08-06-2009 09:49 AM - edited 03-06-2019 07:07 AM
Hi,
Could someone please take a look at the attached configuration and advise me if I can firstly use a Cisco 877 router for the job and secondly point me in the right direction of the config. My goal is to share an existing ADSL connection with LAN1 (existing private LAN 10.55.0.0) and the proposed hotel 'guest' LAN (192.168.0.0). Obviously I do not want any kind of connectivity between the private and guest LAN. The router is running C870-ADVSECURITYK9-M Version 12.4(11) and I'm guessing I'll need to upgrade to ADVSERVICES.
The current LAN (10.55.0.0) consists of a switched network that plugs into Eth0 on the 877 router. The proposed guest LAN (192.168.0.0) will consist of a small switch plugged into Eth1 and DHCP services will be provided locally by the wireless routers out of different areas of the buildings.
The current configuration (slight amendments for security reasons) is attached.
Thanks.
08-07-2009 03:01 AM
Hi.
I believe it should be possible, and also with the feature set you already have in your router.
I would create a new VLAN interface for the guest net and then assign this VLAN to the FastEthernet1 port.
On Vlan 1 I'd make a new ACL102 to match the 10.55.0.0/16 network and deny the 192.168.0.0 network:
access-list 102 deny ip 10.55.0.0 0.0.255.255 192.168.0.0 0.0.255.255
access-list 102 permit ip 10.55.0.0 0.0.255.255 any
!
interface Vlan1
ip address 10.55.254.55 255.255.0.0
ip access-group 102 in
ip nat inside
ip virtual-reassembly
Then for the hotel network:
access-list 103 deny ip 192.168.0.0 0.0.255.255 10.55.0.0 0.0.255.255
access-list 103 permit ip 192.168.0.0 0.0.255.255 any
Then on new VLAN (e.g. VLAN 2):
interface Vlan2
ip address 192.168.0.1 255.255.0.0
ip access-group 103 in
ip nat inside
ip virtual-reassembly
I have not tried myself to set it up and test it, but it should work. Try it out and see if it does the trick :-)
HTH
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide