Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1583
Views
0
Helpful
3
Replies

857W - IRB, 1483 & NAT

Phillip Pacier
Level 1
Level 1

‎11-14-2010 10:14 PM - edited ‎03-04-2019 10:27 AM

Running a Cisco 857W on ADSL with 8 static IP addresses (7 sequential: 11.22.33.166-172 and also 11.22.33.99).  I need to do a combination of  static and dynamic NAT to accomplish my goals here.  What I cannot figure  out is where to apply certain settings.  BVI1 should be the internal  NAT, correct?  That seems fine, but what IP address do I assign for  ATM0, which would be the outside nat?  Or do I have it all wrong?

Example static NATs:

ip nat inside source static 192.168.16.100 11.22.33.166
ip nat inside source static 192.168.16.101 11.22.33.167
ip nat inside source static 192.168.16.102 11.22.33.168

Dynamic  NAT needs to route 11.22.33.99 WAN IP to every other address in the  192.168.16.0/24 block.  Posted below is my current working  configuration, with pure RFC-1483 bridging and DHCP handled by the  router.  Thanks for your help!

Router#show run
Building configuration...

Current configuration : 1442 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
clock timezone PST -8
clock summer-time PDT recurring
no ip routing
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.16.1 192.168.16.200
ip dhcp excluded-address 192.168.16.241 192.168.16.255
!
ip dhcp pool DHCPPOOL
   network 192.168.16.0 255.255.255.0
   dns-server 192.168.16.100
   default-router 192.168.16.100
!
!
no ip cef
!
!
!
!
!
!
bridge irb
!
!
interface ATM0
no ip address
no ip route-cache
no atm ilmi-keepalive
pvc 0/35
  encapsulation aal5snap
!
dsl operating-mode auto
bridge-group 1
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
no ip address
no ip route-cache
shutdown
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
!
interface Vlan1
no ip address
ip virtual-reassembly
no ip route-cache
bridge-group 1
bridge-group 1 spanning-disabled
!
interface BVI1
ip address 192.168.16.1 255.255.255.0
ip virtual-reassembly
!
!
no ip http server
no ip http secure-server
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
!
line con 0
no modem enable
line aux 0
line vty 0 4
login
!
scheduler max-task-time 5000
end

Labels:
0 Helpful
3 Replies 3

connect2world
Level 1
Level 1

‎11-14-2010 11:38 PM

You figure that BVI 1 should be internal , that is correct. For your external interface, if you have a external IP address , this should be configure on Dialer 0 interface.Do a no shut on your ATM 0 interface, this should bring up your Dialer 0 interface. Define some access list define for NAT and add some routing which I see is lacking in your config statement.I have a working example for your reference as to how a working config might look like:

interface Dot11Radio0
no ip address
no ip route-cache cef
no ip route-cache
!
encryption vlan 1 key 1 size 128bit 0 ?????????????? transmit-key
encryption vlan 1 mode wep mandatory

ssid  ??????

speed basic-1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no ip route-cache
no cdp enable
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding

interface ATM0
no ip address
no ip mroute-cache
no atm ilmi-keepalive
pvc 0/35
  encapsulation aal5mux ppp dialer
  dialer pool-member 1

interface Dialer0
ip address 11.22.33.99 255.255.255.0
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
no cdp enable
ppp authentication pap callin
ppp pap sent-username username@yourisp.com password ????

interface Vlan1
no ip address
bridge-group 1

interface BVI1
ip address 192.168.16.1 255.255.255.0

ip nat inside

ip nat inside source list nat-list interface Dialer0 overload

ip nat inside source static 192.168.16.100 11.22.33.166
ip nat inside source static 192.168.16.101 11.22.33.167
ip nat inside source static 192.168.16.102 11.22.33.168

ip access-list extended nat-list

permit ip 192.168.16.0   0.0.0.255  any

ip route 0.0.0.0 0.0.0.0 Dialer 0

dialer-list 1 protocol ip permit

0 Helpful

Phillip Pacier
Level 1
Level 1
In response to connect2world

‎11-15-2010 09:17 AM

Thank you for taking the time to reply.

Therein lies the confusion!  Why would i need a Dialer interface when I'm not using ppp?  My ADSL is a pure RFC1483 bridge.  So then would I assign the outside NAT and IP address directly to the ATM interface?  And if so, how do I account for the 8 static IP addresses coming across my bridge?  Can I assign more than one IP address to the ATM interface?

Thanks again for your help.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card