Link to home
Start Free TrialLog in
Avatar of PeggyPitchford
PeggyPitchford

asked on

SR520 Router Configuration

I am a newbie at this.  I need to configure an SR520 to go in front on a UC520 that is already working and routing fine.    I have tried using the CCA but failed at doing anything useful.  
We have 3 global static IP addresses.  184.x.x.131, 184.x.x.132, 184.x.x.133.     We want the .133 for the UC520.   The .132 for the server, and the .131 for the SR520 if needed.

The subnet is 255.255.255.224, gateway 184.x.x.129, DNS 68.105.28.16.

The ISP connected to FastEthernet 4.
The Server (3), .132, will be connected to Fast Ethernet 0.   Will only use port 1190.
The UC520 (2), .133, will be connected to Fast Ethernet 3.   Use SIP Trunking (TCP/UDP port 5060, plus standard lan traffic)

FastEthernet 1 & 2 - should be open for open routing using .131 and standard DHCP on these links with no port or traffic filtering.



                                   (1)                (2)
-----> Internet -----> SR520 ---->  UC520 ---> Phone / Lan
                                    |                (3)
                                    |------>  SERVER (DMZ)


We tried using the CCIE Taskforce in Dallas and they gave up.  They couldn't figure out how to setup a configuration on this box and basically gave up and said we should buy a better unit.   So we don't have any configuration or anything to work from.

Any help would be most appreciated.



ASKER CERTIFIED SOLUTION
Avatar of rolledoats
rolledoats
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of rolledoats
rolledoats
Correction - "so you could try and use port forwarding" text not meant to be present  
Avatar of PeggyPitchford
PeggyPitchford

ASKER


The only way I seem to get this done is by static nat.   Here is excerpt of my configuration using .131 and .132 address.   I haven't even thought about the .133 and moving the UC520 over, but think I can overload the .131 address   But this seems to work, but doesn't address my desire to have the server to have the physical static ip address.  Plus overloading the WAN interface seems wrong.

Thoughts?

===============================/========
SR520W Basic Config / excerpt
========================================
.
.
.
!
ip dhcp excluded-address 192.168.1.1 192.168.1.30
!
ip dhcp pool vlan1pool
   network 192.168.1.0 255.255.255.0
   default-router 192.168.1.1
   dns-server 68.105.28.16 68.105.29.16
!
!
ip cef
!
no ipv6 cef
multilink bundle-name authenticated
!

!        
!
!
! All using VLAN1
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
 ip address xxx.xxx.xxx.xx2 255.255.255.224 secondary
 ip address xxx.xxx.xxx.xx1 255.255.255.224
 ip access-group 110 in
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface Dot11Radio0
 no ip address
 shutdown
 speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
 station-role root
!
interface Vlan1
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 FastEthernet4
!
no ip http server
no ip http secure-server
ip nat inside source list 1 interface FastEthernet4 overload
!
! static route to the server
!
ip nat inside source static tcp 192.168.1.2 80 xxx.xxx.xxx.xx2 80 extendable

!
! Wide Open ACL
!
access-list 1 permit any
!
! block telnet configuring rtr from outside
!
access-list 20 permit 192.168.1.0 0.0.0.255
!
! wide open acl.   Will close down once routing correctly.
!
access-list 110 permit ip any any
!
!
!
.
.
.
Avatar of PeggyPitchford
PeggyPitchford

ASKER

Still did not figure out how to route a static IP address to the server through the router.   However, it can be done by using NAT for 1:1 mapping.   Works great.