cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
439
Views
0
Helpful
2
Replies

Setup Question

dj214
Level 1
Level 1

Hello All:

Quick setup question. I have a circuit delivered to me via RJ45 drop from ISP. I have my end terminated into a 3640 router FastEthernet Port FA0/0.

interface FastEthernet0/0
description LightPath CKT - 06ZZX1800078
ip address 61.1.1.2 255.255.255.252            
ip nat outside
speed 100
full-duplex

The above is our connect to their router. To bring the bandwidth in to my users, i have configured another FastEthernet Port on same router which temrinates into our FW. I used one of our global IP's and assigned it to FA0/1 as indivated below.

interface FastEthernet0/1
description LINK TO NSA3500 WAN <GATEWAY>
ip address 61.x.x.x 255.255.255.224
speed 100
full-duplex

The other side of this as mentioned terminates into our firewall with another global ip assigned to that interface which is the GW for my users. This is all working fine buy I want to know if this is the "correct" way to accomplish this.

Thanks

1 Accepted Solution

Accepted Solutions

Jon Marshall
Hall of Fame
Hall of Fame

DJ214 wrote:

Hello All:

Quick setup question. I have a circuit delivered to me via RJ45 drop from ISP. I have my end terminated into a 3640 router FastEthernet Port FA0/0.

interface FastEthernet0/0
description LightPath CKT - 06ZZX1800078
ip address 61.1.1.2 255.255.255.252            
ip nat outside
speed 100
full-duplex

The above is our connect to their router. To bring the bandwidth in to my users, i have configured another FastEthernet Port on same router which temrinates into our FW. I used one of our global IP's and assigned it to FA0/1 as indivated below.

interface FastEthernet0/1
description LINK TO NSA3500 WAN
ip address 61.x.x.x 255.255.255.224
speed 100
full-duplex

The other side of this as mentioned terminates into our firewall with another global ip assigned to that interface which is the GW for my users. This is all working fine buy I want to know if this is the "correct" way to accomplish this.

Thanks

What you have is a common setup altho the bit that is a little unclear is -

The other side of this as mentioned terminates into our firewall with another global ip assigned to that interface which is the GW for my users.

I would have thought your users would have the GW of the internal interface IP address on your firewall not it's outside interface. Can you confirm ?

Jon

View solution in original post

2 Replies 2

Jon Marshall
Hall of Fame
Hall of Fame

DJ214 wrote:

Hello All:

Quick setup question. I have a circuit delivered to me via RJ45 drop from ISP. I have my end terminated into a 3640 router FastEthernet Port FA0/0.

interface FastEthernet0/0
description LightPath CKT - 06ZZX1800078
ip address 61.1.1.2 255.255.255.252            
ip nat outside
speed 100
full-duplex

The above is our connect to their router. To bring the bandwidth in to my users, i have configured another FastEthernet Port on same router which temrinates into our FW. I used one of our global IP's and assigned it to FA0/1 as indivated below.

interface FastEthernet0/1
description LINK TO NSA3500 WAN
ip address 61.x.x.x 255.255.255.224
speed 100
full-duplex

The other side of this as mentioned terminates into our firewall with another global ip assigned to that interface which is the GW for my users. This is all working fine buy I want to know if this is the "correct" way to accomplish this.

Thanks

What you have is a common setup altho the bit that is a little unclear is -

The other side of this as mentioned terminates into our firewall with another global ip assigned to that interface which is the GW for my users.

I would have thought your users would have the GW of the internal interface IP address on your firewall not it's outside interface. Can you confirm ?

Jon

My mistake - that's correct. They use the internal 10.0.5.x which is natted. But I'm glad this is pretty much the norm. This had been scrutinized lately  and just needed a second opinion.

Thanks Jon

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: