Config T1 with routed block
in [Cisco]
|
Prev: Vlans
Next: T1 Serial Problems
From: Stevo on 15 Sep 2009 10:59 Hello all, I have a Cisco 1721 with a T1 WIC and two ETH WICs. My ISP has configured the router with a static IP and I'd like to use my block as well. Here is what they have given me: Routed Block 64.39.164.224/29 IP address: 209.183.134.162 Gateway: 209.183.134.161 Any ideas? Thanks
From: Doug McIntyre on 15 Sep 2009 12:16 Stevo <riskinit(a)gmail.com> writes: >I have a Cisco 1721 with a T1 WIC and two ETH WICs. >My ISP has configured the router with a static IP and I'd like to use >my block as well. >Here is what they have given me: >Routed Block 64.39.164.224/29 >IP address: 209.183.134.162 >Gateway: 209.183.134.161 Seems straight forward. Did you want to NAT behind your routed block? Or did you want to use straight up IPs routed through the router? ie. a straight up routing is int ser 0 ip address 209.183.134.162 255.255.255.252 int eth 0 ip address 64.39.164.230 255.255.255.248 ip route 0.0.0.0 0.0.0.0 209.183.134.161 Ie. put a machine at 64.39.164.225 behind the router. It routes out through the T1 to the ISP. Done. If you want to setup NAT instead, there's many NAT documents. This one is a good starter http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094e77.shtml Here's a troubleshooting one that is good too. http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094c32.shtml
From: Stevo on 15 Sep 2009 13:58 On Sep 15, 12:16 pm, Doug McIntyre <mer...(a)geeks.org> wrote: > Stevo <riski...(a)gmail.com> writes: > >I have a Cisco 1721 with a T1 WIC and two ETH WICs. > >My ISP has configured the router with a static IP and I'd like to use > >my block as well. > >Here is what they have given me: > >Routed Block 64.39.164.224/29 > >IP address: 209.183.134.162 > >Gateway: 209.183.134.161 > > Seems straight forward. Did you want to NAT behind your routed block? > Or did you want to use straight up IPs routed through the router? > > ie. a straight up routing is > > int ser 0 > ip address 209.183.134.162 255.255.255.252 > int eth 0 > ip address 64.39.164.230 255.255.255.248 > ip route 0.0.0.0 0.0.0.0 209.183.134.161 > > Ie. put a machine at 64.39.164.225 behind the router. It routes out > through the T1 to the ISP. Done. > > If you want to setup NAT instead, there's many NAT documents. This one > is a good starter > > http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note091... > > Here's a troubleshooting one that is good too. > > http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note091... Thanks for the Info. This is no different than my configuration listed below: version 12.3 service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname Webber ! boot-start-marker boot-end-marker ! enable secret 5 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ! memory-size iomem 20 no aaa new-model ip subnet-zero ! ! no ip domain lookup ! ip cef ! username support privilege 15 password 7 xxxxxxxxxxxxxxxxxxxxxxx ! ! ! ! interface Ethernet0 ip address 64.39.164.230 255.255.255.248 ip nat outside full-duplex ! interface FastEthernet0 ip address 10.10.1.1 255.255.255.0 ip nat inside speed auto ! interface Serial0 ip address 209.183.134.162 255.255.255.252 ip nat outside ! ip nat inside source list 101 interface Serial0 overload ip classless ip route 0.0.0.0 0.0.0.0 209.183.134.161 no ip http server ! access-list 98 permit 199.166.210.105 access-list 98 permit 209.183.254.0 0.0.0.255 access-list 98 permit 10.10.1.0 0.0.0.255 access-list 101 permit ip 10.10.1.0 0.0.0.255 any access-list 101 permit ip 64.39.164.0 0.0.0.255 any ! line con 0 password 7 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX login local speed 115200 line aux 0 line vty 0 4 access-class 98 in password 7 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX login local ! I must be missing something. Thanks,
From: Doug McIntyre on 15 Sep 2009 15:32 Stevo <riskinit(a)gmail.com> writes: >On Sep 15, 12:16=A0pm, Doug McIntyre <mer...(a)geeks.org> wrote: >Thanks for the Info. This is no different than my configuration >listed below: >interface Ethernet0 > ip address 64.39.164.230 255.255.255.248 > ip nat outside >interface FastEthernet0 > ip address 10.10.1.1 255.255.255.0 > ip nat inside >interface Serial0 > ip address 209.183.134.162 255.255.255.252 > ip nat outside >ip nat inside source list 101 interface Serial0 overload I gave you two different setup scenarios. I gave you one without NAT at all, and I gave you pointers to documents laying out a NAT setup. It appears you want to use the 2nd, so disreguard anything I said in the first config. (although if you didn't want NAT turned on for Eth0 just remove the 'ip nat outside' statement, and you'll be routing on Eth0 and NAT'ing on Fa0). If you do want NAT on both interfaces, you don't want your public IPs on Ethernet0 in a NAT configuration setup. That will just NAT translate from 64.39.164.230/29 into 209.183.134.162/30 the way you have things setup. Most likely, you want Eth0 to have a different private IP range than Fa0 does for NAT on both. Then you'll want to setup static 'ip nat' statements mapping the outside public IPs into private internal IPs.
From: Doug McIntyre on 15 Sep 2009 16:15
Doug McIntyre <merlyn(a)geeks.org> writes: >Stevo <riskinit(a)gmail.com> writes: >>On Sep 15, 12:16=A0pm, Doug McIntyre <mer...(a)geeks.org> wrote: >>Thanks for the Info. This is no different than my configuration >>listed below: >>interface Ethernet0 >> ip address 64.39.164.230 255.255.255.248 >> ip nat outside >>interface FastEthernet0 >> ip address 10.10.1.1 255.255.255.0 >> ip nat inside >>interface Serial0 >> ip address 209.183.134.162 255.255.255.252 >> ip nat outside >>ip nat inside source list 101 interface Serial0 overload >I gave you two different setup scenarios. I gave you one without NAT >at all, and I gave you pointers to documents laying out a NAT setup. >It appears you want to use the 2nd, so disreguard anything I said in >the first config. (although if you didn't want NAT turned on for Eth0 >just remove the 'ip nat outside' statement, and you'll be routing on >Eth0 and NAT'ing on Fa0). I should have said here, that you appear to have taken off in a 3rd direction, in having NAT on one interface, and routed IPs on another. Is that correct? |