more than one internal LAN (2)

Discussion in 'Cisco' started by Alexej Buchholz, May 6, 2004.

  1. Hi,

    I've got the following situation and hope you can give me some help or
    suggestion:

    Our ISP as assigned us a 255.255.255.240 Subnet, so we have 13 addresses
    which we can use (16 - 1 x Network, 1 x Broadcast and 1 x ISP's router)

    We use a Cisco 2651 with 2 FastEthernet interfaces, IOS 12.2

    The router should be the first device on the internal network, i.e. all
    machines (even those with a public IP should be behind the router)

    The internal network should be one (physical) LAN

    We plan the following configuration:

    Network Address: a.b.c.96
    Broadcast Address: a.b.c.111
    Subnet Mask: 255.255.255.240

    ISP router's IP: a.b.c.97
    Cisco 2651 IP on FastEthernet0/0 (FE0/0): a.b.c.99
    IP used for NAT (PAT) Clients: a.b.c.100

    IP's used for 1:1 mapping for servers: a.b.c.101 ... 105 (servers will have
    private IP's on the LAN)

    IP's used for direct-connected clients: a.b.c.106 ... 107 (these clients
    will have public IP's)

    Here is a network plan:

    SDSL line to ISP
    |
    --------------
    |ISP's router| a.b.c.97 (on both interfaces, configured as a brige)
    --------------
    |
    |
    | FE0/1 a.b.c.99
    --------------
    | Cisco 2651 | 2 FastEthernet interfaces
    --------------
    | FE0/0
    |
    |
    -----------
    | | |
    | | |
    | | -----------------------------
    | | |
    / | Direct-connected clients
    / ------------------------ with public IP
    NAT Clients | a.b.c.106 ... 107
    192.168.1.120 ... 150 Servers
    will use 1 IP for NAT 192.168.1.21 ... 25
    1:1 mapping of pubic IP
    to private IP


    Which options (ways) are there to create this configuration without buying
    an additional Interface for the Cisco router?


    Thanks in advance


    Best regards

    Alexej
     
    Alexej Buchholz, May 6, 2004
    #1
    1. Advertising

  2. Alexej Buchholz

    Ben Guest

    If you have a VLAN capable switch, simply configure 3 sub-interfaces on the
    internal router interface and assign to a unique vlan. Then configure
    routing between them as required.

    "Alexej Buchholz" <> wrote in message
    news:...
    > Hi,
    >
    > I've got the following situation and hope you can give me some help or
    > suggestion:
    >
    > Our ISP as assigned us a 255.255.255.240 Subnet, so we have 13 addresses
    > which we can use (16 - 1 x Network, 1 x Broadcast and 1 x ISP's router)
    >
    > We use a Cisco 2651 with 2 FastEthernet interfaces, IOS 12.2
    >
    > The router should be the first device on the internal network, i.e. all
    > machines (even those with a public IP should be behind the router)
    >
    > The internal network should be one (physical) LAN
    >
    > We plan the following configuration:
    >
    > Network Address: a.b.c.96
    > Broadcast Address: a.b.c.111
    > Subnet Mask: 255.255.255.240
    >
    > ISP router's IP: a.b.c.97
    > Cisco 2651 IP on FastEthernet0/0 (FE0/0): a.b.c.99
    > IP used for NAT (PAT) Clients: a.b.c.100
    >
    > IP's used for 1:1 mapping for servers: a.b.c.101 ... 105 (servers will

    have
    > private IP's on the LAN)
    >
    > IP's used for direct-connected clients: a.b.c.106 ... 107 (these clients
    > will have public IP's)
    >
    > Here is a network plan:
    >
    > SDSL line to ISP
    > |
    > --------------
    > |ISP's router| a.b.c.97 (on both interfaces, configured as a brige)
    > --------------
    > |
    > |
    > | FE0/1 a.b.c.99
    > --------------
    > | Cisco 2651 | 2 FastEthernet interfaces
    > --------------
    > | FE0/0
    > |
    > |
    > -----------
    > | | |
    > | | |
    > | | -----------------------------
    > | | |
    > / | Direct-connected clients
    > / ------------------------ with public IP
    > NAT Clients | a.b.c.106 ... 107
    > 192.168.1.120 ... 150 Servers
    > will use 1 IP for NAT 192.168.1.21 ... 25
    > 1:1 mapping of pubic IP
    > to private IP
    >
    >
    > Which options (ways) are there to create this configuration without buying
    > an additional Interface for the Cisco router?
    >
    >
    > Thanks in advance
    >
    >
    > Best regards
    >
    > Alexej
     
    Ben, May 7, 2004
    #2
    1. Advertising

  3. Alexej Buchholz

    Guest Guest

    You might want to put in a FIREWALL and use NAT, or at least have some kind
    of security.

    "Ben" <> wrote in message
    news:TRDmc.24763$...
    > If you have a VLAN capable switch, simply configure 3 sub-interfaces on

    the
    > internal router interface and assign to a unique vlan. Then configure
    > routing between them as required.
    >
    > "Alexej Buchholz" <> wrote in message
    > news:...
    > > Hi,
    > >
    > > I've got the following situation and hope you can give me some help or
    > > suggestion:
    > >
    > > Our ISP as assigned us a 255.255.255.240 Subnet, so we have 13 addresses
    > > which we can use (16 - 1 x Network, 1 x Broadcast and 1 x ISP's router)
    > >
    > > We use a Cisco 2651 with 2 FastEthernet interfaces, IOS 12.2
    > >
    > > The router should be the first device on the internal network, i.e. all
    > > machines (even those with a public IP should be behind the router)
    > >
    > > The internal network should be one (physical) LAN
    > >
    > > We plan the following configuration:
    > >
    > > Network Address: a.b.c.96
    > > Broadcast Address: a.b.c.111
    > > Subnet Mask: 255.255.255.240
    > >
    > > ISP router's IP: a.b.c.97
    > > Cisco 2651 IP on FastEthernet0/0 (FE0/0): a.b.c.99
    > > IP used for NAT (PAT) Clients: a.b.c.100
    > >
    > > IP's used for 1:1 mapping for servers: a.b.c.101 ... 105 (servers will

    > have
    > > private IP's on the LAN)
    > >
    > > IP's used for direct-connected clients: a.b.c.106 ... 107 (these clients
    > > will have public IP's)
    > >
    > > Here is a network plan:
    > >
    > > SDSL line to ISP
    > > |
    > > --------------
    > > |ISP's router| a.b.c.97 (on both interfaces, configured as a

    brige)
    > > --------------
    > > |
    > > |
    > > | FE0/1 a.b.c.99
    > > --------------
    > > | Cisco 2651 | 2 FastEthernet interfaces
    > > --------------
    > > | FE0/0
    > > |
    > > |
    > > -----------
    > > | | |
    > > | | |
    > > | | -----------------------------
    > > | | |
    > > / | Direct-connected clients
    > > / ------------------------ with public IP
    > > NAT Clients | a.b.c.106 ... 107
    > > 192.168.1.120 ... 150 Servers
    > > will use 1 IP for NAT 192.168.1.21 ... 25
    > > 1:1 mapping of pubic IP
    > > to private IP
    > >
    > >
    > > Which options (ways) are there to create this configuration without

    buying
    > > an additional Interface for the Cisco router?
    > >
    > >
    > > Thanks in advance
    > >
    > >
    > > Best regards
    > >
    > > Alexej

    >
    >
     
    Guest, May 7, 2004
    #3
  4. I've forgotten to mention that the Cisco-router will also play the
    role of a firewall (packet-filtering)

    Anyway, is it possible to create such configuration with just two
    interfaces ?


    Best regards,


    Alexej Buchholz


    <RC> wrote in message news:<>...
    > You might want to put in a FIREWALL and use NAT, or at least have some kind
    > of security.
    >
    > "Ben" <> wrote in message
    > news:TRDmc.24763$...
    > > If you have a VLAN capable switch, simply configure 3 sub-interfaces on

    > the
    > > internal router interface and assign to a unique vlan. Then configure
    > > routing between them as required.
    > >
    > > "Alexej Buchholz" <> wrote in message
    > > news:...
    > > > Hi,
    > > >
    > > > I've got the following situation and hope you can give me some help or
    > > > suggestion:
    > > >
    > > > Our ISP as assigned us a 255.255.255.240 Subnet, so we have 13 addresses
    > > > which we can use (16 - 1 x Network, 1 x Broadcast and 1 x ISP's router)
    > > >
    > > > We use a Cisco 2651 with 2 FastEthernet interfaces, IOS 12.2
    > > >
    > > > The router should be the first device on the internal network, i.e. all
    > > > machines (even those with a public IP should be behind the router)
    > > >
    > > > The internal network should be one (physical) LAN
    > > >
    > > > We plan the following configuration:
    > > >
    > > > Network Address: a.b.c.96
    > > > Broadcast Address: a.b.c.111
    > > > Subnet Mask: 255.255.255.240
    > > >
    > > > ISP router's IP: a.b.c.97
    > > > Cisco 2651 IP on FastEthernet0/0 (FE0/0): a.b.c.99
    > > > IP used for NAT (PAT) Clients: a.b.c.100
    > > >
    > > > IP's used for 1:1 mapping for servers: a.b.c.101 ... 105 (servers will

    > have
    > > > private IP's on the LAN)
    > > >
    > > > IP's used for direct-connected clients: a.b.c.106 ... 107 (these clients
    > > > will have public IP's)
    > > >
    > > > Here is a network plan:
    > > >
    > > > SDSL line to ISP
    > > > |
    > > > --------------
    > > > |ISP's router| a.b.c.97 (on both interfaces, configured as a

    > brige)
    > > > --------------
    > > > |
    > > > |
    > > > | FE0/1 a.b.c.99
    > > > --------------
    > > > | Cisco 2651 | 2 FastEthernet interfaces
    > > > --------------
    > > > | FE0/0
    > > > |
    > > > |
    > > > -----------
    > > > | | |
    > > > | | |
    > > > | | -----------------------------
    > > > | | |
    > > > / | Direct-connected clients
    > > > / ------------------------ with public IP
    > > > NAT Clients | a.b.c.106 ... 107
    > > > 192.168.1.120 ... 150 Servers
    > > > will use 1 IP for NAT 192.168.1.21 ... 25
    > > > 1:1 mapping of pubic IP
    > > > to private IP
    > > >
    > > >
    > > > Which options (ways) are there to create this configuration without

    > buying
    > > > an additional Interface for the Cisco router?
    > > >
    > > >
    > > > Thanks in advance
    > > >
    > > >
    > > > Best regards
    > > >
    > > > Alexej

    > >
    > >
     
    Alexej Buchholz, May 10, 2004
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Mike

    internal to internal NAT?

    Mike, Apr 19, 2004, in forum: Cisco
    Replies:
    1
    Views:
    718
  2. Gianlu
    Replies:
    0
    Views:
    666
    Gianlu
    Jul 2, 2004
  3. Gianlu
    Replies:
    2
    Views:
    708
    Gianlu
    Jul 5, 2004
  4. EG
    Replies:
    5
    Views:
    8,317
    Walter Roberson
    Dec 30, 2004
  5. =?Utf-8?B?SWFuIEV2ZXJldHQ=?=

    Wireless LAN and Ethernet LAN in one XP machine

    =?Utf-8?B?SWFuIEV2ZXJldHQ=?=, Mar 9, 2006, in forum: Wireless Networking
    Replies:
    1
    Views:
    594
    Doug Sherman [MVP]
    Mar 9, 2006
Loading...

Share This Page