Multiple Wan Addresses and routing

Unanswered Question
Feb 21st, 2007

Hi all,

I have a cisco 1721 router. It doesn't have the advanced ios security.

I would like to be able to give it multiple wan addresses given by isp and then route these so that I can give a user a static ip address. I would need to be able to forward all ports to this users own firewall and also have all traffic from him showing up as his static address.

Can I do this without the advanced ios security package ?

My config is below

Current configuration : 3362 bytes

!

version 12.4

no service pad

service tcp-keepalives-in

service tcp-keepalives-out

service timestamps debug datetime msec localtime show-timezone

service timestamps log datetime msec localtime show-timezone

service password-encryption

service sequence-numbers

!

hostname cisco1721

!

boot-start-marker

boot-end-marker

!

security authentication failure rate 3 log

security passwords min-length 6

logging buffered 51200 debugging

logging console critical

enable secret 5 xxxxxxxxxxxxxxxxxxxxx

!

aaa new-model

!

!

aaa authentication login local_authen local

aaa authorization exec local_author local

!

aaa session-id common

!

resource policy

!

clock timezone PCTime 12

clock summer-time PCTime date Mar 16 2003 3:00 Oct 5 2003 2:00

ip subnet-zero

no ip source-route

!

!

no ip dhcp use vrf connected

ip dhcp excluded-address 192.168.60.1 192.168.60.99

ip dhcp excluded-address 192.168.60.151 192.168.60.254

!

ip dhcp pool sdm-pool1

import all

network 192.168.60.0 255.255.255.0

dns-server 203.97.33.1 203.97.37.1

default-router 192.168.60.254

!

!

ip tcp synwait-time 10

ip cef

ip domain name scorch.co.nz

ip name-server 203.97.33.1

ip name-server 203.97.37.1

no ip bootp server

!

username xxxx privilege 15 secret 5 xxxxxxxxxxxxxxxxxxxxxx/

!

!

!

interface Null0

no ip unreachables

!

interface Ethernet0

description $ES_WAN$$FW_OUTSIDE$$ETH-WAN$

ip address 192.168.10.222 255.255.255.0

ip verify unicast reverse-path

no ip redirects

no ip unreachables

no ip proxy-arp

ip nat outside

ip virtual-reassembly

ip route-cache flow

half-duplex

!

interface FastEthernet0

description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-10/100 Ethernet$$ES_LAN$$FW_INSIDE$

ip address 192.168.60.254 255.255.255.0

no ip redirects

no ip unreachables

no ip proxy-arp

ip nat inside

ip virtual-reassembly

ip route-cache flow

speed auto

!

ip classless

ip route 0.0.0.0 0.0.0.0 10.14.0.253

ip http server

ip http authentication local

ip http timeout-policy idle 600 life 86400 requests 10000

!

ip nat inside source list 1 interface Ethernet0 overload

!

logging trap debugging

access-list 1 remark INSIDE_IF=FastEthernet0

access-list 1 remark SDM_ACL Category=2

access-list 1 permit 192.168.60.0 0.0.0.255

access-list 100 remark VTY Access-class list

access-list 100 remark SDM_ACL Category=1

access-list 100 permit ip 192.168.60.0 0.0.0.255 any

access-list 100 deny ip any any

access-list 101 permit gre any any

access-list 101 deny ip 192.168.50.0 0.0.0.255 any

access-list 101 deny ip 10.0.0.0 0.255.255.255 any

access-list 101 permit esp any any

access-list 101 deny ip 172.16.0.0 0.15.255.255 any

access-list 101 deny ip 192.168.0.0 0.0.255.255 any

access-list 101 deny ip 127.0.0.0 0.255.255.255 any

access-list 101 deny ip host 255.255.255.255 any

no cdp run

!

control-plane

!

banner login ^CAuthorized access only!

Disconnect IMMEDIATELY if you are not an authorized user!^C

!

line con 0

login authentication local_authen

transport output telnet

line aux 0

login authentication local_authen

transport output telnet

line vty 0 4

access-class 100 in

authorization exec local_author

login authentication local_authen

transport input telnet

line vty 5 15

access-class 100 in

authorization exec local_author

login authentication local_authen

transport input telnet

!

scheduler allocate 4000 1000

scheduler interval 500

end

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion