Configure Cisco 857 without NAT
I have a Cisco 857 router atached to an ADSL connection with a static IP address. The router is connected to an ISA server. I want the ISA server to have the External IP address, rather than a private IP which is NATed. I don't have much experience with Cisco, I've been landed with this thing and no budget to buy a simpler router, but I've been trying to set it up using SDM, unsucessfully.
How can I set up the router so that the network adapter on the server behaves as if it is directly connected to the web, with no firewall or NAT or anything?
How can I set up the router so that the network adapter on the server behaves as if it is directly connected to the web, with no firewall or NAT or anything?
ASKER
Ok, making some progress i think. I've set up as advised, and am now getting an error: *Mar 1 01:57:37.559: %TBRIDGE-4-NOVCFLOOD: No VC's configured for bridging on ATM0
Not quite sure what this means, but if I do a show bridge I can only see the ethernet port in the list for bridge 1, even though i have tried to add ATM0 a couple of times.
Not quite sure what this means, but if I do a show bridge I can only see the ethernet port in the list for bridge 1, even though i have tried to add ATM0 a couple of times.
You will want to do this connecting through the console port.
What lpacker mentioned may be one way to do it, however, I personally would prefer to keep routing on the device and just use static NAT:
Issue these commands:
ip nat inside source static <server_ip> interface Dialer0
## assuming you're using a dialer0 interface for the DSL
interface Dialer0
ip nat outside
## assuming you're using VLAN1 for the switched/bridged interfaces
interface VLAN1
ip nat inside
What lpacker mentioned may be one way to do it, however, I personally would prefer to keep routing on the device and just use static NAT:
Issue these commands:
ip nat inside source static <server_ip> interface Dialer0
## assuming you're using a dialer0 interface for the DSL
interface Dialer0
ip nat outside
## assuming you're using VLAN1 for the switched/bridged interfaces
interface VLAN1
ip nat inside
ASKER
Running config is atached.
Current configuration : 1088 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname wlcerora
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
!
no ip routing
!
!
no ip cef
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
!
!
archive
log config
hidekeys
!
!
!
!
!
interface ATM0
no ip address
no ip route-cache
no atm ilmi-keepalive
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
dsl operating-mode auto
bridge-group 1
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
no ip address
no ip route-cache
bridge-group 1
!
interface Dialer0
no ip address
encapsulation ppp
dialer pool 1
ppp authentication chap callin
ppp chap hostname zen179208@zen
ppp chap password 0 q2aquZp7
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
!
control-plane
!
bridge 1 protocol ieee
!
line con 0
no modem enable
line aux 0
line vty 0 4
!
scheduler max-task-time 5000
endASKER
thanks trbooth, but I don't want to use NAT, it complicates things later on.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I only see one interface in the bridge-group. You need to have the ISP connection and the port that the server is plugged into in the same bridge-group. If I am not mistaken, without routing, the vlan interface isn't doing you any good.
I see multiple fast ethernet ports listed, do you have multiple machines connected?
I see multiple fast ethernet ports listed, do you have multiple machines connected?
ASKER
I've tried to add the ATM interface, but it doesn't appear. I'm not sure why, it doesn't give an error message when I use the command, it just doesn't do anything.
I only have one server to connect, but the router is a fixed configuration job with four ports. The fastethernet interfaces can't be added to the bridge group, so i added the vlan instead.
I only have one server to connect, but the router is a fixed configuration job with four ports. The fastethernet interfaces can't be added to the bridge group, so i added the vlan instead.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Wouldn't that basically be the same as routing? It has private IP addresses on the internal network, which is what I want to avoid.
ASKER
Why is this so difficult? Is there a different type of dsl modem I need to buy or what? It can't be this much hassle to get a public IP address onto a server network adapter.
Does anyone have any suggestions about alternatives? I really need to get this sorted asap.
Does anyone have any suggestions about alternatives? I really need to get this sorted asap.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You should connect to the router via the console port and depending on your exact model, enter commands as:
http://www.cisco.com/en/US