I purchased some Cisco equipment recently. I set my Cisco router behind the Arris router I received from my ISP. The Arris uses DHCP from my ISP and uses NAT. I linked my Cisco router to the Arris and assigned it an ip within the DHCP private range the Arris is providing. First I tried pinging my default gate way (the arrris router default gateway) and was successful. I then tried to ping 188.8.131.52 from my Cisco router and was unsuccessful. After this I went and looked at my routers WAN settings and found the address, subnet, and default gateway that connects me to my ISP. I added that as a static route on my Cisco router. I can ping the global IP assigned to my Arris and it's default gateway. However, I still cannot ping 184.108.40.206 from the Cisco router. Any ideas? The only thing I have come up with is that Google cannot reply to me. This is odd thought because the address assigned to my Cisco in the LAN should be NAT'd once it goes out. I forgot to mention that I can ping 220.127.116.11 from my PC hooked up to the same Arris router but on a different port, but it is still in the same subnet of 192.168.1.1/24 just like the Cisco router.
A couple of questions about the hardware...
Cisco router, is this a full on router or a wireless router
Is the Arris router a modem from your ISP or full on router from the ISP?
I think I may know what's is happening but not sure until I get some hardware details.
The Cisco router is a 2811. The Arris router is the all-in-one modem/router/switch/AP
What you'll want to do is :
Arris router interface connects to your ISP.
Take a Switchport on Arris to connect to your Cisco 2811, it should assign a DHCP address to your Cisco 2811 port and a default gateway and even DNS.
On your other port on the 2811 router, this will become your Default Gateway for your internal network. Assign an IP address
2811r1>enable 2811r1#config t 2811r1(config)#int fa0/1 2811r1(config-if)#ip address 172.16.0.1 255.255.255.0 2811r1(config-if)#no shutdown
- Setup DHCP server on 2811 to hand out IP address and options through your default gateway.
2811r1>enable 2811r1#config t 2811r1(config)# 2811r1(config)# ip dhcp pool NET-POOL 2811r1(dhcp-config)# network 172.16.0.0 255.255.255.0 2811r1(dhcp-config)# default-router 172.16.0.1 2811r1(dhcp-config)# dns-server 18.104.22.168 22.214.171.124
4.5 You'll also need to configure NAT on your 2811 between the your int fa0/1 (facing your LAN) and your int fa0/0 (facing your Arris modem)
- Anyone plugged into your switch on your LAN side should receive IP address, DNS and Default gateway from your 2811.
You're essentially setting up 2 subnets. One between the Arris and the 2811. Your Cisco Router is acting like a client to the Arris. Two, the other port of the cisco router to your LAN clients. If configured properly you should be getting a DHCP address from your 2811 and you should be able to ping your default gate. Route through the router to the Arris and the Arris to the Internet.
I think this will work.
on the other hand...
You might be able to contact your ISP and get them to let you setup that modem in transparent mode, then your 2811 will be handed the IP address from your ISP instead. This would be more ideal, as the configuration above will essentially do double NAT.
another question... your network would work perfectly fine without the cisco 2811 in the mix. Is there a reason for it? just curious!
The reason for doing this is, well, because I wanted to see if I could. What I did was assign my 2811 with a static IP outside of the Arris DHCP pool. I also assigned the port facing the Arris the Default gateway of the Arris. I never actually hooked up my switch after the 2811. I just pinged 126.96.36.199 form the 2811 and did not receive any replies. I never assigned a DNS, but I believe it should not be needed if I am using the IP of google dns. This is why I was confused. I figured that being connected to the Arris subnet, and being NAT'd by the Arris, I should have received a reply. I haven't tried doing what you said yet but I believe that originally I hooked up my 2811 to the Arris and it did not receive an IP from the Arris DHCP. I was just basically having fun with my router, playing around and getting familiar with commands and initial setup.
I guess I really don't know if I am being NAT'd by the Arris. However, I can see the router as a client in the Arris LAN client list.
Ok. If you're just using your 2811 as a client. You should be able to connect the 2811 to one of the switchports on the Arris.
On the 2811 whichever port you connect to the Arris. I would just do an
ip address dhcpand turn the port on. The Arris should assign it all it needs from its DHCP server.
That should work! should
I would suggest ditching the arris and just using the 2811 as your main router, but in novice hands this can be very dangerous. What you are doing is called "double nating" Your 2811 is going to be doing some nating as well as the arris.
When in doubt do a traceroute.
You need 2 things to get out to the internet from the 2811.
- like Ronnie said go to the WAN interface (fastethernet0 or 0/1) and issue the ip address dhcp.
- you also need a default route to tell the router where to send traffic that is destined for networks it has no clue about.
ip route 0.0.0.0 0.0.0.0 fastethernet 0/0 <--your WAN port or the IP of the arris
Setting up the default route should enable you to ping 188.8.131.52
Now why not set up NTP?
ntp server 0.north-america.pool.ntp.org
ntp server 1.north-america.pool.ntp.org
ip name-server 184.108.40.206
ip name-server 220.127.116.11
clock timezone est -5 0 <-- i'm in new york so adjust to whatever your time zone is.
and make sure ip domain lookup is turned on. I know all the books and such tell you to disable that but this won't work without it.
Have fun. Don't be a stranger around here. I have a similar set up to yours. Except I have a Cisco Meraki router as my main router and my Arris is behind that in it's own VLAN away from the rest of my network where it can't cause any trouble. I really loathe ISP provided "routers"
I also have 2 2811 and a 2821 connected to the Meraki system.
Forgot to mention, depending on what service you have the arris could be responsible for the tv guide information, on demand services, and DVR on your set top boxes.
This is why I couldn't totally just rip mine out or put mine into bridge mode. I have Fios. My equipment is not capable of doing DMZ without a static public IP so I had to give up the ability to remotely set up my DVR. everything else works though.
DSLreports.com is a great resource for dealing with residential ISP stuff.
in case you have fios check out this page. Although with an Arris you probably have a cable provider.
I was able to figure the issue out with your help. Ronnie was correct as I needed to setup NAT from the new network I created to the IP which connected to my Arris router. It had been a while since I setup NAT so I forgot the "ip nat inside" and "ip nat outside" commands on the interfaces of the router. Statically assigning the interface that connected to the Arris worked pretty much the same way as using "ip address DHCP" command because the issue was actually NAT. I will leave my Arris first inline because it has a firewall and the Cisco is just my lab equipment. I have saved that config just in case I forgot.
It's funny because I got frustrated with it and had moved on to watching the CCNA videos. I did not realize my mistake until I was watching Don and Ronnie compare config files that were backed up to the tftp server. I paused it and had a "duh" moment.
Sorry but this was the first chance I had really got to sit down and play with the equipment in a long time. This is now resolved. Thanks guys