Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Easy networking question for the Vets..

I'm setting up 100 wireless laptops for my company's convention like so:

Cisco1720 Router >3COM switch> Cisco1200AP> wirelessClient.

the router is providing DHCP + NATing 1 pool of addresses (10.1.1.10- 100) out 1 eth0 WAN interface. I want to add a 2nd 1200AP to provide wireless for ~60 attendees but i'd prefer a 2nd DHCP pool w/ short lease and NAT those out same eth0 Wan interface. WHAT would be the easiest way to accomplish? if i create a 2nd pool/network on the router, say 10.1.99.1- 100

can i NAT those out the same interface. OR do i have to create VLANs? THANKS

10 REPLIES
Hall of Fame Super Blue

Re: Easy networking question for the Vets..

"can i NAT those out the same interface. How? THANKS"

Sure you can, just add it to the existing acl you use for NAT ie. lets say your existing pool is 192.168.5.0/24

you should have something like this on your 1720

access-list 101 permit ip 192.168.5.0 0.0.0.255

ip nat inside source list 101 interface eth0 overload

so just add your new pool to acl 101

Jon

New Member

Re: Easy networking question for the Vets..

ok so here's my config:

I create a 2nd pool, and add those 2 statments and then i have to set my 2nd AP to use those addreses? i'm confusing myself :)

thanks

rsion 12.3

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname icaferouter

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$mm9l$73KJh6BcukJSDLg2s2TZ8/

!

clock timezone est -5

mmi polling-interval 60

no mmi auto-configure

no mmi pvc

mmi snmp-timeout 180

no aaa new-model

ip subnet-zero

ip cef

!

!

ip dhcp excluded-address 10.1.1.1 10.1.1.10

!

ip dhcp pool icafe

network 10.1.1.0 255.255.255.0

default-router 10.1.1.1

dns-server 1.1.1.1

lease 10

!

ip flow-cache timeout active 1

no ip domain lookup

ip name-server 205.171.2.65

no ftp-server write-enable

!

!

!

!

interface Ethernet0

ip address 71.216.212.235 255.255.255.248

ip nat outside

ip route-cache flow

shutdown

half-duplex

!

interface FastEthernet0

ip address 10.1.1.1 255.255.255.0

ip nat inside

ip route-cache flow

speed 100

full-duplex

!

ip nat inside source list 1 interface Ethernet0 overload

ip classless

ip route 0.0.0.0 0.0.0.0 71.216.212.238

no ip http server

!

access-list 1 permit 10.0.0.0 0.255.255.255

Hall of Fame Super Blue

Re: Easy networking question for the Vets..

Actually you don't need to add anything because your acl

access-list 1 permit 10.0.0.0 0.255.255.255

covers the new pool of addresses you want to add. But which interface will these addresses come in on because fa0 is in the 10.1.1.x network ?

Do you have another interface or are you going to add a secondary address to fa0 ie.

int fa0

ip address 10.1.99.1 255.255.255.0 secondary

Jon

New Member

Re: Easy networking question for the Vets..

no additional fa0 int, so i can create a secondary ip with that statment above?

Hall of Fame Super Blue

Re: Easy networking question for the Vets..

Yes you can.

New Member

Re: Easy networking question for the Vets..

thanks everyone!

New Member

Re: Easy networking question for the Vets..

Hummmm, still not getting an IP in the x.x.99.x range

am i missing something???

++++++++++++++++++++++++++++++++++++++++++++++++++++++++AP CONFIG ++++++++++++++++++++++

enable secret 5 $1$jD8w$xwAvtjhSeMvtpuqZE1mjK.

!

username Cisco password 7 0802455D0A16

ip subnet-zero

ip dhcp excluded-address 10.1.1.1 10.1.1.100

!

dot11 network-map

!

bridge irb

!

!

interface Dot11Radio0

no ip address

no ip route-cache

!

ssid aacrfreenet

guest-mode

!

speed basic-1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0

rts threshold 2312

station-role root

no cdp enable

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

bridge-group 1 spanning-disabled

!

interface FastEthernet0

ip address 10.1.99.2 255.255.255.0

no ip route-cache

speed 100

full-duplex

bridge-group 1

no bridge-group 1 source-learning

bridge-group 1 spanning-disabled

!

interface BVI1

ip address 10.1.99.3 255.255.255.0

no ip route-cache

!

ip default-gateway 10.1.99.1

ip http server

ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag/ivory/1100

ip radius source-interface BVI1

bridge 1 route ip

!

!++++++++++++++++++++++++++++++++++ROUTER CONFIG ++++++++++++++

nable secret 5 $1$mm9l$73KJh6BcukJSDLg2s2TZ8/

!

clock timezone est -5

mmi polling-interval 60

no mmi auto-configure

no mmi pvc

mmi snmp-timeout 180

no aaa new-model

ip subnet-zero

ip cef

!

!

ip dhcp excluded-address 10.1.1.1 10.1.1.10

!

ip dhcp pool icafe

network 10.1.1.0 255.255.255.0

default-router 10.1.1.1

dns-server 1.1.1.1

lease 10

!

ip dhcp pool Freenet

network 10.1.99.0 255.255.255.0

default-router 10.1.99.1

lease 0 0 8

!

ip flow-cache timeout active 1

no ip domain lookup

ip name-server 205.171.2.65

no ftp-server write-enable

!

!

!

!

interface Ethernet0

ip address 71.216.212.235 255.255.255.248

ip nat outside

ip route-cache flow

shutdown

half-duplex

!

interface FastEthernet0

ip address 10.1.99.1 255.255.255.0 secondary

ip address 10.1.1.1 255.255.255.0

ip nat inside

ip route-cache flow

speed 100

full-duplex

!

ip nat inside source list 1 interface Ethernet0 overload

ip classless

ip route 0.0.0.0 0.0.0.0 71.216.212.238

ip flow-export source FastEthernet0

ip flow-export version 5

ip flow-export destination 71.216.212.236 9997

no ip http server

!

access-list 1 permit 10.0.0.0 0.255.255.255

snmp-server community aacr RW

New Member

Re: Easy networking question for the Vets..

i can connect, i just dont get an IP from the DHCP pool x.x.99.x,, i get a 10.1.1.x ip

Hall of Fame Super Gold

Re: Easy networking question for the Vets..

"username Cisco password 7 0802455D0A16" < --- I know this is not related, but next time, remove this and other password-related line. It may be secure and safe in the router but over the net, it doensn't matter if the password is "Cisco". :)

New Member

Re: Easy networking question for the Vets..

aahhhgggg!

r 13 18:22:16.255: DHCPD: DHCPRELEASE message received from client 0100.16ce.77b0.83 (10.1.1.11).

icaferouter#

Apr 13 18:22:34.207: DHCPD: DHCPREQUEST received from client 0100.16ce.77b0.83.

Apr 13 18:22:34.207: DHCPD: client has moved to a new subnet.

Apr 13 18:22:34.207: DHCPD: Sending DHCPNAK to client 0100.16ce.77b0.83.

Apr 13 18:22:34.211: DHCPD: broadcasting BOOTREPLY to client 0016.ce77.b083.

icaferouter#

Apr 13 18:22:35.255: DHCPD: DHCPDISCOVER received from client 0100.16ce.77b0.83 on interface FastEthernet0.

icaferouter#

Apr 13 18:22:37.255: DHCPD: Sending DHCPOFFER to client 0100.16ce.77b0.83 (10.1.1.13).

Apr 13 18:22:37.255: DHCPD: creating ARP entry (10.1.1.13, 0016.ce77.b083).

Apr 13 18:22:37.255: DHCPD: unicasting BOOTREPLY to client 0016.ce77.b083 (10.1.1.13).

Apr 13 18:22:37.343: DHCPD: DHCPREQUEST received from client 0100.16ce.77b0.83.

Apr 13 18:22:37.343: DHCPD: Sending DHCPACK to client 0100.16ce.77b0.83 (10.1.1.13).

Apr 13 18:22:37.343: DHCPD: creating ARP entry (10.1.1.13, 0016.ce77.b083).

Apr 13 18:22:37.343: DHCPD: unicasting BOOTREPLY to client 0016.ce77.b083 (10.1.1.13).

icaferouter#

icaferouter#

179
Views
0
Helpful
10
Replies