Oh, I just noticed the access point at the Boss's house. If you need to route back through this device, you will need to add a route on the Boss's router, your network router, and the firewall to get to that network.
Boss's router
ip route 192.168.1.0 255.255.255.0 10.1.2.2
Network Router
ip route 192.168.1.0 255.255.255.0 172.16.1.1
Firewall route next hop for 192.168.1.0 should be 10.1.1.1.
Personally I would probably convert the multifuntion device to just an access point and use the router for any security. This will cut down on the network management by giving him wireless access but not have to worry about punching wholes in his firewall. You can get a WIC-4ESW for his router which is a 4 port switch, create a vlan on it with the 10.1.2.1 ip address and plug the access point into switch along with anything else he may want.
Main Topics
Browse All Topics





by: mikecrPosted on 2009-11-05 at 13:55:14ID: 25754483
If you use a regular point to point T1 from the service provider, then the default configuration on the router should be sufficient. I'm assuming that your going to be using WIC-1DSU-T1 cards in the router with the built in CSU/DSU. You shouldn't need to configure anything on the interface except for an IP address.
Sample router 1 (Boss's house)
config t
int s0/0
ip address 172.16.1.1 255.255.255.252
int fe0/0
ip address 10.1.2.1 255.255.255.0
ip route 0.0.0.0 0.0.0.0 172.16.1.2
Sample Router 2 (Work)
config t
int s0/0
ip address 172.16.1.2 255.255.255.252
int fe0/0
ip address 10.1.1.1 255.255.255.0
ip route 10.1.2.0 255.255.255.0 172.16.1.1
On your router you will also need to add statements for your inside network hops as well or just add a default route with the next hop being the outside interface of the firewall DMZ. So if the DMZ interface was 10.1.1.5 lets say then you would put the following route on your network router:
ip route 0.0.0.0 0.0.0.0 10.1.1.5
Keep in mind the you will need to do return routing also to get to your Boss's router but if your default route sends you to the firewall, then you only need to add a route on the firewall to his network.
If you need anything else, let me know.