03-17-2009 10:52 AM - edited 03-06-2019 04:39 AM
Hi all,
My company has recently purchased a Cisco 1811w security router, and the responsibility of getting it up and running (and getting a new network scheme up and running for that matter) has been placed in my lap. While I did take a few networking classes in college, I'm a software engineer by trade and the whole Cisco router configuration is a whole new world.
My requirements are to set the router up to allow for 2 private networks (i.e. 10.10.10.0 and 10.10.20.0). The 2 networks need to be able to communicate with each other on a restricted level, such as nodes on 10.10.20.0 can only access 2 specific hosts on 10.10.10.0 and visa versa. Remote VPN is also a requirement, so that employees from home can access their work computers.
I know there is a lot of documentation on Cisco's website explaining how to do this, but it's getting difficult sifting through all of it to get what I need.
Can anyone offer some direction, such as specific documents I should read, and/or specific network setup/configurations I need to put in place to meet the above requirements.
Your help is much appreciated.
03-17-2009 11:22 AM
Do you have a layer 3 switch that you're connecting the router to?
A few questions first:
1. Do you know how to get into the router?
2. Will you be using NAT?
3. Do you have public addresses for your internet connection, or are they being assigned?
4. What kind of internet connection do you have?
If you can answer the above, I may be able to point you in the right direction.
HTH,
John
*please rate helpful posts*
03-17-2009 03:12 PM
My requirements are to set the router up to allow for 2 private networks (i.e. 10.10.10.0 and 10.10.20.0).
Configuring Fast Ethernet and Gigabit Ethernet Interfaces
03-17-2009 03:18 PM
The 2 networks need to be able to communicate with each other on a restricted level, such as nodes on 10.10.20.0 can only access 2 specific hosts on 10.10.10.0 and visa versa.
Configuring IP Access Lists
http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_tech_note09186a00800a5b9a.shtml
03-17-2009 03:19 PM
Remote VPN is also a requirement, so that employees from home can access their work computers.
1800 Configuration Example: Easy VPN
http://www.cisco.com/en/US/docs/routers/access/1800/1841/software/configuration/guide/ezvpn.html
03-18-2009 12:30 PM
Do you have a layer 3 switch that you're connecting the router to?
1. Do you know how to get into the router?
2. Will you be using NAT?
3. Do you have public addresses for your internet connection, or are they being assigned?
4. What kind of internet connection do you have?
------------------------------------
Concerning the switches: We do have several switches. I don't know if they are layer 3, or how I would even tell. Off the router I do plan on having 2 main switches (1 for each network). Branching off from the 2 main switches will be several other switches, pc's, printers etc. (the standard stuff).
1. Yes, I do know how to get into the router, and currently I have set up 2 VLAN's, one for 10.10.10.0 and the other for 10.10.20.0; and I have the 2 networks talking to each other. Is this a good setup or no?
2. I won't be having any routers behind the Cisco 1811, so I don't think I will be needing any internal NAT, but I'm not sure.
3. We do have public static IP addresses, 10 of them to be exact. We basically have 2 departments at the company. Each department has their own modem/router with 5 static IPs coming in. The plan is to have these 2 modems directed to the Cisco 1811, one pluging into FE0 and the other into FE1 on the back of the 1811. Then network 10.10.10.0 will have access to the 5 IP's through FE0, and network 10.10.20.0 will have access to the 5 IP's throuch FE1.
4. The internet connection is DSL.
leolaohoo - looking into your suggestions now.
04-07-2009 04:57 AM
Hiii
1.
Is good idea set up VLAN for each network.
2. You nedd set up NAT, Read,
the following.
http://articles.techrepublic.com.com/5100-10878_11-1039094.html
3. You define pools using NAT
Jimmy
04-07-2009 04:59 AM
Also define sub-interface for each VLAN, to use NAT for each LAN
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide