Cisco Routing/Switching – Configure Your Lab Environment to work with your Home Router

This is a simple guide, configure your home router (DSL or Cable) to work with your Cisco equipment. In this Scenario I will set my Virgin Media equipment to communicate fully with my lab equipment and use my Cisco router to break out to the internet using my ISP router.

So in this scenario all I’m going to do is configure my Cisco 2960-X Switch to talk to my Cisco 1841 Router then have a route set to go through my ISP (Virgin Media) to reach the internet, nice and simple. All that’s required here is your Cisco Router a Cisco Switch and some UTP cables, now just as a note normally if you were connecting a router to another router you would require a Crossover cable but as ISP routers work fine with UTP cables this is fine.

 

 

 

 

 

 

 

 

In the image above I have my Two interfaces in my Cisco Router, 1 connected to the ISP router and one connected to my Switch, then in my Switch I have the connection to my Cisco Router and an Ethernet cable to test my connection works after we have configured everything.

To achieve this we will need to complete the following:

  • Configure two ports on our Router, 1 port for ISP 1 port for Switch Link – Configure one port with our ISP IP address and one with our private network address and activate them with descriptions
  • Configure a private DHCP Pool with a name and specify the network address,default router and DNS
  • Configure a static route to your ISP
  • Configure our ISP interface to use NAT outside
  • Configure our Switch interface to use NAT inside
  • Create a standard access control list to permit anything
  • Configure NAT to use the ACL on the ISP interface and use Overload

Configure the router

First ensure your router has no configuration stored on it, best to just completely wipe it and start again refer to my guide here if you require assistance in wiping your device.

So once on your device have a look at the available interfaces, for this we will need two interfaces 1 for the ISP and one for our Switch ensure they have no configuration on them:

Router#sh ip int brief
Interface                  IP-Address      OK? Method Status                Prot                                                                                                             ocol
FastEthernet0/0            unassigned      YES unset  administratively down down                                                                                                             
FastEthernet0/1            unassigned      YES unset  administratively down down                                                                                                             
Serial0/0/0                unassigned      YES unset  administratively down down                                                                                                             
Router#

As you can see by my example the interfaces are down and no IP Addresses are assigned.

So let’s decide which interface connects to what and enable them and give them a description.

Router#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#int fa0/1
Router(config-if)#description ** LINK TO ISP **
Router(config-if)#ip address dhcp
Router(config-if)#no shut
*Oct 15 15:04:46.823: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0/1 assigned DHCP address 192.168.0.25, mask 255.255.255.0, hostname Router

Router(config-if)#no shutdown
Router(config-if)#end
Router#
*Oct 15 15:05:04.399: %SYS-5-CONFIG_I: Configured from console by console
Router#

As you can see from the output above I have chosen interface FastEthernet 0/1 to connect to my ISP router I have wrote a description configured that interface to assign IP addresses via DHCP from my Router to which it has chosen 192.168.0.25 /24 – I have then ran no shutdown to activate the port.

Next I’ll configure the Router connection to the switch:

Router#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#int fa0/0
Router(config-if)#Description ** Link To Lab Switch **
Router(config-if)#ip address 10.1.1.1 255.255.255.0
Router(config-if)#no shutdown
Router(config-if)#

As above I have configured that interface with a description a completely different IP range and a typical class C subnet mask /24 and have once again enabled the port using no shutdown.

At this point you should see the output of your interfaces update:

Router#sh ip int brief
Interface                  IP-Address      OK? Method Status                Protocol
FastEthernet0/0            10.1.1.1        YES manual up                    up
FastEthernet0/1            192.168.0.25    YES DHCP   up                    up
Serial0/0/0                unassigned      YES unset  administratively down down
Router#

Next we need to configure a DHCP pool so any device plugged into the LAN will have a private IP address:

So putting in ip dhcp pool **POOL NAME** I have just named mine Client for example purposes.

Before anything you must exluded the first and last address from being assigned out, then set your network address. In my example I’m using the 10.1.1.x network with a /24 subnet, set that interface IP as the default router and you can use google DNS if you don’t know your ISP’s or use whatever DNS you like for this example its easy to just use Googles.

Router#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#ip dhcp excluded-address 10.1.1.1
Router(config)#ip dhcp excluded-address 10.1.1.254
Router(config)#ip dhcp pool Client
Router(dhcp-config)#network 10.1.1.0 /24
Router(dhcp-config)#default-router 10.1.1.1
Router(dhcp-config)#dns
Router(dhcp-config)#dns-server 8.8.8.8
Router(dhcp-config)#end
Router#
*Oct 15 15:21:55.755: %SYS-5-CONFIG_I: Configured from console by console
Router#

So with my DHCP configured I need to create a route out to the internet through my ISP’s default gateway, usually your GW is something like 192.168.1.1 or 192.168.0.1 to find out open up a CMD on a PC with network and type ipconfig and then look at your Default Gateway:

 

 

 

 

 

 

 

So in my case it’s 192.168.0.1 so just keep a note of that:

We need to then configure our route:

Router#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#ip route 0.0.0.0 0.0.0.0 192.168.0.1
Router(config)#

So in simple terms this is saying route to Anywhere out via 192.168.0.1 creating a static route and a gateway of last resort you can see the output if you type sh ip route:

Router#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 192.168.0.1 to network 0.0.0.0

     10.0.0.0/24 is subnetted, 1 subnets
C       10.1.1.0 is directly connected, FastEthernet0/0
C    192.168.0.0/24 is directly connected, FastEthernet0/1
S*   0.0.0.0/0 [1/0] via 192.168.0.1
Router#

S* = Static Route connect out to the internet via 192.168.0.1

We now need to configure our ISP interface to use NAT oustide:

Router(config)#int fa0/1
Router(config-if)#ip nat outside
Router(config-if)#
*Oct 15 15:40:06.679: %LINEPROTO-5-UPDOWN: Line protocol on Interface NVI0, changed state to up
Router(config-if)#end
Router#
*Oct 15 15:40:34.887: %SYS-5-CONFIG_I: Configured from console by console
Router#

We now need to configure our Switch interface to use NAT inside:

Router#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#int fa0/0
Router(config-if)#ip nat inside
Router(config-if)#end
Router#
*Oct 15 15:43:10.107: %SYS-5-CONFIG_I: Configured from console by console
Router#

Now we have our interfaces configured along with our static route and NAT is configured inside and outside we need to create a standard access list, as we aren’t needing to restrict anything from the network we can just create a simple list with permit any:

Router#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#ip access-list standard 1
Router(config-std-nacl)#permit any
Router(config-std-nacl)#end
Router#

The above configures a simple access list and permits anything outbound or inbound

Once this is done we need to configure NAT to use this Access Control list on the ISP interface and use Overload:

Router#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#ip nat inside source list 1 interface fa0/1 overload
Router(config)#end
Router#
*Oct 15 15:49:58.035: %SYS-5-CONFIG_I: Configured from console by console
Router#

Then we are pretty much done on our Router so we can save our configuration using copy run start:

Router#copy run start
Destination filename [startup-config]?
Building configuration...
[OK]
Router#

Configuring the switch

Now assuming your Switch has been reset to factory defaults this should all just work through VLAN 1 as you plug devices in, If you have set up your switch already with the Dead-End VLAN then you will need to configure your interfaces to be up and work on the Access VLAN.

 

Testing your connection

So I had skipped a few things beforehand because I know they work but we can test them now too, see the list below:

  • Test we can reach google’s DNS from our Router  – Ping 8.8.8.8
  • Test we can reach our Default Gateway on our ISP ping your DG mine is 192.168.0.1
  • Plug in an ethernet cable into a new or existing device and let DHCP assign an IP Address
  • Having an IP Address assigned to your device from your private network then test internet connectivity
Router>en
Router#ping 8.8.8.8

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/22/28 ms
Router#ping 192.168.0.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/8 ms
Router#

Testing with my Switch I plugged in a UTP cable into my laptop and was given an IP address from my Private address range 10.1.1.0 /24

 

 

 

 

 

 

 

Testing the internet connection I can also get out the internet.

So here we have configured our home lab to our ISP router nice and easy as DHCP takes care of everything for us too.

 

 

 

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *