Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
559
Views
0
Helpful
2
Replies

CCENT requires urgent Cisco 857 no NAT Multiple Static IP configuration help

ian.stockbridge
Level 1
Level 1

‎05-08-2011 09:06 AM - edited ‎03-04-2019 12:19 PM

HI there,

I am fairly new to the Cisco world and aim to take my CCNA in the coming months.

I am now working with a customer who has several Cisco 857 (UK PPPOA ADSL over POTS)

The have sonicwall firewall VPN devices that needs to have one block of 8 static ip addreses from the ISP at each site.

The current configurations use the network address on the VLAN interface use Static NAT to a private IP address to connect to port 23 on the VLAN interface.  Why would you set up the router this way????

I thought that from a block of 8 IPs the first would be the network address the last the broadcas address, one  for the router (on the VLAN interface) leaves 5 usable for the hosts attached to the ethernet ports on the VLAN.

That is how I think it should set it up.  I see no need to use NAT in this situation.

I thought that it would be simpe enough to find an example of a NO NAT Multiple Static IP configuration for an 857.  However I have not yet found one.

Can anybody help a struggling newbie please?

Labels:
0 Helpful
2 Replies 2

John Blakley
VIP Alumni
VIP Alumni

‎05-11-2011 12:35 PM

I don't think I understand what you're looking for. NAT is used to allow multiple private side addresses to use a single public side address.

The current configurations use the network address on the VLAN interface use Static NAT to a private IP address to connect to port 23 on the VLAN interface.  Why would you set up the router this way????

The above was probably done to be able to telnet into the appliance/router. You don't want to have a "no NAT" scenario because then you'd have hosts that are live on the web with little to no protection. If you're looking to assign public addresses to hosts, it's best to do a one-to-one NAT instead.

To get a little more understanding, is the router in front or behind the Sonicwall? Which device does natting? You have to NAT if the other side doesn't know about your connected networks (either connected or routed for).

HTH,

John

HTH, John *** Please rate all useful posts ***
0 Helpful

ian.stockbridge
Level 1
Level 1
In response to John Blakley

‎05-11-2011 02:47 PM

Thanks for the response

The 857 sits in front of the sonic wall. The sonic wall takes care of nat and will have a public address on the wan interface. There may be further devices behind the 857 that also require public one of the IP addresses.

I realise that the router needs an IP address to be managed, My understanding was that you could not use the network address for a host IP address and the router is a host is it not?

If you wish to expose all ports on a public IP address, surely the simplest solution not just to route to the block of public IP addresses that you have been issued?

Does that clarify what I am trying to achieve?

Thanks in advance for any help.

Sent from my BlackBerry® wireless device

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card