Hi,

Hi there, I am a new member here. Here is a question I have maybe one of you Cisco geniuses could shed some light.

Let me first explain:

• What I want to achieve
  
• The Cisco device have
  
• What I configuration I am doing
  
• The problem I am having
  

Internet connection is BT Business (PPOA) ADSL Fixed IP

I would like to have a network with a DMZ and a corporate LAN.

I would like to segment the DMZ and Corp LAN at layer2 (using VLANs).

The DMZ is to be unfiltered internet, and the corp LAN filtered, but allowing Traffic for our mail server.

The Cisco Device I have purchased is a Cisco 877W with the advanced IP services IOS

**See the show version command below** & **sh run**

The way I am configuring the 877W is as follows:

Creating 2 SVI’s VLAN 10 & 20

10 with an ip of 192.168.211.254/24 & 20 with an ip of 192.168.2.254/24

10 with a DHCP pool

20 without a DHCP pool

I still have not figured how these devices on the different interfaces will then communicate to the dialer…

I would like to associate the interface Dot11Radio0 with the DMZ VLAN 10

Lets worry about the above, when I solve my next problem…

I have a very strange situation on my hands, for some reason when I connect my pc up to any one of the fa ports apart from fa0 native VLAN, I can’t ping the SVI’s. Yes the NIC on my pc would be on the correct network, Say 192.168.211.1/24 for VLAN10 and 192.168.2.1/24 for VLAN 20.

Also I also tried creating subinterfaces (router on a stick) on this router but I am not able to?...

And why is it that sh vlans gives me this output?

SilkR1#sh vlans

No Virtual LANs configured.

SilkR1#sh vlan-switch

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------

1 default active Fa0

10 VLAN0010 active Fa1

20 VLAN0020 active Fa2, Fa3

1002 fddi-default act/unsup

1003 token-ring-default act/unsup

1004 fddinet-default act/unsup

1005 trnet-default act/unsup

**sh version output**

SilkR1#sh version

Cisco IOS Software, C870 Software (C870-ADVIPSERVICESK9-M), Version 15.1(4)M2, R

ELEASE SOFTWARE (fc1)

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 1986-2011 by Cisco Systems, Inc.

Compiled Tue 27-Sep-11 00:18 by prod_rel_team

ROM: System Bootstrap, Version 12.3(8r)YI4, RELEASE SOFTWARE

SilkR1 uptime is 10 hours, 36 minutes

System returned to ROM by reload

System image file is "flash:c870-advipservicesk9-mz.151-4.M2.bin"

Last reload reason: Reload Command

This product contains cryptographic features and is subject to United

States and local country laws governing import, export, transfer and

use. Delivery of Cisco cryptographic products does not imply

third-party authority to import, export, distribute or use encryption.

Importers, exporters, distributors and users are responsible for

compliance with U.S. and local country laws. By using this product you

agree to comply with applicable laws and regulations. If you are unable

to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:

http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to

export@cisco.com.

Cisco 877W (MPC8272) processor (revision 4.0) with 118784K/12288K bytes of memor

y.

Processor board ID FCZ131790GF

MPC8272 CPU Rev: Part Number 0xC, Mask Number 0x10

4 FastEthernet interfaces

1 ATM interface

1 Virtual Private Network (VPN) Module

1 802.11 Radio

128K bytes of non-volatile configuration memory.

28672K bytes of processor board System flash (Intel Strataflash)

**sh run**

SilkR1# sh run

Building configuration...

Current configuration : 3509 bytes

!

! Last configuration change at 01:35:37 UTC Fri Mar 1 2002

version 15.1

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname SilkR1

!

boot-start-marker

boot-end-marker

!

!

no logging buffered

!

no aaa new-model

!

crypto pki token default removal timeout 0

!

crypto pki trustpoint TP-self-signed-973792425

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-973792425

revocation-check none

rsakeypair TP-self-signed-973792425

!

!

crypto pki certificate chain TP-self-signed-973792425

certificate self-signed 01

3082023C 308201A5 A0030201 02020101 300D0609 2A864886 F70D0101 04050030

30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274

69666963 6174652D 39373337 39323432 35301E17 0D303230 33303130 30353634

365A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F

532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3937 33373932

34323530 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100

B52C9DE7 235772EA 431677C2 CF039053 1E364F2A DFCFFFE4 8768465C 702D8159

085590B1 E65C012D A5E1D112 638354DB B08286B6 8F332C93 CE5036FF DE80153C

7934200B 9F1D9616 CF73C8BE 604EF9E3 121D03DA 44CCE9FF F76330C3 29C480E2

539E5458 3D86B0BA 121B1EA6 4F106A9A A2FAF083 68D0DF43 309E27B3 0A8FC8E5

02030100 01A36630 64300F06 03551D13 0101FF04 05300301 01FF3011 0603551D

11040A30 08820652 6F757465 72301F06 03551D23 04183016 80149842 AAB3CC85

0E9F4926 49198092 3D750A1C 1820301D 0603551D 0E041604 149842AA B3CC850E

9F492649 1980923D 750A1C18 20300D06 092A8648 86F70D01 01040500 03818100

04BEF220 E5807E3A 05199556 E1E86A71 FF9A2CC0 641DCF37 5E2E258B 87F22789

5B698619 49998457 2BF36EE6 B798B3D5 E7D94208 4404B210 5F269A86 0AFA7B03

A7DD6E69 0845173B 7ED6883E EDCC09B6 C396740A 31B2D020 E6AD54CC 3E8F73DC

E79DCF53 868A8A4D BD064613 E2ED6AEC 91DC1E2C 1AEDF0D7 1B0F3F35 7B8DCE2D

quit

dot11 syslog

ip source-route

!

!

no ip dhcp use vrf connected

ip dhcp excluded-address 192.168.211.1 192.168.211.99

ip dhcp excluded-address 192.168.211.201 192.168.211.254

!

ip dhcp pool sdm-pool1

network 192.168.211.0 255.255.255.0

default-router 192.168.211.254

!

!

!

ip cef

no ipv6 cef

!

multilink bundle-name authenticated

!

!

!

archive

log config

hidekeys

username james privilege 15 password 0 cisco

!

!

!

!

!

!

!

!

!

interface ATM0

no ip address

shutdown

no atm ilmi-keepalive

!

interface FastEthernet0

switchport trunk native vlan 99

switchport mode trunk

no ip address

!

interface FastEthernet1

description DMZ Interface

switchport access vlan 10

no ip address

!

interface FastEthernet2

description Corporate Interface

switchport access vlan 20

no ip address

!

interface FastEthernet3

description Corporate Interface

switchport access vlan 20

no ip address

!

interface Dot11Radio0

no ip address

shutdown

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0

54.0

station-role root

!

interface Vlan1

ip address 10.0.0.1 255.255.255.0

!

interface Vlan10

description DMZ Vlan

ip address 192.168.211.254 255.255.255.0

!

interface Vlan20

description Corporate Vlan

ip address 192.168.2.254 255.255.255.0

!

interface Vlan99

no ip address

!

ip forward-protocol nd

ip http server

ip http authentication local

ip http secure-server

!

!

!

!

!

!

!

!

control-plane

!

!

line con 0

no modem enable

line aux 0

line vty 0 4

login

transport input all

!

scheduler max-task-time 5000

end