04-17-2007 07:32 AM - edited 03-03-2019 04:34 PM
I have a Cisco router with 2-ethernet ports and 1-serial port in use.
The serial port a frame relay to my ISP for my internet access.
The first ethernet port is configured with one of my public ip's going to a pix firewall.
I want to use the second ether port with a 10.x.x.x/24 subnet to just allow internet access. Basically this port will go to a dedicated switch running a dhcp wireless router, thus creating kind of a DMZ of sorts.
The ip route 0.0.0.0 0.0.0.0 x.x.x.x where x.x.x.x is the public IP to my ISP is in place.
The wireless and switch work, allowing me to ping the ethernet port, the ISP public ip on the serial port, and my public ip on my first ethernet port. However, I can not ping any public addresses, like google, yahoo, etc.
I thought that the ip route 0.0.0.0 0.0.0.0 x.x.x.x (where x.x.x.x is the public ip to my isp) basically routed all public traffic that hit the router out of that serial interface.
Am I correct?
Can someone let me know if this is possible?
The goal is to allow the 10.x.x.x/24 network off of the secondary ethernet port internet access. Thanks to anyone for any help or guidance.
04-17-2007 07:53 AM
Hi,
if you haven't done NAT, I think this won't work. Try something like:
interface serial0
description connection to internet
ip nat outside
!
interface ethernet0
description connection to your firewall
ip nat outside
!
interface ethernet1
description conncetion to your WLAN
ip nat inside
ip address 10.x.x.x 255.255.255.0
!
ip nat pool WLAN_INTERNET
ip nat inside source list WLAN pool WLAN_INTERNET overload
!
ip access-list extended WLAN
permit ip 10.x.x.x 0.0.0.255 any
!
HTH
Mark
04-17-2007 10:28 PM
Thank you for your prompt response Mark, I will give this a try.
One question, in your example above, you refer to:
Can you elaborate on the use of the word free?
Do you simply mean my public ip pool?
Thank you again for your help.
It is greatly appreciated.
04-18-2007 01:56 AM
Hi,
what I mean is one (or more) of your free, not yet used, public ip adresses.
For example let's say you have been assigned the ip network 192.0.2.0/29 from your internet service provider. And at the moment you are only using 192.0.2.0/30 for the connection between your router an your firewall. So the ip net 192.0.2.4/30 is free. Than you could configure something like:
ip nat pool WLAN_INTERNET 192.0.2.5 192.0.2.6 netmask 255.255.255.252
HTH
Mark
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide