Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
318
Views
0
Helpful
3
Replies

Internet Access through secondary ethernet

magicpccisco
Level 1
Level 1

‎04-17-2007 07:32 AM - edited ‎03-03-2019 04:34 PM

I have a Cisco router with 2-ethernet ports and 1-serial port in use.

The serial port a frame relay to my ISP for my internet access.

The first ethernet port is configured with one of my public ip's going to a pix firewall.

I want to use the second ether port with a 10.x.x.x/24 subnet to just allow internet access. Basically this port will go to a dedicated switch running a dhcp wireless router, thus creating kind of a DMZ of sorts.

The ip route 0.0.0.0 0.0.0.0 x.x.x.x where x.x.x.x is the public IP to my ISP is in place.

The wireless and switch work, allowing me to ping the ethernet port, the ISP public ip on the serial port, and my public ip on my first ethernet port. However, I can not ping any public addresses, like google, yahoo, etc.

I thought that the ip route 0.0.0.0 0.0.0.0 x.x.x.x (where x.x.x.x is the public ip to my isp) basically routed all public traffic that hit the router out of that serial interface.

Am I correct?

Can someone let me know if this is possible?

The goal is to allow the 10.x.x.x/24 network off of the secondary ethernet port internet access. Thanks to anyone for any help or guidance.

Labels:
0 Helpful
3 Replies 3

d-mark
Level 1
Level 1

‎04-17-2007 07:53 AM

Hi,

if you haven't done NAT, I think this won't work. Try something like:

interface serial0

description connection to internet

ip nat outside

!

interface ethernet0

description connection to your firewall

ip nat outside

!

interface ethernet1

description conncetion to your WLAN

ip nat inside

ip address 10.x.x.x 255.255.255.0

!

ip nat pool WLAN_INTERNET netmask

ip nat inside source list WLAN pool WLAN_INTERNET overload

!

ip access-list extended WLAN

permit ip 10.x.x.x 0.0.0.255 any

!

HTH

Mark

0 Helpful

magicpccisco
Level 1
Level 1
In response to d-mark

‎04-17-2007 10:28 PM

Thank you for your prompt response Mark, I will give this a try.

One question, in your example above, you refer to:

Can you elaborate on the use of the word free?

Do you simply mean my public ip pool?

Thank you again for your help.

It is greatly appreciated.

0 Helpful

d-mark
Level 1
Level 1
In response to magicpccisco

‎04-18-2007 01:56 AM

Hi,

what I mean is one (or more) of your free, not yet used, public ip adresses.

For example let's say you have been assigned the ip network 192.0.2.0/29 from your internet service provider. And at the moment you are only using 192.0.2.0/30 for the connection between your router an your firewall. So the ip net 192.0.2.4/30 is free. Than you could configure something like:

ip nat pool WLAN_INTERNET 192.0.2.5 192.0.2.6 netmask 255.255.255.252

HTH

Mark

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card