cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1702
Views
0
Helpful
11
Replies

Need help setting up 2 Static IPs on one router

Roshan8484
Level 1
Level 1

Hi All,

I have a cisco 1812 router. My dsl provider provided me with two static IPs. I want to configure my fast ethernet0 and fast ethernet1 for each IP.

Fast Ethernet 0

Currently I have this port configured as a dialer to the PPPoE for one of the static IPs that my ISP provided me with. That ip is then natted and routed to all the other ports on the switch using VLAN1 IP range 192.168.1.1 - 192.168.1.254 (Port 2-9). All my other devices are connected to these ports.

Fast Ethernet 1

Currently I dont have any connection to this port. I would like to use my other static IP that my ISP gave me and setup the PPPoE dialer for Fast ethernet 1. I then want to configure Port 9 to carry this signal. I will then connect my server to port 9 via cat 5. My server could have the static Public IP  or we can nat it and create a new VLAN. I basically need help setting up the Fast Ethernet 1 connection. I already have the Fast Ethernet 0 connection up and running.

Please assist

Thanks

Ro

11 Replies 11

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Ro,

if I have understood correctly you would like to install a second DSL line and you would like to use it for a server.

I think that configuring a second private Vlan to be used on port9 where you connect the server makes it possible.

you need to create the L2 vlan first

vlan database

vlan 2

name server

apply

exit

! you need to write apply or exit to have the vlan created

int fas0/9

switchport

switchport mode access

switchport access vlan 2

int vlan 2

ip address 192.168.2.1 255.255.255.0

ip nat inside

! you need to enable it explicitly:

no shut

access-list 112 deny ip 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255

access-list 112 permit ip 192.168.2.0 0.0.0.255 any

route-map NAT2 permit 10

match ip address 112

set interface dialer2

ip nat source inside route-map NAT2 interface dialer2

where dialer2 is the interface you configure for PPPoE client on Fast0/1

int dialer2

mtu 1492

ip nat ouside

ip address negotiated

encapsulation ppp

dialer pool 2

dialer-group 2

int fas0/1

no ip address

! reference to pool 2 here

I would give a private ip address to the server, you may want to add other servers in the future, and also for better security

Hope to help

Giuseppe

Guislar,

Thanks for the quick response. I believe you answered the second part of my question regarding how to conifugre port 9. But I still need help setting up my Fast Ethernet1.

I have two static IPs provided by my ISP. XX.XX.XX.51 and XX.XX.XX.52

I have already setup my Fast Ethernet 0 (dialer0) with PPPoE with the IP xx.xx.xx.51 which nat translates to VLAN1 for ports (2-8).

Now when I try to setup my Fast Ethernet 1 (dialer1) with PPPoE with the IP xx.xx.xx.52 it doesnt allow me to it says that the ip is already in use by dialer0.

Any suggestions.

I want my FE0 to stay as is (this is my normal network where all my devices are)

I want my FE1 to be setup for my hosting server

What subnet mask is associated with these interfaces?  Typically if you get a second static from an ISP they are giving you another static address in the same subnet, in which case you cannot set up another interface for the second address because the router will not know what to do with traffic that is destined for that network.  I don't think you need the second interface on the router for the second IP address, but rather you need to setup a static nat entry for the server so that the internal address of the server is one-to-one natted to the second IP address from your ISP.  I may be miss understanding your situation though.

I am using 255.255.255.248 for both IPs. I need both ips to be reachable from the outside so I dont think your suggestion will work. ANY IDEAS

Did you have the ISP setup another DSL connection on another line for the second IP address?  What I am saying is this: say your WAN address is 1.1.1.51 with a 255.255.255.248 subnet that is going to give you five usable ip addresses with a default gateway that is the ISPs.  If you purchase a second address (1.1.1.52) it is in the same subnet that your old address is in it is just another address.  You dont have to assign this address to another WAN interface on the router.  You just have to use it for something ie a one-to-one nat to the server that you are trying to use it for.  So your nat statements would look like this.

ip nat inside source list NAT interface fa0 overload      <--- PAT statement

ip nat inside source static 192.168.2 1.1.1.52             <--- one-to-one nat for the server

ip access-list extended NAT

    permit ip 192.168.1.0 0.0.0.255 any

If you have your internal network vlan as 192.168.1.x and your server vlan as 192.168.2.x

Unless you are telling me that your external IP addresses are of the 1.1.1.51 and 1.1.2.52 variety and you literally have two DSL connections not two ip addresses on the same DSL Line (in the same subnet).

My isp provided me one dsl connection, but have two public IPs

Good, that means that you do not need the second physical interface to be set up to utilize this ip address.  Literally all you have to do is a one to one nat with the ip address of the server inside the network.  Think about it this way.  The interface IP address is 1.1.1.51 but it is listening to broadcasts on the 1.1.1.49 - 1.1.1.54 host range with a broadcast address of 1.1.1.55 that interface is listening on that subnet and therefor will respond to 1.1.1.52 if it knows it owns it.  My network for example has 29 static IP addresses with a default gateway that is the ISPs and I still only have ONE ip address configured on the interface, the rest of the IPs that we use are static natted to their respective servers.

Cool,

How would I set this up using sdm. Also will that ip be reachable from the outside?

This may not be exact, because I really don't typically use the SDM, but under configuration under NAT Rules (I think) you want to add a static NAT rule with the original being inside with the inside IP address of the server and the translated being outside with the secondary public address the ISP gave you.  You don't want to do PAT because it is a one-to-one nat.  Assuming that you are allowing whatever traffic you want through your access-lists on that IP address and that your server is on the network with the configured internal IP you should be all set.  When this configuration is done, you should have all of your internal clients going out over the original ip address, but your server should be going out with the new ip address.  The same translation will happen with outside traffic hitting that public IP address which will be translated by your router to the internal address.

How did that go?

I was able to fix it. Thanks.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco