Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > SOHO 77 + 827 .... NAT, Port forwarding and Firewalling

Reply
Thread Tools

SOHO 77 + 827 .... NAT, Port forwarding and Firewalling

 
 
Michael
Guest
Posts: n/a
 
      07-09-2005
Hi All,

I have recently acquired a SOHO 77 adsl router and an 827H adsl router .
I've managed to configure them as far as connecting via PPPOE to the ISP,
and allowing LAN users to access the internet. The soho 77 will be acting as
a DHCP server for its LAN.

I have a few questions about the setups though. I'm reasonably new to IOS,
learning from the docs I can find on the internet.

With the 77, what I want to be able to do is basically lock off the router
externally. I dont want to be able to ping it, and any connections to it
need to be dropped. Essentially it has to be a stateful firewall. Is this at
all possible? I've read some stuff on reflexing, which sounds about right,
but I'm not too sure. I also want to be able to portforward things such as
port 80 into an internal server. How do I go about doing this?

The 827 is used in a slightly different config. What I want it to do is just
handle the PPPOE connection, NAT the stuff internally going out, and forward
everything hitting it externally to the firewall it is connected to. This
will then handle the rest of the routing and forwarding in regards to the
DMZ and internal hosts.


ISP
|
|
atm0
827 Router
eth0
|
|
eth2
Internal router
eth0 eth1
| |
| +----> DMZ
LAN


How do I go about setting this up? I am aware of the implications of the
double-nat'ting, but I know what I need to be able to do. Basically, in this
scenario, I have been having problems with the internal router's PPPOE
conncetion dropping out frequently, and would prefer to offload it to
something more manageable and reliable.

Would it be easier to swap the SOHO77 and the 827's roles due to the
differences in the units?


Any help on this would be muchly appreciated!

Thankyou,
Mike



For reference:

Software version (SOHO 77):
----------------------------------------------

Cisco Internetwork Operating System Software
IOS (tm) SOHO70 Software (SOHO70-Y1-M), Version 12.3(15), RELEASE SOFTWARE
(fc3)

Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2005 by cisco Systems, Inc.
Compiled Wed 25-May-05 07:20 by ssearch
Image text-base: 0x80013148, data-base: 0x805E5C80

ROM: System Bootstrap, Version 12.1(3r)XP, RELEASE SOFTWARE (fc1)
ROM: SOHO70 Software (SOHO70-Y1-M), Version 12.3(15), RELEASE SOFTWARE (fc3)

Router uptime is 3 minutes
System returned to ROM by power-on
System image file is "flash:soho70-y1-mz.123-15.bin"

CISCO SOHO 77 (MPC855T) processor (revision 0x502) with 15360K/1024K bytes
of me
mory.
Processor board ID JAD0538077U (3097123825), with hardware revision 0000
CPU rev number 5
Bridging software.
1 Ethernet/IEEE 802.3 interface(s)
1 ATM network interface(s)
128K bytes of non-volatile configuration memory.
8192K bytes of processor board System flash (Read/Write)
2048K bytes of processor board Web flash (Read/Write)

Configuration register is 0x2102
----------------------------------------------


Software version (827):
----------------------------------------------
Cisco Internetwork Operating System Software
IOS (tm) C820 Software (C820-OY6-M), Version 12.3(15), RELEASE SOFTWARE
(fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2005 by cisco Systems, Inc.
Compiled Wed 25-May-05 07:25 by ssearch
Image text-base: 0x80013148, data-base: 0x80778178

ROM: System Bootstrap, Version 12.2(4r)XM2, RELEASE SOFTWARE (fc1)
ROM: C820 Software (C820-OY6-M), Version 12.3(15), RELEASE SOFTWARE (fc3)

Router uptime is 5 minutes
System returned to ROM by power-on
System image file is "flash:c820-oy6-mz.123-15.bin"

CISCO C827H (MPC855T) processor (revision 0x401) with 31744K/1024K bytes of
memo
ry.
Processor board ID FOC064308KL (1607207016), with hardware revision F9C0
CPU rev number 5
Bridging software.
1 Ethernet/IEEE 802.3 interface(s)
1 ATM network interface(s)
128K bytes of non-volatile configuration memory.
8192K bytes of processor board System flash (Read/Write)
2048K bytes of processor board Web flash (Read/Write)

Configuration register is 0x2102

----------------------------------------------


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Cisco 827 protocol forwarding Michael Cisco 0 07-23-2005 05:21 AM
Cisco 827 port forwarding, please help congoclash Cisco 4 05-14-2005 01:56 PM
GRE forwarding through 827/837? lamerfreak Cisco 2 03-03-2005 11:45 PM
Port forwarding on a cisco 827 ArielM Cisco 2 03-03-2004 06:56 PM
PIX 501 VPN plus Colocation firewalling project - suggestions? John Smith Cisco 0 10-17-2003 01:29 AM



Advertisments