DSL set up with public and private addresses.

dukenukem · ‎07-01-2005

Hi all,

I have already posted this, but it has disappeared.

This is the question.

My friend has a 800 series router connected to DSL through an Alcatel DSL modem, and has 5 public IP addresses he can use.

He wants to assign these addresses to some servers and PBXs, and he also wants to allow the 30 odd people at his office to access the internet (private addresses).

What would be the best solution, to be able to use the 5 public addresss and also private addressing using NAT on one of the public ip addresses,for accessing the internet.

Can he use 2 ip addresses on the LAN interface (public and private) and then configure the users accordingly with IP and default GW.

I am not sure how is the best way to tackle this .

can you please suggest solutions??

Thanks,

George

amit-singh · ‎07-01-2005

George,

How many ethernet ports does that router has. What he can do is connect DSL modem to one of the interface and assign it a public IP. Assign a public IP on the other interface (make sure that this IP is diff from the first public interface).Now he can hangoff the servers and PBX on this public interface. On the thrid interface he can have NAT configured for the Prvate Ip users.

regards,

-amit singh

Richard Burts · ‎07-01-2005

George

I am assuming that he will need to use one of these public addresses on the outside inteface of the router. If he is using one address on the outside interface then the only way that he can use other addresses on the inside interface or directly on servers on the inside LAN would be if the addresses from the ISP were not in a contiguous block (which is very unlikely).

My suggestion would be to use one address on the outside interface, configure static NAT giving the servers other of the public addresses, and do dynamic NAT overload to NAT the PCs on the inside LAN.

HTH

Rick

HTH

Rick

dukenukem · ‎07-01-2005

Hi Rick,

Thanks both for your replies. I understand how to go about sorting this with 3 interfaces.

I think their router (thats what i have been told and understood) has two Eth interfaces. E1 connects to DSL modem, and E0 is the on ethat has 4 ports (switch) i suspect. (never used this models before)

Is it possible, to do this :

connect E1 normally to DSL modem, and assign it a public IP Addres.

On E0 (with switch) can i create 2 VLANS. Assign 2 IPs on E0 (public IP, and Private) and configure Dynamic NAT for the VLAN with private addressing (WIll this work ????)

or:

Can i create 2 subinterfaces on Eo (like on serial interfaces for FR etc), assign the public ip on the first subinterface and the private IP on the other subinterface and use NAT appropriately as if there were 2 physical interfaces ????

I would like to know if this is possible (even if my scenarios are a bit weird)

Thanks again,

George

Richard Burts · ‎07-01-2005

George

Perhaps I was a bit indirect and not real clear in my previous response. So let me try again.

I am assuming that the 5 public addresses are in a contiguous block (x.x.x.1, .2, .3, .4, and .5) as they usually are when the ISP assigns addresses. When you assign .1 to the E1 for connecting to the DSL modem, it assigns a subnet to that interface. The IOS will not allow you to configure other addresses in that subnet on other LAN interfaces on the router.

If they are not in a contiguous block the alternatives of what to do are different. But I believe it is highly likely that they are in a contiguous block so you can not use another public address on the E0 interface. Perhaps you can clarify what the addresses are.

As I previously suggested I believe that the best solution is to put one of the public IPs on the E1 interface, to configure static NAT so that the servers, PBXs, and whatever will get translated to fixed public addresses using the other 4 addresses, and to configure NAT so that the PCs on the inside LAN get translated to the address assigned to E1.

HTH

Rick

HTH

Rick