Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Cisco 1721, T1, and PAT

Posted on 2004-03-24
8
Medium Priority
?
455 Views
Last Modified: 2010-03-17
I have a new Cisco 1721 router, a freshly hot T1 line, and about 40 workstations.

At this time the internal network is getting IP addresses from our server that is running DHCP, and assigning addresses in the range of 192.168.2.10 - 192.168.2.100

My new ISP has given me the following information
 CSU Info:
Clock Source: Internal
Channels 1-24
Channel rate: 64K
Framing ESF
Line coding: B8zs

Router info:
Encapsulation: PPP
Ip Address 209.137.150.40
default gateway: 209.137.150.41
Subnet mask: 255.255.255.252

LAN side:
IP Address: 209.137.143.192
Subnet mask: 255.255.255.248
Usable addresses :  209.137.143.193 to .197 with a subnebt mask of 255.255.255.248

Using this information, I really need to know the configuration for using this Cisco router.

If I am correct I will have to use PAT because I have so few IP addresses available, and would like to reserve one of them in case I have to set up a SMTP server later.

Please Help !

Thank you!
0
Comment
Question by:tommycole
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 3

Accepted Solution

by:
Jharper earned 1600 total points
ID: 10677851
This config should get you started.

GL

JHarper

Current configuration:
!
! Last configuration change at 13:10:54 cst Tue Feb 24 2004 by jharper
! NVRAM config last updated at 13:11:11 cst Tue Feb 24 2004 by jharper
!
version 12.1
service timestamps debug datetime msec localtime
service timestamps log datetime msec localtime
service password-encryption
!
hostname yourhostname
!
enable secret 5 xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
!
!
!
!
memory-size iomem 15
clock timezone cst -6
clock summer-time cdt recurring
ip subnet-zero
ip name-server Your DNS Server
!
!
!
!
!
interface FastEthernet0/0
 ip address 192.168.2.1  255.255.255.0
 ip nat inside
 duplex auto
 speed auto
 no cdp enable
!
interface Serial0/0
 description Office Internet Link - Account #
 ip address 209.137.150.40 255.255.255.252
 ip nat outside
 no cdp enable
!
!
ip nat pool p1 209.137.143.193 209.137.143.193 netmask 255.255.255.248
ip nat inside source list 1 pool p1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 209.137.150.41
no ip http server
!
no cdp run
!
line con 0
 login authentication No_Auth
 transport input none
line aux 0
line vty 0 4
 password 7 XXXXXXXXX
!
no scheduler allocate
end
0
 

Author Comment

by:tommycole
ID: 10682689
I don't know why, but that won't work.  I have emaied the tech support for the ISP to make sure the circuit is still turned up.

Thanks anyway.  I am sure the problem lies elsewhere than in your IOS script.
0
 
LVL 5

Expert Comment

by:mrpez1
ID: 10683111
What do you get with a show interface s0? Are the interface and line protocol up?
0
Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

 

Author Comment

by:tommycole
ID: 10684002
Yes, The FastEthernet0 and Serial0 are both up.
0
 
LVL 3

Expert Comment

by:Jharper
ID: 10687263
Can you ping out to the internet from your router?  Sometimes they forget to route your block of internal IPs to your router.  If you can ping from inside the router into the Intenet it means that they need to route these IPs to your router and your PAT address won't work until they complete this.

Jharper
0
 
LVL 12

Assisted Solution

by:Scotty_cisco
Scotty_cisco earned 400 total points
ID: 10709250
There is no access-list defining traffic to nat that is why you are not geting out

access-list 1 permit 192.168.2.0

in the config that you are already using
0
 
LVL 3

Expert Comment

by:Jharper
ID: 10727469
You're right, I accidently cut that access-list out when I was cleaning it up for him.

Jharper
0
 

Author Comment

by:tommycole
ID: 11043496
Thank you all very much !
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This solves the problem of diagnosing why an internet connection is no longer working. It also helps identify the likely cause of the lost connection if the procedure fails to re-establish your internet connection. It helps to pinpoint the likely co…
Sometimes you have to pull out old tricks to get a new firewall to work… While we were installing a new Sonicwall at a customers site we found that sites they were able to visit before were not working.  It seemed random and we could not understa…
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question