Internet Access through secondary ethernet

Unanswered Question
Apr 17th, 2007
User Badges:

I have a Cisco router with 2-ethernet ports and 1-serial port in use.

The serial port a frame relay to my ISP for my internet access.

The first ethernet port is configured with one of my public ip's going to a pix firewall.

I want to use the second ether port with a 10.x.x.x/24 subnet to just allow internet access. Basically this port will go to a dedicated switch running a dhcp wireless router, thus creating kind of a DMZ of sorts.

The ip route x.x.x.x where x.x.x.x is the public IP to my ISP is in place.

The wireless and switch work, allowing me to ping the ethernet port, the ISP public ip on the serial port, and my public ip on my first ethernet port. However, I can not ping any public addresses, like google, yahoo, etc.

I thought that the ip route x.x.x.x (where x.x.x.x is the public ip to my isp) basically routed all public traffic that hit the router out of that serial interface.

Am I correct?

Can someone let me know if this is possible?

The goal is to allow the 10.x.x.x/24 network off of the secondary ethernet port internet access. Thanks to anyone for any help or guidance.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
d-mark Tue, 04/17/2007 - 07:53
User Badges:


if you haven't done NAT, I think this won't work. Try something like:

interface serial0

description connection to internet

ip nat outside


interface ethernet0

description connection to your firewall

ip nat outside


interface ethernet1

description conncetion to your WLAN

ip nat inside

ip address 10.x.x.x


ip nat pool WLAN_INTERNET netmask

ip nat inside source list WLAN pool WLAN_INTERNET overload


ip access-list extended WLAN

permit ip 10.x.x.x any




magicpccisco Tue, 04/17/2007 - 22:28
User Badges:

Thank you for your prompt response Mark, I will give this a try.

One question, in your example above, you refer to:

Can you elaborate on the use of the word free?

Do you simply mean my public ip pool?

Thank you again for your help.

It is greatly appreciated.

d-mark Wed, 04/18/2007 - 01:56
User Badges:


what I mean is one (or more) of your free, not yet used, public ip adresses.

For example let's say you have been assigned the ip network from your internet service provider. And at the moment you are only using for the connection between your router an your firewall. So the ip net is free. Than you could configure something like:

ip nat pool WLAN_INTERNET netmask




This Discussion