CIsco 827 DSL Router ? on Static IP

CIsco 827 DSL Router ? on Static IP

Post by paul_tomli » Mon, 29 Dec 2003 22:34:42


Hi i've got an 827 working fine with dynamic IP, i now intend to add a
PIX into the equation, I have requested 4 static IP Addresses from my
ISP and now need a little help with the config if anyone can guide me
in the right direction i would appreciate it, I want to assign a
static IP to the outside interface of the 827 which looks pretty
straight forward what i also want to do is assign a static ip to the
outside of the PIX (PIX config is easy) but how do i tell the ethernet
int of the 827 to accept connections from a public IP?

i've checked out following URL but not much help

http://www.yqcomputer.com/

And heres my config

version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
ip subnet-zero
no ip domain-lookup
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool CLIENT
import all
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
lease 0 2
!
!
!
!
interface Ethernet0
ip address 10.10.10.1 255.255.255.0
ip nat inside
hold-queue 100 out
!
interface ATM0
no ip address
no atm ilmi-keepalive
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
dsl operating-mode auto
!
interface Dialer1
ip address negotiated
ip nat outside
encapsulation ppp
dialer pool 1
dialer-group 1
ppp chap hostname ????
ppp chap password 7 ????
ppp pap sent-username ???? password 7 ?????
!
ip nat inside source list 102 interface Dialer1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
ip http server
!
!
access-list 23 permit 10.10.10.0 0.0.0.255
access-list 102 permit ip 10.10.10.0 0.0.0.255 any
dialer-list 1 protocol ip permit
!
line con 0
exec-timeout 120 0
password 7 ?????????
login
stopbits 1
line vty 0 4
access-class 23 in
exec-timeout 120 0
password 7 ?????????
login
length 0
!
scheduler max-task-time 5000
end



Hope someone can offer some guidance
 
 
 

CIsco 827 DSL Router ? on Static IP

Post by Chri » Tue, 30 Dec 2003 01:30:56


If you want to put one of the static IP's on the outside of the PIX then the
first public IP from your range would need to be on the ethernet side of the
router. The ISP might assign a seperate IP for the ATM side and then route
to your /29 range via the outside ATM address. For example, the company that
I work for assigns the live range to the ethernet side of the router so that
it can then talk to the outside of the firewall on the same range. The ATM
side of the DSL router then gets a 10.x.x.x address so that it can talk to
our ADSL platform on an address range that is only routable on our network.

You will have to talk to your ISP to find out how they would handle this as
different ISP's do it differently.

Chris.









http://www.yqcomputer.com/
guide_chapter09186a0080118d1a.html