Cisco 1720 Config quetsion

Posted on 2004-05-03
Last Modified: 2010-04-17
We just had a 128K frame installed.  I need to configure my Cisco 1720 w wic it and need some assistance. AT&T is handling security and will only allow the approprate IP's down the pipe.  They are wireless modems in the field.   AT&T has give me this info (certain details changed for obvious reasons)

Serial port should be = 166.a.b.c
DLCI = 392

LAN address = 166.a.d.e

I need to be able to map to 3 servers on the inside.  Server 1 =   server 2 =  server 3 =

My inital config is this.

interface serial 0/1 point-to-point
ip address 166.a.b.c
ip nat outside
no ip mroute cache
frame-relay interface-dlci 392

Does this look correct?  How do I do my nating?  Any help appreciated...
Question by:chadd25
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
LVL 79

Expert Comment

ID: 10978006
If the frame is point-to-point dlci, your serial interface should look like this:

interface serial 0/1
 no ip address
 service-module t1 timeslots 1-2  <--- sets the T1 wic for 128k
 encapsulation frame-relay
interface serial 0/1.1 point-to-point
 ip address 166.a.b.c
 frame-relay interface-dlci 392
 ip nat outside
interface FastEthernet 0
 ip address 1.1.1.x
 ip nat inside

Assuming that your servers are located somewhere on the inside of the Ethernet interface:

ip nat inside source static <local ip> <global ip>
ip nat inside source static 166.a.d.e
ip nat inside source static 166.a.d.f
ip nat inside source static 166.a.d.g


Author Comment

ID: 10978221
Yes, my servers are located on the inside of my network.  

AT&T sent me an e-mail here it is:

The IP address of your router's Serial port will be 166.a.b.c with a subnet mask of .  The Ethernet LAN Network Address is 166.a.d.24 with a subnet mask of  So this will allow you to use an IP address on the router's Ethernet port of 166.a.d.25 and you can use IP addresses of x.x.x.26 through x.x.x.30 for the servers you will be using for this implementation.
You can use NAT to tie the 166.a.d.24 network IP addresses, to servers,etc. on your current network.

Based on this info, what needs to be done?  What you have sent so far looks great!!!  I really appreciate it.  Contractor want over $600 to setup...  How is timing done?
LVL 79

Accepted Solution

lrmoore earned 500 total points
ID: 10978581
Since they gave you a subnet of 6 addresses, you don't necessarily have to use one on the Ethernet interface. You can use private IP address there as in my example. substitute those addresses in my example:

ip nat inside source static 166.a.d.26
ip nat inside source static 166.a.d.27
ip nat inside source static 166.a.d.28
! add one more for all other users -assuming that this will be a primary Internet connection outbound
access-list 1 permit
ip nat pool USERS 166.a.d.25
ip nat inside source list 1 pool USERS overload

>How is timing done?
Can you explain this? Do you mean "network timing" for the T1? That is the default setting on the T1 WIC and no further configuration/action on your part is necessary. The only thing you need to change for the T1 is the number of channels and to verify with the ISP that they are using channels 1 and 2. I have seen some use channels 23-24


Author Comment

ID: 10978822
Will I need to use addresses 166.a.d.24 and 166.a.d.25 anywhere?

This will not be used as an internet connection for internal network users.  We have a cable modem that people go out on to browse the web.  This router will just terminate the 128K frame and allow mobile users to connect via their wireless modems to our internal Citrix servers.  Knowing that, I am assuming that I do not need the access list you mention..

LVL 79

Expert Comment

ID: 10979168
Address .24 is the network address and can't be used.
You can use .25 for another server static if you want, and you still have .29 and .30 reserved for future use if you need them.
No need for the access-list or pool if you're not using it for access from internal users.


Featured Post

Simple, centralized multimedia control

Watch and learn to see how ATEN provided an easy and effective way for three jointly-owned pubs to control the 60 televisions located across their three venues utilizing the ATEN Control System, Modular Matrix Switch and HDBaseT extenders.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

It happens many times that access list (ACL) have to be applied to outgoing router interface in order to limit some traffic.This article is about how to test ACL from the router which is not very intuitive for everyone. Below scenario shows simple s…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question