Cisco 877 Router

Unanswered Question
Mar 31st, 2008

Hi,

I have just got one of these and unsure how to configure it. I have 8 useable IPs from my ISP and behind the router will be a Cisco ASA 5505. One of my public IPs is configured on the external interface of the ASA. Therefore, what I want is for my 877 to be able to receive traffic for any of my public IPs, and then to route the traffic through to the ASA. I have tried this with SDM but cannot get it to work :(

Help would be appreciated.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Pavel Bykov Tue, 04/01/2008 - 01:17

create a static route with the IPs pointing to ASA as next hop.

example on 877:

>enable

#config t

(config)#ip route 10.0.0.0 0.0.0.7 5.5.5.5

5.5.5.5 is the address of ASA in this example, and the registered addresses are 10.0.0.0 to 10.0.0.7

If the addresses are not contiguous, for example you will get 1.1.1.1 2.2.2.2 and 3.3.3.3 from your ISP you can do the followung (again, ASA being the gateway)

:

ip route 1.1.1.1 0.0.0.0 5.5.5.5

ip route 2.2.2.2 0.0.0.0 5.5.5.5

ip route 3.3.3.3 0.0.0.0 5.5.5.5

Also add this for the internet:

ip route 0.0.0.0 0.0.0.0 x.x.x.x where x.x.x.x is the ip address of the neighboring ISP device.

uxbod1971 Tue, 04/01/2008 - 01:29

Hi,

Many thanks for that.

Finally, I have setup ATM.0 (Dialer0) for connecting to my ISP, but what about internally? VLAN1 is bound to FE1/3 and FE0 is marked as Trunk. I presume FE0 should be connected to the ASA ?

Regards,

uxbod1971 Sun, 04/06/2008 - 01:43

Okay, my 877 now connects to my ISP okay once I set the default route to be via Dialer0. My issue now is connecting it to the ASA. Before I installed the 877 my network was configured as follows using a Draytek router :-

Outside Interface (X.X.X.137) -> Inside Interface (X.X.X.138) -> Outside Interface ASA (X.X.X.139) -> Inside Interface ASA (192.168.1.1)

When I replace the Draytek with the 877 it will not let me do the same configuration as above, as it complains that the VLAN IP overlaps with the Dialer. So I setup a seperate VLAN (2) on FA3 using the IP 10.10.10.1 and then had the following config :-

issue now is connecting it to the ASA. Before I installed the 877 my network was configured as follows using a Draytek router :-

Outside Interface (X.X.X.137) -> Inside Interface (10.10.10.1) -> Outside Interface ASA (10.10.10.2) -> Inside Interface ASA (192.168.1.1)

This did not work and I could not route to the outside world :(

Help would be appreciated on how I can get this setup to work as it is frying my brain :(

TIA

Paolo Bevilacqua Sun, 04/06/2008 - 03:27

Hi,

Which kind of connection do you have ? Eg if if PPPoE the easier would be to set router as pure bridge and let the ASA handle all the addressing issues.

Alternatively, considering the router can all what the ASA does, eliminate the altter altogether.

uxbod1971 Sun, 04/06/2008 - 05:21

The 877 is connecting via PPPoA. Want to keep both in the loop as a double layer of protection.

Actions

This Discussion