Configuring Cisco 851w as a second router behind Sky router

champaneri · ‎08-20-2014

Hello all,

Wonder if you can help me?

I am trying to setup a home lab for further studies for CCNA and ESXi. My internet provider is Sky however they dont allow their routers to be used just as modems so I need to have this internet facing, they also don't allow for static routes so I need to have FA4 on the same subnet.

My end goal is to create a subnet that allows me (PC 3) to get to the internet via the 851w and then create the LAN (3750) to allow me to start my ESXi server and datastore and setup the phones (I have CUCM 8.5 on there currently with a few Windows servers). I have just moved house and the 3750 was a new purchase as my previous home I was connected to the lab via an ethernet cable. Now i would like to do this wirelessly and then setup a VPN (further down the line) to allow me to continue to work on this when at work or away.

I managed to add a DHCP helper address pointing to the Sky router and now its works not this is not ideal as I want to use a separate subnet not 192.168.0.0/24. I currently can connect wirelessly to the 851w but it still uses an IP from the Sky router and connects to the internet.

Please can anyone help as I seem to be getting nowhere on this now.

Below is the config for the 851w and attached is how i would like it to work

router#sho run
Building configuration...

Current configuration : 4256 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname router
!
boot-start-marker
boot-end-marker
!
logging buffered 4096
enable secret 5 xxxxxxxxxxxxxxxx
!
no aaa new-model
!
crypto pki trustpoint TP-self-signed-82636848
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-82636848
revocation-check none
rsakeypair TP-self-signed-82636848
!
!
crypto pki certificate chain TP-self-signed-82636848
certificate self-signed 01
3082023A 308201A3 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
2F312D30 2B060355 04031324 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 38323633 36383438 301E170D 31343038 31353137 33343132
5A170D32 30303130 31303030 3030305A 302F312D 302B0603 55040313 24494F53
2D53656C 662D5369 676E6564 2D436572 74696669 63617465 2D383236 33363834
3830819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100A9BA
C7068E93 1A421BDE 6D21217E 17342F81 CF1BEA7E 9F8682D0 7B6DB18E F73DA1E0
03C242F5 4792B211 CCC11894 38B7E460 C39D9825 5FA95424 7DEC910C 6EB60E9C
2138040B B227B852 3DAF1D03 7A41DC5F 38D022A5 2889FB42 9D98B6A2 64599BB3
F73552F8 AFD8AB17 A904C8EB 2ED06359 FA7A0AA5 2D50C9FD AFD78A0D C26D0203
010001A3 66306430 0F060355 1D130101 FF040530 030101FF 30110603 551D1104
0A300882 06726F75 74657230 1F060355 1D230418 30168014 A729E652 16C9E566
41604D8B 299686D2 A34B7693 301D0603 551D0E04 160414A7 29E65216 C9E56641
604D8B29 9686D2A3 4B769330 0D06092A 864886F7 0D010104 05000381 81002366
855A53AE 4D879999 3309F554 2BAC6122 075E508D A0064AA5 2495A4E9 0A1029B2
48A094A9 A3FC2FC5 46A334AC F20CF81E 0A4BE53B CEE6B54F 1D15AEA5 7FA20C39
9E281CF4 84E252C0 6F842604 CDD13FF1 703AB7BD 5D93D435 21F97687 8963A425
CCD4A198 B70E61D8 B995FEA8 749BD6AC 4596953F 611D8B68 5D5050B3 742F
        quit
dot11 syslog
!
dot11 ssid TestLab
   vlan 1
   authentication open
   authentication key-management wpa
   guest-mode
   wpa-psk ascii 7 xxxxxxxxxxxxxxxxx
!
no ip dhcp relay information check
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.1 192.168.1.20
!
ip dhcp pool Wireless
import all
network 192.168.1.0 255.255.255.0
default-router 192.168.1.2
dns-server 192.168.0.1
!
!
ip cef
!
!
!
username xxxxxxx privilege 15 password 7 xxxxxxxxxxx
!
!
archive
log config
hidekeys
!
!
!
bridge irb
!
!
interface Loopback0
ip address 10.1.1.1 255.255.255.0
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
ip address 192.168.0.254 255.255.255.0
ip nat outside
ip virtual-reassembly
ip route-cache same-interface
no ip route-cache cef
no ip route-cache
duplex auto
speed auto
no cdp enable
!
interface FastEthernet4.1
encapsulation dot1Q 1 native
ip address 192.168.1.254 255.255.255.0
no ip route-cache
bridge-group 1
!
interface Dot11Radio0
no ip address
ip nat inside
ip virtual-reassembly
!
encryption vlan 1 mode ciphers tkip
!
broadcast-key vlan 1 change 45
!
!
ssid TestLab
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no cdp enable
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
no ip address
ip virtual-reassembly
bridge-group 1
!
interface BVI1
no ip address
ip virtual-reassembly
!
ip default-gateway 192.168.0.1
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 192.168.0.1
ip route 192.168.1.0 255.255.255.0 BVI1
!
no ip http server
ip http secure-server
ip nat inside source list 1 interface FastEthernet4 overload
!
ip access-list standard NAT
permit any
!
logging history size 500
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 1 permit 192.168.0.0 0.0.0.255
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
!
line con 0
no modem enable
line aux 0
line vty 0 4
login local
transport input ssh
!
scheduler max-task-time 5000
end

router#

Pratip

champaneri · ‎08-22-2014

Anyone?