Simple Ethernet to Ethernet setup (cisco 1605R) But I can't get it to work.

Discussion in 'Cisco' started by rob, Jul 7, 2005.

  1. rob

    rob Guest

    I am trying to replace a netgear router which has a very simple setup with a
    cisco 1605 router. (I have to reboot the netgear every day)

    My setup with netgear (Which works):
    Cable coming in from Time Warner connects to Time Warners router
    LAN port from the Time Warner Router connected to WAN port on netgear
    LAN port on netgear connected to my hub.

    IP of netgear router: XX.XX.XX.54 subnet 255.255.255.252
    Gateway:xx.xx.xx.53 (This is the cable router)
    LAN IP of netgear router 192.168.0.1

    I bought a 1605 because it has 2 ethernet ports so my plan was have
    Ethernet0 connect to my LAN and Ethernet1 connect to the Internet.

    under config of Ethernet0 I tried to add:
    ip address xx.xx.xx.54 255.255.255.252 secondary
    and get the error:
    ip address xx.xx.xx.54 255.255.255.252
    xx.xx.xx.52 overlaps with Ethernet1

    If I change the subnet to 255.255.255.254
    I get the error:
    ip address xx.xx.xx.54 255.255.255.254
    Bad mask /31 for address xx.xx.xx.54


    I only have on static ip address: xx.xx.xx.54, the xx.xx.xx.53 is Time
    warners cable modem.

    Does any one have any ideas of what I should try? The key to me is that it
    does not like xx.xx.xx.52 which is NOT one of the numbers I typed in. So it
    must have something to do with the subnet mask. But I don't know what. I
    took most of this from a working T1 (1601R) and substituted Ethernet1 for
    Serial0.

    Thanks in advance,
    Rob


    hostname cisco1605
    !
    ip subnet-zero
    no ip finger
    !
    interface Ethernet0
    description connected to LAN
    ip address 192.168.0.2 255.255.255.0
    ip nat inside
    !
    interface Ethernet1
    description connected to Internet
    ip address xx.xx.xx.53 255.255.255.252
    ip nat outside
    !
    router rip
    version 2
    passive-interface Ethernet1
    network 192.16.0.0
    no auto-summary
    !
    ip classless
    ip route 0.0.0.0 0.0.0.0 Ethernet1
    no ip http server
    !
    !
    line con 0
    transport input none
    line vty 0 4
    login
    !
    end
    rob, Jul 7, 2005
    #1
    1. Advertising

  2. rob

    Chris Guest

    "rob" <> wrote in message
    news:7cdze.241$...
    >I am trying to replace a netgear router which has a very simple setup with
    >a cisco 1605 router. (I have to reboot the netgear every day)
    >
    > My setup with netgear (Which works):
    > Cable coming in from Time Warner connects to Time Warners router
    > LAN port from the Time Warner Router connected to WAN port on netgear
    > LAN port on netgear connected to my hub.
    >
    > IP of netgear router: XX.XX.XX.54 subnet 255.255.255.252
    > Gateway:xx.xx.xx.53 (This is the cable router)
    > LAN IP of netgear router 192.168.0.1
    >
    > I bought a 1605 because it has 2 ethernet ports so my plan was have
    > Ethernet0 connect to my LAN and Ethernet1 connect to the Internet.
    >
    > under config of Ethernet0 I tried to add:
    > ip address xx.xx.xx.54 255.255.255.252 secondary
    > and get the error:
    > ip address xx.xx.xx.54 255.255.255.252
    > xx.xx.xx.52 overlaps with Ethernet1
    >


    Why are you creating a secondary interface? Are you using a real public IP
    or is this a private IP address on the outside interface?
    Chris, Jul 7, 2005
    #2
    1. Advertising

  3. rob

    rob Guest

    Networking is not what I do for a living (I am one of the programmers here)
    So I am not sure what you are asking.

    I want the router to have both a static public IP address that can be
    accessed by the outside world, and an inside (192.xxx) number for us inside.
    Once I get this working I will add port forwarding to send any thing that
    comes in on port 25 to our mail server, and anything on 1433 to our MS-SQL
    server.

    Did this answer the question?

    "Chris" <chris@nospam> wrote in message
    news:...
    > Why are you creating a secondary interface? Are you using a real public IP
    > or is this a private IP address on the outside interface?
    >
    rob, Jul 7, 2005
    #3
  4. rob

    Chris Guest

    "rob" <> wrote in message
    news:pzeze.253$...
    > Networking is not what I do for a living (I am one of the programmers
    > here) So I am not sure what you are asking.
    >
    > I want the router to have both a static public IP address that can be
    > accessed by the outside world, and an inside (192.xxx) number for us
    > inside. Once I get this working I will add port forwarding to send any
    > thing that comes in on port 25 to our mail server, and anything on 1433 to
    > our MS-SQL server.
    >
    > Did this answer the question?
    >


    Not really. Try entering the IP address on the outside interface but do NOT
    put seconadary on the end of it and make sure that the /30 range that you
    are configuring is not part of any network on any other interface.

    interface eth0
    ip address x.x.x.53 255.255.255.252
    no shut
    !
    ip route 0.0.0.0 0.0.0.0 x.x.x.54

    Chris.
    Chris, Jul 7, 2005
    #4
  5. rob

    Wayne Guest

    "rob" <> wrote in message
    news:7cdze.241$...
    >I am trying to replace a netgear router which has a very simple setup with
    >a cisco 1605 router. (I have to reboot the netgear every day)
    >
    > My setup with netgear (Which works):
    > Cable coming in from Time Warner connects to Time Warners router
    > LAN port from the Time Warner Router connected to WAN port on netgear
    > LAN port on netgear connected to my hub.
    >
    > IP of netgear router: XX.XX.XX.54 subnet 255.255.255.252
    > Gateway:xx.xx.xx.53 (This is the cable router)
    > LAN IP of netgear router 192.168.0.1
    >
    > I bought a 1605 because it has 2 ethernet ports so my plan was have
    > Ethernet0 connect to my LAN and Ethernet1 connect to the Internet.
    >
    > under config of Ethernet0 I tried to add:
    > ip address xx.xx.xx.54 255.255.255.252 secondary
    > and get the error:
    > ip address xx.xx.xx.54 255.255.255.252
    > xx.xx.xx.52 overlaps with Ethernet1


    You don't want to do this. Each interface gets one address, you will then
    use NAT to translate from the 192.168.x.x network to your real IP address.
    The 52 is refering to the network address.

    xx.xx.xx.52 - Network address
    xx.xx.xx.53 - Host 1
    xx.xx.xx.54 - Host 2
    xx.xx.xx.55 - Broadcast address

    > If I change the subnet to 255.255.255.254
    > I get the error:
    > ip address xx.xx.xx.54 255.255.255.254
    > Bad mask /31 for address xx.xx.xx.54


    255.255.255.254 is a network that cannot have any hosts. It would only have
    a network address and a broadcast address, pretty useless.

    xx.xx.xx.54 - Network address
    xx.xx.xx.55 - Broadcast address

    No room for hosts there...

    > I only have on static ip address: xx.xx.xx.54, the xx.xx.xx.53 is Time
    > warners cable modem.
    >
    > Does any one have any ideas of what I should try? The key to me is that it
    > does not like xx.xx.xx.52 which is NOT one of the numbers I typed in. So
    > it must have something to do with the subnet mask. But I don't know what.
    > I took most of this from a working T1 (1601R) and substituted Ethernet1
    > for Serial0.
    >
    > Thanks in advance,
    > Rob
    >
    >
    > hostname cisco1605
    > !
    > ip subnet-zero
    > no ip finger
    > !
    > interface Ethernet0
    > description connected to LAN
    > ip address 192.168.0.2 255.255.255.0
    > ip nat inside
    > !
    > interface Ethernet1
    > description connected to Internet
    > ip address xx.xx.xx.53 255.255.255.252
    > ip nat outside
    > !
    > router rip
    > version 2
    > passive-interface Ethernet1
    > network 192.16.0.0
    > no auto-summary
    > !
    > ip classless
    > ip route 0.0.0.0 0.0.0.0 Ethernet1
    > no ip http server
    > !
    > !
    > line con 0
    > transport input none
    > line vty 0 4
    > login
    > !
    > end
    >
    >
    >


    What you have in the config portion is close. You need to define NAT next.
    First you will need to define which hosts or networks will be allowed to be
    NATed with an access-list. something like this...

    router(config)#access-list 5 permit 192.168.0.0
    router(config)#access-list 5 permit 192.168.1.0

    ....assuming you are using the old classfull networks, which you may or may
    not be since you are using RIPv2 which allows for variable length subnet
    masks (VLSM). If you are using VLSM you will need to look into wildcard
    masks in access-lists.

    After you define who can be NATed, you need to setup the NAT.

    router(config)#ip nat inside source list 1 interface e0 overload

    If I remember right, that should do it.

    One word of advice though...a 1605 isn't exactly the fastest router on
    earth. If I were you I would go with a PIX 501 or 506e. It's more secure
    and it's tons faster. The config is a bear if you don't have PIX
    experience, but there is a GUI that is somewhat helpful. There are also
    other SOHO class firewalls out there that will do a better job than a 1600
    series router.
    Wayne, Jul 7, 2005
    #5
  6. rob

    rob Guest

    Thanks for you help,


    > Not really. Try entering the IP address on the outside interface but do
    > NOT put seconadary on the end of it and make sure that the /30 range that
    > you are configuring is not part of any network on any other interface.


    I kept the Ethernet1 (outside) as:

    interface Ethernet1
    description connected to Internet
    ip address 70.61.34.53 255.255.255.252
    ip nat outside

    Is that correct?

    >
    > interface eth0
    > ip address x.x.x.53 255.255.255.252
    > no shut

    I still get:
    ip address 70.61.34.54 255.255.255.252 70.61.34.52 overlaps with
    Ethernet0

    You did mean 54 for E0, right? (i tried it both ways)
    > !
    > ip route 0.0.0.0 0.0.0.0 x.x.x.54

    I didn't get this far because the E0 failure above.
    >
    > Chris.
    >
    rob, Jul 8, 2005
    #6
  7. rob

    rob Guest

    Thanks for you help,

    > You don't want to do this. Each interface gets one address, you will then
    > use NAT to translate from the 192.168.x.x network to your real IP address.
    > The 52 is refering to the network address.
    >
    > xx.xx.xx.52 - Network address
    > xx.xx.xx.53 - Host 1
    > xx.xx.xx.54 - Host 2
    > xx.xx.xx.55 - Broadcast address
    >
    > What you have in the config portion is close.


    Close but I am still confused as what to do. What would seem right to me is:
    interface Ethernet0
    ip address 70.61.34.54 255.255.255.252
    !
    interface Ethernet1
    ip address 70.61.34.53 255.255.255.252
    !
    But I can not enter this because of the error message:
    ip address 70.61.34.54 255.255.255.252 70.61.34.52 overlaps with Ethernet1

    What specifically should I put in E0 and E1?

    >You need to define NAT next.

    I guess I was planning to get the NAT working after I could at least get
    connected to the Internet.
    rob, Jul 8, 2005
    #7
  8. rob

    Chris Guest


    > Close but I am still confused as what to do. What would seem right to me
    > is:
    > interface Ethernet0
    > ip address 70.61.34.54 255.255.255.252
    > !
    > interface Ethernet1
    > ip address 70.61.34.53 255.255.255.252
    > !
    > But I can not enter this because of the error message:
    > ip address 70.61.34.54 255.255.255.252 70.61.34.52 overlaps with Ethernet1
    >
    > What specifically should I put in E0 and E1?
    >
    >>You need to define NAT next.

    > I guess I was planning to get the NAT working after I could at least get
    > connected to the Internet.
    >


    Gah! Why are you putting the same network on both Eth0 and Eth1 interfaces.
    I thought that you said that the Cisco is just replacing the Netgear and
    connecting to the Time Warner router?

    "IP of netgear router: XX.XX.XX.54 subnet 255.255.255.252
    Gateway:xx.xx.xx.53 (This is the cable router)"

    So, you have <Time Warner> ---- <Cisco Router > --- LAN. Yes?

    The Time Warner router will have 70.61.34.53 /30 on it's interface that
    connects to the Cisco and the Cisco Eth1 will have 70.61.34.54 /30. Eth0
    will then have an RFC1918 address range such as 192.168.10.1 /24 or
    something similar. What you are trying to do is configure two interfaces
    with the same IP range,

    "Close but I am still confused as what to do. What would seem right to me
    is:
    > interface Ethernet0
    > ip address 70.61.34.54 255.255.255.252
    > !
    > interface Ethernet1
    > ip address 70.61.34.53 255.255.255.252"


    No! If your Time Warner router has 70.61.34.53 then you can't also configure
    it on the Cisco. You should have;

    < Time Warner - 70.61.34.53 /30> ----< 70.61.34.54 /30 - Cisco -
    192.168.10.1 /24> --- LAN

    !
    interface eth1
    ip address 70.61.34.54 255.255.255.252
    ip nat outside
    !
    interface eth0
    ip address 192.168.10.1 255.255.255.0
    ip nat inside
    !
    # set up NAT for the LAN clients
    ip nat inside source list 120 pool NAT-POOL overload
    ip nat pool NAT-POOL 70.61.34.54 70.61.34.54 netmask 255.255.255.252
    !
    # match traffic that is to be NATed
    access-list 120 permit ip 192.168.10.0 0.0.0.255 any
    !
    # send all traffic destined for the outside to the Time Warner router
    ip route 0.0.0.0 0.0.0.0 70.61.34.53

    Chris.
    Chris, Jul 8, 2005
    #8
  9. rob

    Wayne Guest

    "rob" <> wrote in message
    news:Dbyze.2045$...
    > I guess I was planning to get the NAT working after I could at least get
    > connected to the Internet.
    >
    >


    You have to get NAT working BEFORE you can connect to the internet. That's
    pretty much all the Netgear box was doing.

    Eth1 and Eth0 MUST be on different networks. That's what a router does,
    connects networks together. 192.168.0.1 mask 255.255.255.0 for one
    interface, xx.xx.xx.54 mask 255.255.255.252 for the other. make sure IP
    routing is enabled. Configure NAT. Set the static default route
    (redistribute into RIP if you need to) and have a blast.
    Wayne, Jul 9, 2005
    #9
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Hugh William Collier-Byrd

    Cisco 1605R PPPoE ADSL Troubles

    Hugh William Collier-Byrd, Jul 17, 2003, in forum: Cisco
    Replies:
    3
    Views:
    3,016
    Hugh William Collier-Byrd
    Jul 21, 2003
  2. Peter
    Replies:
    2
    Views:
    1,017
  3. Jaap Hubert
    Replies:
    3
    Views:
    2,949
    Walter Roberson
    Jan 18, 2005
  4. td
    Replies:
    9
    Views:
    4,970
    James Schnack
    Apr 24, 2006
  5. Jeff Patton
    Replies:
    2
    Views:
    4,140
    Martin Gallagher
    Sep 19, 2006
Loading...

Share This Page