Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
381
Views
0
Helpful
3
Replies

Cisco 876 integrated services router and SBS2003

ianmurdoch
Level 1
Level 1

‎05-21-2007 05:33 AM - edited ‎03-03-2019 05:04 PM

Please help as I am tearing my hair out trying to get this working and have little experience with Router setups.

I have installed an SBS2003 server with 2 NIC's and am trying to install a CISCO 876 router to control the internet access.

Here is the network to be defined :-

Fixed IP provided by ISP

Router external interface as FIXED IP

VLAN1 defined as 10.10.10.1, with DHCP

External NIC of SBS2003 10.10.10.2

Internal NIC of SBS2003 192.168.1.101

Workstations have 192.168.1.x addresses, or 10.10.10.x addresses.

Here is what I want to achieve :-

Most user devices will sit off the 192.168.1.x network range. The 10.10.10.1 range will be used for network cameras etc. The SBS2003 server is an EXCHANGE email server, DNS server and provides DHCP for workstations on the 192.168.1.x network.

The address 192.168.1.101 needs to recieve all SMTP mail (port 25)

Also I want 443, 444, and VPN ports routed to SBS2003 server.

Address 192.168.1.23 is a Blackberry server and so has to receive messages for port 3101 both TCP and UDP.

All 192.168.1.x and 10.10.10.x addresses should be able to reach internet.

Please let me know what fixed and dynamic routes I should set up in router, should I use RIP and where NAT should be translating to in the router to send the smtp email messages and other things to SBS2003 server. (Should it be the external 10.10.10.2 address or the server address 192.168.1.101 ? )

(I have set it up for both but never get any messages into the mail server when testing it :-) - I have had to back out changes now so the network is not live, I have gone back to an ADSL modem only )

Thanks in advance

Ian Murdoch

Labels:
0 Helpful
3 Replies 3

bjornarsb
Level 4
Level 4

‎05-21-2007 05:44 AM

Hi,

If I have understood your setup it would be something like this:

ip nat inside source static 192.168.1.101 172.16.131.10 (public)

ip nat inside source static 192.168.1.23 172.16.131.11(public)

ip nat inside source list 7 int e 1 overload

interface e 0

ip address 10.10.10.1 255.255.255.0

ip nat inside

interface e 1

ip address 172.16.130.2 255.255.255.0

ip nat outside

ip route 0.0.0.0 0.0.0.0 172.16.130.254 (public gateway)

access-list 7 permit 10.10.10.0 0.0.0.255

access-list 7 permit 192.168.1.0 0.0.0.255

HTH, tell if it does not :)

Regards,

Bjornarsb

0 Helpful

ianmurdoch
Level 1
Level 1
In response to bjornarsb

‎05-21-2007 06:46 AM

Bjornarsb

Thanks for the fast response.

Can I assume that 172.16.131.11 in this example is the fixed IP from the ISP, if so what are 172.16.130.254 and 172.16.130.2 (DNS servers or something else ?)

Would I need to do any Nat for the specific ports or would this not be necessary.

Ian

0 Helpful

bjornarsb
Level 4
Level 4
In response to ianmurdoch

‎05-21-2007 07:36 AM

Hi again,

172.16.130.254 is your default gateway (your IPS's router)

Since i've set up static nat it will work for all ports for each ip. ( 172.16.130.10 an .11)

Second, 172.16.130.2 is your wan IP (public)

towards your ISP. You need to set up dns to your ISP dns server. (in your dhcp scope)

If you want a scope for 192.168.1.X

you need to create another vlan for that subnet and dhcp on the router.

172.16.130.0 is used as example. its actually private addresses.

HTH

Regards,

Bjornarsb

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card