Link to home
Start Free TrialLog in
Avatar of paulnet
paulnet

asked on

Cisco Router VLAN and Public IP Config

I have a 2621XM router with 2- T1 WICs. The ISP gave us 2- /29 subnets, one for each T1. The goal, is to have public IP addresses assigned to equipment on the LAN side of the router.

Ok, this is what weve got:
-2621XM router with 2 T1 WICs (weve got 2 T1s)
-2924 Catalyst
-Polycom Phones (Soundpoint IP 650 and 501)
-2 Separate /29 networks  one for each T1

This is what I got configured:
-3 VLANS (2 for each company, and 1 for voice traffic) with private IP address
-Each port is trunked with a native VLAN for data and a Voice VLAN for the phone
-DHCP works for all 3 VLANS
-S0/1 has one IP in one subnet and S0/0 has one IP in the other subnet
-I have an Ethernet subinterface with an ip unnumbered s0/1

Now, heres how the Ethernet interfaces are configured on the router

Int fa0/1.1
  Description TPI
  Ip address 10.10.0.1 255.255.0.0
  Encapsulation dot1q 10
  Ip nat inside

Int fa0/1.2
  Description USAN
  Ip address 10.20.0.1 255.255.0.0
  Encapsulation dot1q 20
  Ip nat inside

Int fa0/1.3
  Description Voice
  Ip address 172.16.0.1 255.255.0.0
  Encapsulation dot1q 300
  Ip nat inside

Int fa0/1.4
  Description Public IP VLAN
  Encapsulation dot1q 30
  Ip unnumbered serial0/1

Serial0/1
  Ip address a.b.c.d 255.255.255.248
  Encapsulation ppp
  No shutdown

Ok, heres my problem:

I have a port configured on the switch with VLAN 30 on it. (VLAN 30 is the vlan for public IP address) So, I configured a workstation and connected it to the VLAN 30 switch port. I configured it with an IP address in the same subnet as Serial0/1. But, I could not ping the Serial0/1 interface or anything else.

Any help or ideas? Thanks!

!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
enable password TelComProducts
!
no aaa new-model
no network-clock-participate slot 1
no network-clock-participate wic 0
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.0.1
ip dhcp excluded-address 10.20.0.1
ip dhcp excluded-address 172.16.0.1
!
ip dhcp pool TPI
   import all
   network 10.10.0.0 255.255.0.0
   default-router 10.10.0.1
   dns-server 64.21.232.2 64.21.232.3
   lease 14
!
ip dhcp pool USAN
   import all
   network 10.20.0.0 255.255.0.0
   default-router 10.20.0.1
   dns-server 64.21.232.2 64.21.232.3
   lease 14
!
ip dhcp pool Voice
   import all
   network 172.16.0.0 255.255.0.0
   default-router 172.16.0.1
   dns-server 64.21.232.2 64.21.232.3
   lease 14
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
 no ip address
 ip nat inside
 shutdown
 duplex auto
 speed auto
!
interface Serial0/0
 ip address x.x.x.x 255.255.255.248
 encapsulation ppp
 shutdown
 no fair-queue
!
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
!
interface FastEthernet0/1.1
 description TelCom Products Vlan Subif
 encapsulation dot1Q 10
 ip address 10.10.0.1 255.255.0.0
 no ip redirects
 ip nat inside
!
interface FastEthernet0/1.2
 description USA Northland VLAN Subif
 encapsulation dot1Q 20
 ip address 10.20.0.1 255.255.0.0
 no ip redirects
 ip nat inside
!
interface FastEthernet0/1.3
 description Voice VLAN Subif
 encapsulation dot1Q 300
 ip address 172.16.0.1 255.255.0.0
 ip helper-address 10.10.0.1
 no ip redirects
 ip nat inside
!
interface FastEthernet0/1.4
 description Management VLAN Subif
 encapsulation dot1Q 1 native
 ip address 10.1.0.1 255.255.0.0
!
interface FastEthernet0/1.5
 description Public IP VLAN Subif
 encapsulation dot1Q 30
 ip unnumbered Serial0/1
!
interface Serial0/1
 ip address y.y.y.y 255.255.255.248
 ip nat outside
 encapsulation ppp
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 x.x.x.x(gateway from ISP)
ip route 0.0.0.0 0.0.0.0 y.y.y.y(gateway from ISP)
ip route 0.0.0.0 0.0.0.0 Serial0/1
!
ip http server
no ip http secure-server
ip nat inside source list 1 interface Serial0/1 overload
!
access-list 1 permit 10.10.0.0 0.0.255.255
access-list 1 permit 10.20.0.0 0.0.255.255
access-list 1 permit 172.16.0.0 0.0.255.255
access-list 1 permit 10.1.0.0 0.0.255.255

Open in new window

ASKER CERTIFIED SOLUTION
Avatar of JFrederick29
JFrederick29
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Quori
Quori
Flag of Australia image
FYI you can use IP Unnumbered on SUB Ethernet interfaces, not the base one.

Maybe also setup briding between the two interfaces and assign the IP to BVI1.
Avatar of paulnet
paulnet

ASKER

Ok, I called my ISP and got a /29 address space for the router. And after speaking with them for a while, I got help on setting NAT across the PPP multilink