Configure Switch Port as WAN port Cisco 877

Posted on 2012-09-18
Last Modified: 2012-10-24
I have a business internet connection terminating at an ADSL NTU onsite installed for a client - the unit is fully managed without NAT or firewalling and we need to plug a Cisco 877 into it to route traffic to the rest of the internal small business network. We have from the ISP the static IP of the service (119.225.221.x), subnet (, gateway ( and DNS servers

I'd like to configure the eth0 port to assign itself the service public IP address (while plugged into the Optus NTU) and then do NAT, DHCP, DNS to the rest of the network as usual on the other three ports.

Essentially what I am trying to do is to setup a Cisco 877 ADSL router as a Cisco 871 Ethernet based router. (i.e. not using the ADSL port, and using one of the switch ports as a WAN port)

My Cisco skills aren't quite up to the task... I'm sure this is a simple one.

I've tried setting up an additional VLAN and configuring the eth0 port with the static IP (through the SDM wizard) but I'm getting an error saying the unit has reached it's maximum number of VLANs (I thought these supported 4). I believe this is a limitation of the SDM version I am using

Anyone able to help with some config code I can put into the config for the interface?
Question by:itGenius
    LVL 22

    Accepted Solution

    This is actually pretty easy as long as you only need basic configuration.  The 877's switch ports can't be configured as layer 3 interfaces, so we need to use a VLAN for this.  Start by creating a VLAN at the command line (SDM/CCP is a sure way to create a bad configuration) and see if that works:

    Router#configure terminal
    Router(config)#vlan 1000
    Router(config-vlan)#name WAN

    Then you disable spanning tree on that VLAN because ISPs sometimes take issue with that sort of thing.

    Router(config-vlan)#no spanning-tree vlan 1000

    Then you assign the VLAN to FastEthernet0:

    Router(config)#interface FastEthernet0
    Router(config-if)#switchport access vlan 1000
    Router(config-if)#switchport mode access
    Router(config-if)#no cdp enable

    From this point on, you can treat VLAN1000 as your WAN interface and configure the unit normally.
    LVL 22

    Expert Comment

    by:Jody Lemoine
    If you're still using SDM and need some more functionality, consider downloading the Cisco Configuration Professional (which is the replacement for SDM) from Cisco's web site.

    Featured Post

    Why You Should Analyze Threat Actor TTPs

    After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

    Join & Write a Comment

    This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
    PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
    Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now