Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Need help with 1760 + WIC 4ESW

First off, I have learned I do not know as much about routers as I thought I did - and that wasn't much.

My situation. We have a 1760 router with a T1 WIC and 4ESW which is not being used.

We have a /29 subnet and 4 servers with public IPs and one server with a private ip address.

Currently Serial0/0 is running IP unnumbered to Ethernet0/0, and all servers come off a switch connected to the ethernet port.

What I would like to do is, at a minimum configure the router so that Serial 0/0 has its own IP and the NATed internal network and servers with public addresses be reached via an IP address on the Ethernet 0/0 (this is because SDM insists on having 2 ports with IPs to configure firewall).

Ideally, I would like to have my private network and one server inside Ethernet0/0 and the 4 servers with public addresses on the 4ESW.

I received a suggestion in another forum that I use IRB, and bridge the serial port with VLAN1. Tried that and got VLAN Protocol down.

Any help would be appreciated. I can post both my current config as well as what I tried, but it might be easier to start from scratch.


Re: Need help with 1760 + WIC 4ESW

you do not use interface vlan with the bridge interfaces using IRB, for that you need to create interface irb, not interface vlan. You posting the current config with a detail explanation of the goal might help. The 4 interface in 4ESW are switchports and on certain IOS they can be L3 interfaces.

New Member

Re: Need help with 1760 + WIC 4ESW

Thanks, will post original config, along with what I am trying to accomplish when I get in to work.

New Member

Re: Need help with 1760 + WIC 4ESW

I have a small LAN with a 1760 router. The router contains a T1 CSU/DSU and a WIC4 ESW.

I have recently upgraded the IOS to (C1700-ADVSECURITYK9-M), Version 12.3(11)T5, with the goal of using the security features of the IOS to protect my network.

The present configuration has Serial 0/0 IP unnumbered to FastEthernet0/0.

When I run SDM to help me get started configuring security, it says there must be 2 interfaces with IP addresses. My current config only has one interface with an IP address.

What I have is a small lan with one server serving as a Domain Controller on my private network. I have 4 servers on the subnet. This is the only router in the system. It is providing DHCP and NAT to my internal network.

I would like to use the 4 port switch to create a DMZ by attaching the 4 servers with public IP addresses to the switch ports.

On the servers, one is a Citrix/web server, one is a SQL server which handles the database for the web server, a mail server and one is an IVR (integrated voice response) server.

I found a config file where the author had created a bridge group to do what I am trying, so I attempted to modify my config to work like his.

I have attached my modified config to this post.

I appreciate all help; getting a lot of pressure from the boss who doesn't understand this is just a bit different config than what someone who is still working towards a CCNA might feel confident with.