New to this - linking a private IP with public IP from SBC

Discussion in 'Cisco' started by rkarr, May 18, 2004.

  1. rkarr

    rkarr Guest

    I appreciate any help someone can give me.

    The site just recieved a T1 from SBC and was given a C1721. SBC set
    their side up and gave the range of IP's for the client to use.

    The router IP is 207.193.x.x to be used on E0. The range they gave us
    was in the upper subnet of 207.193.x.130 through 254. S0.1 was set up
    for the T1 and was already given the route and IP.

    The client has a private IP that they have to use on some equipment
    that we can not change the ip on. They need to be on 10.2.x.x with a
    subnet mask 255.0.0.0.

    I could set up the DHCP and have all the pc's see the private IP of
    10.2.x.x and they could see the equipment they needed, but could not
    get on the internet.

    I changed E0 to the private IP and same thing, as mentioned above.
    Then I realized that it wouldnt go out because of the gateway.

    So I have thought now that I need to create the secondary ip ( private
    10.2.x.x ) on E0, and set the DHCP up for the 207.x.x.x ip range.
    This would give all the PC's the 207.x.x.x ip and they will be able to
    get on the internet. However, how do I link the 10.x.x.x that is on
    E0.1.

    I need for the 207.x.x.x ip's (at the pc)to get on the internet, but
    still able to see the three boxes that are on the 10.2.x.x.

    My other issue - I cannot touch the three machines that are on the
    10.2.x.x. They belong to another company for financial data
    processing. But this site has to be able to reach these machines.
    This is a car dealership. If they cant reach those machines, they
    have to shut down the store.

    I set the router up with the basic configuration needed to get a pc up
    on the internet with a static ip. Worked great, I could see the
    internet. But this was the static ip of 207.x.x.x. I placed a
    netgear dsl router and connected the wan port ( netgear) to the EO
    port ( cisco ). I set the netgear with one of the static ip's given
    by sbc and turned on dhcp with the ip's needed for th private network.
    This worked great. Everyone could see the boxes they needed on the
    private ip and was able to get on the internet. Now i have
    intermitent problems of the internet going down. Think it is related
    to the netgear dsl router.

    I would like to take it off of the netgear and stay strictly with the
    Cisco 1721.

    I have just started studying cisco ( give or take about a month now ).
    I find it fascinating, but at the same time frustrating. ( lack of
    knowledge at this point ). So any help with possible CLI commands
    would be helpful.

    Thanks

    RKarr
     
    rkarr, May 18, 2004
    #1
    1. Advertisements

  2. rkarr

    Gordon Smith Guest

    Have a look on the Cisco website for details on setting up static NAT.
    In this case, all you need to do is statically NAT the 3 machines in
    question, and NAT the rest to the outside interface....
     
    Gordon Smith, May 18, 2004
    #2
    1. Advertisements

  3. rkarr

    rkarr Guest


    Every workstation there needs to access those machines for finances
    and those three machines do not go out to the internet.

    So.....see if this makes sense.

    Set up EO.1 with the ip of 10.x.x.x. Then NAT the three machines with
    the 10.x.x.x ip to E0.1.

    E0 has to be set up with the 207.x.x.x. and the DHCP for the
    workstations has to be 207.x.x.x.

    Even with setting up the 3 machines with the static NAT, how does that
    then translate so the other workstations go from E0 to E0.1 with
    different ip, sub, and gateway?
     
    rkarr, May 19, 2004
    #3
  4. rkarr

    Gordon Smith Guest

    From what you've said about e0 and e0.1, it doesn't make any sense.
    Are you running 802.1q from e0 into a switch?

    If not, do this:

    e0 is 10.x.x.x
    s0 is ISP assigned

    static nat the 3 machines to be accessable from outside
    dynamically nat the rest
    apply access rules to protect the network

    It would be worth your while getting someone in to set it up for you.
     
    Gordon Smith, May 20, 2004
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.