Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

Help moving external IP internal...

Hi,

I've got a Cisco 877 Router connected directly to BT Infinity Broadband (FTTC) and I have 8 external IP addresses.  This is working fine using the following config that only uses 1 of those IP addresses:

interface Ethernet0

no ip address

!

interface Ethernet0.101

encapsulation dot1Q 101

pppoe enable group global

pppoe-client dial-pool-number 1

!

interface ATM0

no ip address

shutdown

no atm ilmi-keepalive

!

interface FastEthernet2

description ** Trunk Port **

switchport mode trunk

no ip address

!

interface FastEthernet3

description ** Trunk Port **

switchport mode trunk

no ip address

!

interface Vlan1

ip address 192.168.1.1 255.255.0.0

ip nat inside

ip virtual-reassembly in

!

interface Dialer1

description ** Zen Fibre **

mtu 1492

ip address negotiated

no ip redirects

no ip unreachables

no ip proxy-arp

ip nbar protocol-discovery

ip flow ingress

ip nat outside

ip virtual-reassembly in

encapsulation ppp

ip tcp adjust-mss 1452

dialer pool 1

ppp authentication pap chap ms-chap callin

ppp chap hostname xxxxxxx

ppp chap password 0 xxxxxxx

ppp ipcp address accept

no cdp enable

ip nat service sip tcp port 5060

ip nat inside source list 1 interface Dialer1 overload

ip route 0.0.0.0 0.0.0.0 Dialer1

ip route 192.168.2.0 255.255.255.0 192.168.1.254

!

access-list 1 permit 192.168.0.0 0.0.255.255

I've also got an old 2611XM router running CME 4.1 (hence the ip nat service sip tcp port 5060 command).  The CME is set up and working, but at the moment I can't accept incoming calls.  After much configuration trying NAT (as I know NAT to a point!) I don't think its possible with this version of CME that I'm using because CME won't accept the incoming SIP requests as the IP's are wrong due to NAT.  Rather than spend anymore time trying with NAT I want to take one of those external IP addresses, and place it directly on my 2611XM, then set it so the only IP address that can connect to my 2611XM is the SIP trunk provider.  The only think is, I've never really done anything like this and I'm not sure where to start

I think I need to set the rouer to be directly on the internet by bind the IP address to the routers interface:

interface FastEthernet0/0.1

description data

encapsulation dot1Q 1 native

ip address 82.70.85.113 255.255.255.255

Then somehow use a BVI to move that IP from the 877 to the 2611XM while also creating an access list that only allows 212.23.7.226 - 228 to allow to connect to 82.70.85.113.

Can anyone help me out please?

Finally, if this isn't possible, I do have an ASA 5505, but I haven't touched ASA/PIX ever.  I bought it with the intention of studying for CCNA Security, but haven't got around to it yet as I'm looking at CCNA Voice first.

Thanks!

Everyone's tags (5)
147
Views
0
Helpful
0
Replies
CreatePlease to create content