Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3179
Views
3
Helpful
17
Replies

Cisco 1811 router

junshah22
Level 1
Level 1

‎05-19-2009 10:45 PM - edited ‎03-04-2019 04:49 AM

Dear All,

I want to use my cisco 1811 router, it has 2 fastethernet ports and 8 L2 ports,

I want to configure it for using 2 internet connections simultaneously,

I am unable to configure IP and NAT on L2 interfaces,

Please tell me, Is NAT capability builtin in the router for L2 interfaces??

How can I connect my internal network with L2 interface?

Regards,

Junaid

Labels:
0 Helpful
17 Replies 17

Richard Burts
Hall of Fame
Hall of Fame
In response to junshah22

‎05-29-2009 04:06 AM

Junaid

When you add the second default route you are instructing the router to try to load share. I did not think that you wanted to load share. I thought that you wanted to have a primary Internet link and to use the second interface only for VPN and Exchange traffic.

If you want to use the second interface as a failover in case of problems with the primary connection then you need to make the second static default route be a floating static default route. Perhaps something like:

ip route 0.0.0.0 0.0.0.0 55.55.55.55 250

HTH

Rick

HTH

Rick
0 Helpful

junshah22
Level 1
Level 1
In response to Richard Burts

‎05-30-2009 12:20 AM

Rick,

I have to overload to send the traffic over the internet, like

access-list 160 permit ip any any

access-list 160 permit tcp any any

ip nat inside source list 160 interface fastethernet 0 overload

By applying above three commands, my first link (for general internet access) comes UP

To up the second interface, I must use NAT (which traffic will be overloaded)

In this case, what ACL should I make to allow only VPN traffic,

As you wrote in your second last post, to make a policy for isakmp,

Secondly, I need to configure a route towards second internet link and that will maybe default,

0.0.0.0 0.0.0.0 55.55.55.55

If i mention AD in the last of static default route, as you said, it will work as a fail-over link,

But I need to run the both links at the same time, one for General Internet and one for VPN,

Regards,

Junaid

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to junshah22

‎05-30-2009 08:29 AM

Junaid

As I tried to explain in my previous post, if you configure a static default route like this using 55.55.55.55 then you have enabled using this for general internet traffic. And you have said that this is not what you want to do. So why do you insist on configuring this static default route instead of making it a floating static default route as I suggested?

You do not need a default route for the VPN traffic to work. The local policy based routing will send the traffic through the second interface without needing a default route.

I do not see why the VPN traffic would need to be NATed since the source address of the VPN packet will be the outside interface address of the router. For the Exchange traffic you probably do need to NAT it. So you would need an access list that identified the Exhange traffic.

HTH

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card