Cisco 871 Router Setup for Public & Private IPs use

Unanswered Question
May 21st, 2008
User Badges:

Hi all,

Currently, I'm using a Cisco 1721 Router at my HQ with 1 serial wan and 1 ethernet lan port for my network. This router is connected directly to a 8-port gigabit switch where all servers (all servers have 2 NICs but only using 1) and 2 Cisco Catalyst 2950T 24-Port Switches are connected. Local PCs are connected to these 2950T.

The 1721 perform the NAT and while a server does the DHCP.

Static NAT from inside interface to outside i.e. private ip addresses to public ip addresses is also configured on the router to allow outside access to the servers. This is working well for the servers needs.

Now, I'm tasked to configure the network for Toshiba VoIP system using the same internet connection.

Note: Users will still be using the current digital phones and only the back-end pabx is converted to VoIP. As such, the VoIP and local network are physically separated.

I've tried doing the same static NAT for each Toshiba LIPU cards as described above for the servers using other unused public ip addresses but apparently it does not work as Toshiba engineers claimed their system does not work with NAT and that the LIPU cards must be assigned directly with public ip addresses.

Nevertheless, I'm due to received a Cisco 871 Router most probably with default Base Image as part of subscription to our local ISP Ethernet Access Package with the same numbers of 16 public IP addresses for use as the soon to be replaced leased line.

I read that the 871 support 2 VLANs with Base Image. One VLAN dedicated to DMZ. However, I'm not sure if the Base Image also support DMZ. Also due to my lack of knowledge, I also do not know if VLANs and DMZ are indeed the features that I'm looking for that will support the Toshiba VoIP system with its need for public ip addresses and yet retaining as much as possible existing setup for the servers and LAN.

Therefore, I need to know if 871 will support the following requirements and if so through which features and the necessary configuration (briefly) to do.


1)Router to allow private ip addresses (local users) to access the internet as per normal.

2)Router to allow static NAT from inside interface to outside i.e. private ip addresses to public ip addresses for current servers as describe above in current setup.

3)VLANs and/or DMZ to allow 3 x ip addresses to be assigned directly on 3 x Toshiba LIPU cards.

Hope I've provided the enough info and appreciate any form of help.

Thank you.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
BlueChipComputers Sat, 05/24/2008 - 10:47
User Badges:

Is there no one who can offer any input?

Or at least advise if part number CISCO871-K9 default/base image is indeed Advanced Security Feature Set as quoted below.

I need to know in particular if CISCO871-K9 supports 2 VLANs with Base Image. One VLAN dedicated to DMZ.

Quote from seems to suggest it does.

"Cisco IOS Software Features on Cisco 870 Series Routers-Advanced Security Feature Set (Default"

"Support for 2 VLANs with Base Image. One VLAN dedicated to DMZ."

Where as quote from suggest VLANs only supported with Advanced IP Services.

I'm confused...


This Discussion