11-12-2009 06:10 AM - edited 03-04-2019 06:41 AM
Hi
I currently have a WAN link setup consisting of a 1721 router with 1 x WIC1-ADSL and 1 x FastEthernet Int (with static public IP) that is connected to a 1841 router that is configured to establish VPN tunnels to the WAN and provide DHCP to the LAN.
Internet -- 1721 -- 1841 -- LAN
The problem we have is that this site now requires an additional ADSL link for the Fire & Intruder Alarm and rather than take out another broadband line for this function we would like to utilise the existing one if possible.
Can someone please give me some advise as to whether I could add another interface to the 1721 router and use this for the alarm, bearing in mind that i must also assign this new interface a public ip too?
Can this be done using a single WIC1ADSL and if so please could you explain how?
Many many thanks
Mark Bavington
11-12-2009 01:59 PM
Hello Mark,
how big is the public IP subnet between C1721 and C1841?
you may just need to put a lan switch there and to connect C1721, C1821 and the Fire & Intruder Alarm to three ports of the switch.
if you have just a /30 =255.255.255.252 netmask for C1721 Fast ethernet you have two options:
a) you get from provider a bigger space to accomodate the three hosts.
b) you add a lan interface to the C1721 or you use subinterfaces on it connecting to a lan switch
the new interface/subinterface will use private subnetting but the ip address of Fire & intruder alarm is translated by NAT to the public address on the ADSL/ATM interface.
example
int eth2
ip address 192.168.22.1 255.255.255.248
ip nat inside
int atm0
ip nat outside
ip nat inside source static 192.168.22.2 interface atm0 reversible
where 192.168.22.2 represents the private ip address assigned to fire and intr. alarm.
So as you see there are different options to use a single ADSL link.
Hope to help
Giuseppe
11-13-2009 04:28 AM
Hi Giuseppe
The mask is 29 bit (255.255.255.248) for the public addresses, so 6 hosts, 2 of which are being used, 1 for 1721 and the other for the VPN tunnel on 1841.
We would ideally like to add an additional Ethernet port into the 1721 for the Alarm link and keep this interface seperated from the 1841 VPN router. We have been told by the Alarm people that we need a public IP for this link, so what would you suggest would be the best way to achieve this?
Obviously as we will have 2 interfaces both with different Public IP's using a single WIC1ADSL card, which configuration would appear to be the best please?
Thank you
Mark
11-13-2009 04:54 AM
Hello Mark,
I personally would put the alarm device as third host in the existing public IP subnet.
if you really want to put it on a different interface I see only two options:
or you use a private ip address and NAT as described in my first post or you can further subnet the 255.255.255.248 in two /30 subnets this will not give you a chance to add other hosts in the future to this public ip subnets (they are point-to-point)
Hope to help
Giuseppe
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide