Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 923
  • Last Modified:

Cisco 1720 Config quetsion

We just had a 128K frame installed.  I need to configure my Cisco 1720 w wic it and need some assistance. AT&T is handling security and will only allow the approprate IP's down the pipe.  They are wireless modems in the field.   AT&T has give me this info (certain details changed for obvious reasons)

Serial port should be = 166.a.b.c
DLCI = 392

LAN address = 166.a.d.e

I need to be able to map to 3 servers on the inside.  Server 1 = 1.1.1.1   server 2 = 2.2.2.2  server 3 = 3.3.3.3

My inital config is this.

interface serial 0/1 point-to-point
ip address 166.a.b.c 255.255.255.252
ip nat outside
no ip mroute cache
frame-relay interface-dlci 392
!


Does this look correct?  How do I do my nating?  Any help appreciated...
0
chadd25
Asked:
chadd25
  • 3
  • 2
1 Solution
 
lrmooreCommented:
If the frame is point-to-point dlci, your serial interface should look like this:

interface serial 0/1
 no ip address
 service-module t1 timeslots 1-2  <--- sets the T1 wic for 128k
 encapsulation frame-relay
!
interface serial 0/1.1 point-to-point
 ip address 166.a.b.c 255.255.255.252
 frame-relay interface-dlci 392
 ip nat outside
!
interface FastEthernet 0
 ip address 1.1.1.x 255.255.255.0
 ip nat inside
!

Assuming that your servers are located somewhere on the inside of the Ethernet interface:

ip nat inside source static <local ip> <global ip>
example:
ip nat inside source static 1.1.1.1 166.a.d.e
ip nat inside source static 2.2.2.2 166.a.d.f
ip nat inside source static 3.3.3.3 166.a.d.g

0
 
chadd25Author Commented:
Yes, my servers are located on the inside of my network.  

AT&T sent me an e-mail here it is:

The IP address of your router's Serial port will be 166.a.b.c with a subnet mask of 255.255.255.252 .  The Ethernet LAN Network Address is 166.a.d.24 with a subnet mask of 255.255.255.248.  So this will allow you to use an IP address on the router's Ethernet port of 166.a.d.25 and you can use IP addresses of x.x.x.26 through x.x.x.30 for the servers you will be using for this implementation.
 
You can use NAT to tie the 166.a.d.24 network IP addresses, to servers,etc. on your current network.

Based on this info, what needs to be done?  What you have sent so far looks great!!!  I really appreciate it.  Contractor want over $600 to setup...  How is timing done?
0
 
lrmooreCommented:
Since they gave you a subnet of 6 addresses, you don't necessarily have to use one on the Ethernet interface. You can use private IP address there as in my example. substitute those addresses in my example:

ip nat inside source static 1.1.1.1 166.a.d.26
ip nat inside source static 2.2.2.2 166.a.d.27
ip nat inside source static 3.3.3.3 166.a.d.28
!
! add one more for all other users -assuming that this will be a primary Internet connection outbound
access-list 1 permit 1.1.1.0
ip nat pool USERS 166.a.d.25
ip nat inside source list 1 pool USERS overload
!



>How is timing done?
Can you explain this? Do you mean "network timing" for the T1? That is the default setting on the T1 WIC and no further configuration/action on your part is necessary. The only thing you need to change for the T1 is the number of channels and to verify with the ISP that they are using channels 1 and 2. I have seen some use channels 23-24

0
 
chadd25Author Commented:
Will I need to use addresses 166.a.d.24 and 166.a.d.25 anywhere?

This will not be used as an internet connection for internal network users.  We have a cable modem that people go out on to browse the web.  This router will just terminate the 128K frame and allow mobile users to connect via their wireless modems to our internal Citrix servers.  Knowing that, I am assuming that I do not need the access list you mention..

Thanks..
0
 
lrmooreCommented:
Address .24 is the network address and can't be used.
You can use .25 for another server static if you want, and you still have .29 and .30 reserved for future use if you need them.
No need for the access-list or pool if you're not using it for access from internal users.

 
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now