Simple Ethernet to Ethernet setup (cisco 1605R) But I can't get it to work.

I am trying to replace a netgear router which has a very simple setup with a
cisco 1605 router. (I have to reboot the netgear every day)

My setup with netgear (Which works):
Cable coming in from Time Warner connects to Time Warners router
LAN port from the Time Warner Router connected to WAN port on netgear
LAN port on netgear connected to my hub.

IP of netgear router: XX.XX.XX.54 subnet 255.255.255.252
Gateway:xx.xx.xx.53 (This is the cable router)
LAN IP of netgear router 192.168.0.1

I bought a 1605 because it has 2 ethernet ports so my plan was have
Ethernet0 connect to my LAN and Ethernet1 connect to the Internet.

under config of Ethernet0 I tried to add:
ip address xx.xx.xx.54 255.255.255.252 secondary
and get the error:
ip address xx.xx.xx.54 255.255.255.252
xx.xx.xx.52 overlaps with Ethernet1

If I change the subnet to 255.255.255.254
I get the error:
ip address xx.xx.xx.54 255.255.255.254
Bad mask /31 for address xx.xx.xx.54


I only have on static ip address: xx.xx.xx.54, the xx.xx.xx.53 is Time
warners cable modem.

Does any one have any ideas of what I should try? The key to me is that it
does not like xx.xx.xx.52 which is NOT one of the numbers I typed in. So it
must have something to do with the subnet mask. But I don't know what. I
took most of this from a working T1 (1601R) and substituted Ethernet1 for
Serial0.

Thanks in advance,
Rob


hostname cisco1605
!
ip subnet-zero
no ip finger
!
interface Ethernet0
description connected to LAN
ip address 192.168.0.2 255.255.255.0
ip nat inside
!
interface Ethernet1
description connected to Internet
ip address xx.xx.xx.53 255.255.255.252
ip nat outside
!
router rip
version 2
passive-interface Ethernet1
network 192.16.0.0
no auto-summary
!
ip classless
ip route 0.0.0.0 0.0.0.0 Ethernet1
no ip http server
!
!
line con 0
transport input none
line vty 0 4
login
!
end

 

Why are you creating a secondary interface? Are you using a real public IP
or is this a private IP address on the outside interface?

 

Networking is not what I do for a living (I am one of the programmers here)
So I am not sure what you are asking.

I want the router to have both a static public IP address that can be
accessed by the outside world, and an inside (192.xxx) number for us inside.
Once I get this working I will add port forwarding to send any thing that
comes in on port 25 to our mail server, and anything on 1433 to our MS-SQL
server.

Did this answer the question?

 

Not really. Try entering the IP address on the outside interface but do NOT
put seconadary on the end of it and make sure that the /30 range that you
are configuring is not part of any network on any other interface.

interface eth0
ip address x.x.x.53 255.255.255.252
no shut
!
ip route 0.0.0.0 0.0.0.0 x.x.x.54

Chris.

 

You don't want to do this. Each interface gets one address, you will then
use NAT to translate from the 192.168.x.x network to your real IP address.
The 52 is refering to the network address.

xx.xx.xx.52 - Network address
xx.xx.xx.53 - Host 1
xx.xx.xx.54 - Host 2
xx.xx.xx.55 - Broadcast address

255.255.255.254 is a network that cannot have any hosts. It would only have
a network address and a broadcast address, pretty useless.

xx.xx.xx.54 - Network address
xx.xx.xx.55 - Broadcast address

No room for hosts there...

What you have in the config portion is close. You need to define NAT next.
First you will need to define which hosts or networks will be allowed to be
NATed with an access-list. something like this...

router(config)#access-list 5 permit 192.168.0.0
router(config)#access-list 5 permit 192.168.1.0

....assuming you are using the old classfull networks, which you may or may
not be since you are using RIPv2 which allows for variable length subnet
masks (VLSM). If you are using VLSM you will need to look into wildcard
masks in access-lists.

After you define who can be NATed, you need to setup the NAT.

router(config)#ip nat inside source list 1 interface e0 overload

If I remember right, that should do it.

One word of advice though...a 1605 isn't exactly the fastest router on
earth. If I were you I would go with a PIX 501 or 506e. It's more secure
and it's tons faster. The config is a bear if you don't have PIX
experience, but there is a GUI that is somewhat helpful. There are also
other SOHO class firewalls out there that will do a better job than a 1600
series router.

 

Thanks for you help,

I kept the Ethernet1 (outside) as:

interface Ethernet1
description connected to Internet
ip address 70.61.34.53 255.255.255.252
ip nat outside

Is that correct?

I still get:
ip address 70.61.34.54 255.255.255.252 70.61.34.52 overlaps with
Ethernet0

You did mean 54 for E0, right? (i tried it both ways)

I didn't get this far because the E0 failure above.

 

Thanks for you help,

Close but I am still confused as what to do. What would seem right to me is:
interface Ethernet0
ip address 70.61.34.54 255.255.255.252
!
interface Ethernet1
ip address 70.61.34.53 255.255.255.252
!
But I can not enter this because of the error message:
ip address 70.61.34.54 255.255.255.252 70.61.34.52 overlaps with Ethernet1

What specifically should I put in E0 and E1?

I guess I was planning to get the NAT working after I could at least get
connected to the Internet.

 

Gah! Why are you putting the same network on both Eth0 and Eth1 interfaces.
I thought that you said that the Cisco is just replacing the Netgear and
connecting to the Time Warner router?

"IP of netgear router: XX.XX.XX.54 subnet 255.255.255.252
Gateway:xx.xx.xx.53 (This is the cable router)"

So, you have <Time Warner> ---- <Cisco Router > --- LAN. Yes?

The Time Warner router will have 70.61.34.53 /30 on it's interface that
connects to the Cisco and the Cisco Eth1 will have 70.61.34.54 /30. Eth0
will then have an RFC1918 address range such as 192.168.10.1 /24 or
something similar. What you are trying to do is configure two interfaces
with the same IP range,

"Close but I am still confused as what to do. What would seem right to me
is:

No! If your Time Warner router has 70.61.34.53 then you can't also configure
it on the Cisco. You should have;

< Time Warner - 70.61.34.53 /30> ----< 70.61.34.54 /30 - Cisco -
192.168.10.1 /24> --- LAN

!
interface eth1
ip address 70.61.34.54 255.255.255.252
ip nat outside
!
interface eth0
ip address 192.168.10.1 255.255.255.0
ip nat inside
!
# set up NAT for the LAN clients
ip nat inside source list 120 pool NAT-POOL overload
ip nat pool NAT-POOL 70.61.34.54 70.61.34.54 netmask 255.255.255.252
!
# match traffic that is to be NATed
access-list 120 permit ip 192.168.10.0 0.0.0.255 any
!
# send all traffic destined for the outside to the Time Warner router
ip route 0.0.0.0 0.0.0.0 70.61.34.53

Chris.

 

You have to get NAT working BEFORE you can connect to the internet. That's
pretty much all the Netgear box was doing.

Eth1 and Eth0 MUST be on different networks. That's what a router does,
connects networks together. 192.168.0.1 mask 255.255.255.0 for one
interface, xx.xx.xx.54 mask 255.255.255.252 for the other. make sure IP
routing is enabled. Configure NAT. Set the static default route
(redistribute into RIP if you need to) and have a blast.