Solved

Change LAN IP on Cisco 1721

Posted on 2006-07-18
21
348 Views
Last Modified: 2010-03-19
I want to change my inside IP to a private network (192.168.0.1 or something). I have included my startup-config (replacing both IPs with 333 and 111 for security). Any help is ALWAYS appreciated!


interface FastEthernet0
 --More--                            description To Office FastEthernet
 --More--                            ip address 33.333.333.333 255.255.255.224 secondary
 --More--                            ip address 111.111.1.11 255.255.255.248
 --More--                            speed auto
 --More--                           !
 --More--                           interface Serial0
 --More--                            description To UUNET (wcomw0l31128)
 --More--                            bandwidth 1536
 --More--                            no ip address
 --More--                            encapsulation frame-relay IETF
 --More--                            no fair-queue
 --More--                            frame-relay lmi-type ansi
 --More--                           !
 --More--                           interface Serial0.1 point-to-point
 --More--                            bandwidth 1536
 --More--                            ip unnumbered FastEthernet0
 --More--                            frame-relay interface-dlci 500 IETF  
 --More--                           !
 --More--                           ip classless
 --More--                           ip route 0.0.0.0 0.0.0.0 Serial0.1
 --More--                           no ip http server
 --More--                           ip pim bidir-enable
 --More--                           !
 --More--                           !
 --More--                           !
 --More--                           !
 --More--                           line con 0
 --More--                            password eb78c1ed61
 --More--                            login
 --More--                            transport preferred none
 --More--                           line aux 0
 --More--                            password eb78c1ed61
 --More--                            login
 --More--                            modem InOut
 --More--                            transport preferred none
 --More--                            transport input all
 --More--                            transport output pad udptn telnet rlogin ssh
 --More--                            stopbits 1
 --More--                            flowcontrol hardware
 --More--                           line vty 0 4
 --More--                            password eb78c1ed61
 --More--                            login
 --More--                            transport preferred none
 --More--                           !
 --More--                           no scheduler allocate
 --More--                           end
0
Comment
Question by:mburke3434
  • 8
  • 7
  • 6
21 Comments
 
LVL 32

Accepted Solution

by:
rsivanandan earned 250 total points
ID: 17130277
Telnet to the router;

config t

int fastethernet0
ip address 192.168.0.1 255.255.255.0

This will change the address from 111.111.111.111 to 192.168.0.1

If you want to remove 333.333.333.333, then at that prompt do this;

no ip address 333.333.333.333 255.255.255.224 secondary

Cheers,
Rajesh
0
 
LVL 12

Assisted Solution

by:Scotty_cisco
Scotty_cisco earned 250 total points
ID: 17131714
!
 --More--                           interface Serial0.1 point-to-point
 --More--                            bandwidth 1536
 --More--                            ip unnumbered FastEthernet0
 --More--                            frame-relay interface-dlci 500 IETF  

I see a problem here

your serial is unnumbered to FastEthernet0 so this needs to remain a public address are you serving out public address off of this same network?

If that is the case you can't go to a private address without NATing the outbound traffic.

Thanks
scott
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17131760
Yeah I saw it there too, I assume that the author needs to have that part and apart from that, he is trying to switch his private ip inside.

Cheers,
Rajesh
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:mburke3434
ID: 17131820
Question....

ip address 33.333.333.333 255.255.255.224 secondary   (THIS IS MY OFFICE SIDE)

ip address 111.111.1.11 255.255.255.248 (THIS IS MY OUT SIDE)

Your way had me changing Outside IP. Could you help me with the inside?

Also why are two Ip's on the same interface? shouldn't they be seperated? Did the guy who set this up do a poor job? What is meant by secondary?

Thanks for your efforts...
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17131876
Ok then do this;

Telnet to the router;

config t

int fastethernet0
ip address 192.168.0.1 255.255.255.0 secondary
no ip address 33.333.333.333 255.255.255.224 secondary  

This will change the address from 333.333.333.333 to 192.168.0.1


Regarding the configuration no the guy didn't do a poor job. Actually the advantage you get here is 2 networks on a single interface. In the same way you could have as many as (don't remember the limit, it is too high :-)) The reason on why the guy did that way is probably the router had only 2 interfaces and he had to configure 3 networks. I mean the requirement might have been like that when it was setup.

Cheers,
Rajesh
0
 

Author Comment

by:mburke3434
ID: 17131889
Sorry didn't refresh the questions in awhile.....

Some background.....For whatever reason the previous admins (contract) had the doctor purchase 50 public IP's for the T1 at his practice. The PC's are all Hard coded with these 63.000.000.000 addresses. The outside is 208.000.00.000. I have dealt with all the vendors and outside services and there is no reason they all needed public IP's. One static outside IP would have suited them just fine.

I am ready to deploy a 2003 server and would like to use a private IP scheme with DHCP. How do I get my Interfaces to allow the traffic?
0
 

Author Comment

by:mburke3434
ID: 17131902
Also we have another network that is 10.0.0.0 for a digital xray setup.
0
 
LVL 12

Expert Comment

by:Scotty_cisco
ID: 17131918
I would tie the outside to a loopback if you want to stay unnumbered and then use the publics as a nat pool or whatever but I seperate the 2 address ranges.

Thanks
scott
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17131988
You think right man. I don't believe it, I mean 50 public ips???? Jeez...

Okay, you can do it with a single public ip and can go like this;

Assumptions: => You'll have to correct me if any of this is wrong.

1. You only need outside access (clients browsing net), no webserver, email server etc.

2. You are connecting both the 10.x.x.x network and the planned 192.168.0.x network to the same router;

Configurations;

interface FastEthernet0
description To Office FastEthernet
ip address 192.168.0.1 255.255.255.0
ip address 10.0.0.1 255.255.255.0 secondary
ip nat inside
speed auto
!
interface loopback0
ip address 208.000.00.000 255.255.255.0 =>substitute for actual ip and mask
no shut

interface Serial0
 description To UUNET (wcomw0l31128)
 bandwidth 1536
 no ip address
 encapsulation frame-relay IETF
 no fair-queue
 frame-relay lmi-type ansi
!
interface Serial0.1 point-to-point
 bandwidth 1536
 ip unnumbered loopback0
 frame-relay interface-dlci 500 IETF  
 ip nat outside
!
ip nat inside source list 1 interface serial0.1 overload
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 1 permit 10.0.0.0 0.0.0.255
!
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0.1
no ip http server
ip pim bidir-enable
!
!
!
!
line con 0
 password eb78c1ed61
 login
 transport preferred none
line aux 0
 password eb78c1ed61
 login
 modem InOut
 transport preferred none
 transport input all
 transport output pad udptn telnet rlogin ssh
 stopbits 1
 flowcontrol hardware
line vty 0 4
 password eb78c1ed61
 login
 transport preferred none
!
no scheduler allocate
end

Cheers,
Rajesh
0
 
LVL 12

Expert Comment

by:Scotty_cisco
ID: 17132020
That provides the seperation but you would still need to NAT to the public's either a pool or to the interface.

Thanks
scott
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17132031
I have those in there too Scott;

ip nat inside source list 1 interface serial0.1 overload
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 1 permit 10.0.0.0 0.0.0.255


Cheers,
Rajesh
0
 
LVL 12

Expert Comment

by:Scotty_cisco
ID: 17132055
also a consideration is what services are being provided on the inside

mail server
ftp server

ECT please respond with the additional services that you need inside or if any services are in use currently that need to be mapped.

Thanks
Scott
0
 

Author Comment

by:mburke3434
ID: 17132117
No mail server or ftp server....eventual TS server for offsite billing.
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17132161
Okay then the config above should work just fine. If you are adding a TS server to be accessed from internet, the addition for the configuration would be;

ip nat inside source static <PublicIPYouassignforTS> <InternalPrivateIPforTS>

that should be it and you can add access-lists to control the traffic flow for security reasons too.

Cheers,
Rajesh
0
 

Author Comment

by:mburke3434
ID: 17132196
Excellent...now lets see if I can make all the configurations  work.... : )

Can I copy your startup, replace the IP's with the correct ones, and drop into the router?

Would that work?
0
 
LVL 12

Expert Comment

by:Scotty_cisco
ID: 17132207
that should work fine.

Thanks
Scott
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17132211
Ya. Go ahead.

Cheers,
Rajesh
0
 

Author Comment

by:mburke3434
ID: 17132217
Great TY....I'll let you know how it goes....
0
 

Author Comment

by:mburke3434
ID: 17241493
Thank you both....I am sure we will talk again soon!
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17241529
My Pleasure :-)

Cheers,
Rajesh
0
 
LVL 12

Expert Comment

by:Scotty_cisco
ID: 17241548
anytime :D

Scott
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Internet Service Provider 3 55
Slow Internet Connection 9 54
Cisco WRVS4400N 11 37
Internet options/Settings 1 45
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question