851w config w\ 12.4(4)-T4 vlan question

Discussion in 'Cisco' started by kent w, Jan 30, 2010.

  1. kent w

    kent w Guest

    I need help with this 851w. It is for a hotel that wants to keep guests
    seperate from internal network. Originally the guests had there own network
    with a static address on FE4 and then natting 192.168.1.0 for wireless with
    an unnumbered address to BV1 with 192.168.1.1 address and 2 Aironet 1200
    Access points each with a static 192.168.1..x address.

    I screwed up not doing more research thinking that you could do multiple
    vlans on it. I've setup a couple 871w's and it was no problem along with
    port forwarding.

    The new connection comes with a /29 network usable, but I also have to be
    the other end of a .252 to get the circuit up. After searching and research
    how does this sound.

    Fe4: address .252 primary and x.x.x.153 /29 address as secondary.
    Then nat 192.168.1.x on vlan1 with an address bridged to BV1.
    Setting the default route to the x.x.x.153 address.
    Would I then be able to run a server and Nortel 221 concentrator on the
    x.x.x.154-8 network off of the switch ports?

    btw: I saw last night the Cisco 1811w would be a nice upgrade for this
    network at a reasonable price. Thanks.

    btw:
    kent w, Jan 30, 2010
    #1
    1. Advertising

  2. kent w

    no spam Guest

    Through research, I need to just penny up and get a Cisco 1801. Thanks for
    feedback.

    "kent w" <> wrote in message
    news:fD69n.29161$...
    > Update. If I set up vlan1 for routing rather than irb and set it to the
    > first address in the /29 network and use a nat pool with the addresses it
    > will be assigned to the fastethernet ports. I then use a static source
    > route to concentrator.
    > Will I still be able to use the 192.168.1 network for the dhcp clients on
    > the wireless bridge? Another thing is the access points are using 2 of the
    > ether ports so would they have to be in the /29 network or could I just
    > leave them on the 192.168.1 network? Thanks for any replies.
    >
    >
    > Current config.
    > Building configuration...
    >
    > Current configuration : 5758 bytes
    > !
    > version 12.4
    > no service pad
    > service tcp-keepalives-in
    > service tcp-keepalives-out
    > service timestamps debug datetime msec localtime show-timezone
    > service timestamps log datetime msec localtime show-timezone
    > service password-encryption
    > service sequence-numbers
    > !
    > hostname xxx
    > !
    > boot-start-marker
    > boot-end-marker
    > !
    > logging buffered 51200 debugging
    > logging console critical
    > enable secret 5 x
    > !
    > no aaa new-model
    > !
    > resource policy
    > !
    > clock timezone PCTime -6
    > clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
    > ip subnet-zero
    > no ip source-route
    > no ip dhcp use vrf connected
    >
    > ip dhcp excluded-address 192.168.1.1 192.168.1.9
    > ip dhcp excluded-address 192.168.1.251 192.168.1.254
    > !
    > ip dhcp pool sdm-pool1
    > import all
    > network 192.168.1.0 255.255.255.0
    > domain-name x2
    > default-router 192.168.1.1
    > dns-server 208.67.222.222 208.67.220.220
    > !
    > !
    > ip cef
    > ip tcp synwait-time 10
    > no ip bootp server
    > ip domain name yourdomain.com
    > ip name-server 208.67.222.222
    > ip name-server 24.177.176.36
    > ip name-server 208.67.220.220
    > ip ssh time-out 60
    > ip ssh authentication-retries 2
    > !
    > !
    > crypto
    > quit
    >
    > !
    > !
    > bridge irb
    > !
    > !
    > interface FastEthernet0
    > !
    > interface FastEthernet1
    > !
    > interface FastEthernet2
    > !
    > interface FastEthernet3
    > !
    > interface FastEthernet4
    > description $FW_OUTSIDE$$ES_WAN$$ETH-WAN$
    > ip address 192.168.3.5 255.255.255.0
    > no ip redirects
    > no ip unreachables
    > no ip proxy-arp
    > ip nat outside
    > ip virtual-reassembly
    > ip route-cache flow
    > duplex auto
    > speed auto
    > !
    > interface Dot11Radio0
    > no ip address
    > !
    > ssid x2
    > authentication open
    > guest-mode
    > infrastructure-ssid optional
    > !
    > speed basic-1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
    > no preamble-short
    > channel 2437
    > station-role root
    > no dot11 extension aironet
    > bridge-group 1
    > bridge-group 1 spanning-disabled
    > !
    > interface Vlan1
    > description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$FW_INSIDE$
    > no ip address
    > ip tcp adjust-mss 1452
    > bridge-group 1
    > !
    > interface BVI1
    > description $ES_LAN$$FW_INSIDE$
    > ip address 192.168.1.1 255.255.255.0
    > no ip redirects
    > no ip unreachables
    > no ip proxy-arp
    > ip nat inside
    > ip virtual-reassembly
    > ip route-cache flow
    > !
    > ip classless
    > ip route 0.0.0.0 0.0.0.0 isp gateway permanent
    > !
    > ip http server
    > ip http authentication local
    > ip http secure-server
    > ip http timeout-policy idle 60 life 86400 requests 10000
    > ip nat inside source list 1 interface FastEthernet4 overload
    > !
    > logging trap debugging
    > access-list 1 remark INSIDE_IF=BVI1
    > access-list 1 remark SDM_ACL Category=2
    > access-list 1 permit 192.168.1.0 0.0.0.255
    > no cdp run
    > !
    > control-plane
    > !
    > bridge 1 protocol ieee
    > bridge 1 route ip
    >
    > !
    > line con 0
    > login local
    > no modem enable
    > transport output telnet
    > line aux 0
    > login local
    > transport output telnet
    > line vty 0 4
    > privilege level 15
    > login local
    > transport input telnet ssh
    > !
    > scheduler max-task-time 5000
    > scheduler allocate 4000 1000
    > scheduler interval 500
    > end
    >
    > "kent w" <> wrote in message
    > news:wmY8n.5493$...
    >>I need help with this 851w. It is for a hotel that wants to keep guests
    >>seperate from internal network. Originally the guests had there own
    >>network with a static address on FE4 and then natting 192.168.1.0 for
    >>wireless with an unnumbered address to BV1 with 192.168.1.1 address and 2
    >>Aironet 1200 Access points each with a static 192.168.1..x address.
    >>
    >> I screwed up not doing more research thinking that you could do multiple
    >> vlans on it. I've setup a couple 871w's and it was no problem along with
    >> port forwarding.
    >>
    >> The new connection comes with a /29 network usable, but I also have to be
    >> the other end of a .252 to get the circuit up. After searching and
    >> research how does this sound.
    >>
    >> Fe4: address .252 primary and x.x.x.153 /29 address as secondary.
    >> Then nat 192.168.1.x on vlan1 with an address bridged to BV1.
    >> Setting the default route to the x.x.x.153 address.
    >> Would I then be able to run a server and Nortel 221 concentrator on the
    >> x.x.x.154-8 network off of the switch ports?
    >>
    >> btw: I saw last night the Cisco 1811w would be a nice upgrade for this
    >> network at a reasonable price. Thanks.
    >>
    >> btw:
    >>

    >
    >
    no spam, Feb 1, 2010
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. ponga
    Replies:
    4
    Views:
    16,901
    Aaron Leonard
    May 4, 2006
  2. ponga
    Replies:
    2
    Views:
    5,713
    ponga
    May 10, 2006
  3. James B. Wood

    PAT on Cisco 851W

    James B. Wood, Sep 22, 2006, in forum: Cisco
    Replies:
    2
    Views:
    1,759
    Matthew Melbourne
    Oct 5, 2006
  4. GtoJon
    Replies:
    2
    Views:
    348
    GtoJon
    Dec 18, 2006
  5. JF Mezei
    Replies:
    1
    Views:
    878
    Doug McIntyre
    May 22, 2007
Loading...

Share This Page