-cisco1921-sec/k9-price_p210.html

Cisco Router Question: Cisco 2901

Question: I've logged into a Cisco 2901 and typed 'show ip route'. And it says something like this:

192.168.10.0/24 directly connected to fastethernet0/0

192.168.9.0/24 directly connected fastethernet0/0

I don't fully understand what the above means?

Answer: It means those routers are derived from the IP address/mask of your interfaces and are automatically generated.

The router is connected, and can reach, two different LANs (or networks).  192.168.10 and .9 IPv4.

You router interface f0/0 is configured for  seconday ip addresses

Ip address x.x.x.x y.y.y.y secondary

The more infornation or overview of Cisco router, please visit: http://ciscorouteroverview.tumblr.com

Problems HWIC-3G-GSM for Cisco 1941 router

I am replacing an old 1841 that has a HWIC-3G-GSM coax card in it

I need to know what is the part number for the equivalent HWIC-3G card that goes into the new Cisco 1941 router.

Does anyone know what that part number is?  (and could you please provide both a link and a picture so that I can be sure it is the coax version?)

The 1841 also has a T-1 WIC so if you could also include the part number for an equivalent T-1 WIC for the Cisco 1941 router, I would appreciate it.

The solution:

The part numbers vary based upon the carrier.

EHWIC-3G-HSPA +7-A    :  GSM card for AT&T

3.7G HSPA+ Release 7 EHWIC w/ SMS/GPS (MC8705) (AT&T)

EHWIC-3G-EVDO-S : GSM card for Sprint

3G EHWIC Sprint EV-DO Rev A/0/1xRTT 800/1900MHz with SMS/GPS

EHWIC-3G-EVDO-V: GSM card for Verizon

3G EHWIC Verizon EV-DO Rev A/0/1xRTT 800/1900MHz w/ SMS/GPS

Customers interested in purchasing CISCO1941W-T/K9, best price on 3anetwork.com:

US$1,215.00, 42% off. As the List price: US$2,095.00.

Cisco 1941 builds on the best-in-class offering of the existing Cisco 1841 Integrated Services Routers by offering 2 models - Cisco 1941 and Cisco 1941W. In addition to the support of a wide range of wireless and wired connectivity options supported on Cisco 1941 Series, Cisco 1941W offers integration of IEEE 802.11n access point which is backwards compatible with IEEE 802.11a/b/g access points.

3Anetwork.com wholesales Cisco 1900 Series Integrated Services Router CISCO1941W-T/K9, CISCO1941W-T, CISCO1941W, original new Cisco CISCO1941W-T/K9 at competitive price. In most cases, we can deliver CISCO1941W-T/K9 in 2 business days. Simply add Cisco CISCO1941W-T/K9 to your shopping cart for the best price Cisco Integrated Services Router CISCO1941W-T/K9. Good discount of Cisco 1900 Series Router, best Cisco 1900 Router CISCO1941W-T/K9 price, save your money.

Contack information:

Telephone: +852-3069-7733(Hong Kong)

Fax: +852-3069-7731

Email:   info@3Anetwork.com(Sales Inquiries)

Address: 23/F Lucky Plaza, 315-321 Lockhart Road, Wanchai, Hongkong

Website: http://www.3anetwork.com

Cisco 1941 Router Can't Connect to WAN

Cisco 1941 Router Can't Connect to WAN

1 I am converting our offices over to Cisco 1941 routers.  The total background of it was covered in this EE question: Configuring 1941 Router

Since then, I have confirmed that everything internally, works fine.  I can communicate with all the internal networks as was planned.  What is not working, is getting out to the internet.  I have taken a second 1941 and configured it with a striped down config, and can connect out to the internet fine.  I have also moved the WAN connection to int g0/0 from int g0/0/0, but that made no difference.  From the CLI, I can ping the gateway, but nothing else outside.

What am I missing or what do I have configured incorrectly?

I've attached the current running config.  Usernames/Passwords, and certain ip addresses have been replaced with xxxxxxxx or x.x.x.x.

Solution:

On first look at your ACL's you have subnet masks and not wildcard masks:

access-list 101 permit tcp any 0.0.0.0 255.255.255.0 established

access-list 102 permit tcp any 0.0.0.0 255.255.255.0 established

access-list 105 permit tcp any 0.0.0.0 255.255.255.0 established

etc.. etc...

if you want this to be ANY ANY you should have access-list XYZ permit tcp any 0.0.0.0 255.255.255.255 established, just checking through rest of config.

2 Ping 8.8.8.8 timed out, on both the router and a connected pc.

I just did some other ping tests.  As said before, I can ping the WAN gateway.  Can't ping a external domain name (doesn't get translated), can't ping an external domain ip, and can't ping the ISP DNS servers (which I confirmed correct).

guptasan26: if I remove those routes, will the 1941 automatically route the internal networks?

Solution:

No sure how current the config is that yo uposted but you have turned off routing with the

no ip routing.

Re-enable ip routing by entering ip routing from config mode and then you should be able to route correctly.