[c-nsp] 827 router as 'DMZ'

Dan dan at technc.com
Thu Apr 12 10:04:09 EDT 2007 

Let me see if I can paint a better picture.

I work for a school district and each school that is accessing the 
internet from this particular location gets routed out a particular dsl 
line according to usage stats.  So right now the 2801 is setup to do pbr 
to each of the linux dsl routers that I have behind it.  The linux dsl 
routers are connecting to my isp through the modems provided.  The linux 
dsl routers are standard workstations converted to do 
pppoe/nat/routing/queueing.  I would like to simplify this configuration 
with some kind of cisco hardware.  The reason I have 4 dsl lines is 
because there is nothing else available in my location.  I now have the 
827 working and I have replaced one of the linux boxes and modems with 
that unit instead.  This will be a little better but I would have like 
to use the 2801 to do everything.

Dan.

 Jesse Alexander wrote:
> Hello Dan,
>
> How are the four DSL lines delivered to you?  Are they providing some 
> kind of 'modem' that all four terminate on, or are you dealing with 
> four DSL modems, or otherwise?  I haven't worked with multiple 
> commercial DSL lines previously.  I mainly work with T1's, T3's, 
> OC3's, etc.. lol.  But with some clarification, we can find a way for 
> standard networking to do its thing :)
>
> You say that you want to use the 2801 to NAT.  What network goals are 
> you trying to acheive?  I believe if I can understand the bigger 
> picture I can be more helpful.
>
> Does your ISP require you to authenicate for your DSL connections?
>
> Sorry for all my questions.
>
> Sincerely,
>
> Jesse
>
> ----- Original Message ----- From: "Dan" <dan at technc.com>
> To: "Jesse Alexander" <ut-longhorns at hotmail.com>; 
> <cisco-nsp at puck.nether.net>
> Sent: Wednesday, April 11, 2007 11:58 AM
> Subject: Re: [c-nsp] 827 router as 'DMZ'
>
>
>> Jesse,
>>
>> I only have one external IP.  So it looks like I'm stuck with having 
>> nat on the 827.  What I really wanted to do is to have all four of my 
>> dsl lines terminated on the 2801 router with the hwic 4esw.  I have 
>> explored that option and it will not work because of a limitation of 
>> the hwic.  So I was looking for a cheaper solution that would allow 
>> me to use the 827 router as a pppoe termination point and then I was 
>> going to use the 2801 for nat.
>>
>> Do you know of any other cheap solution that would work to terminate 
>> 4 dsl lines and use the 2801 router for nat?
>>
>> Thanks,
>> Dan.
>>
>> Jesse Alexander wrote:
>>> Hi Dan,
>>>
>>> If you have a public /30 IP range available to use, then easiest way 
>>> is to assign e0 one IP and the other router's directly connected 
>>> interface the other usable IP, such as:
>>>
>>> int e0
>>> ip address 209.126.2.1 255.255.255.252
>>>
>>> On other router:
>>>
>>> int [insert]
>>> ip address 209.126.2.2 255.255.252
>>>
>>> That way, the two are directly connected and therefore know how to 
>>> route to each other.  You can then use NAT on the 2801.
>>>
>>> Otherwise, you can use private IP's between the two, but NAT will be 
>>> needed on the 827.
>>>
>>> Kinda hard not knowing what assets you have available to you for IPs 
>>> and such.
>>>
>>> What would be best is if you had, say, a public /29 netblock from 
>>> your ISP. That gives you 6 usable IPs.  Have them set the 1st usable 
>>> for your 827's interface that connects to your ISP's modem via mac 
>>> address of your 827 (depending on how your ISP does that ... mine 
>>> needs the mac address of my router, which is a 851).
>>>
>>> Then assign e0 the next available IP, and the 2801's interface that 
>>> directly connects to the 827 then next IP available in the series of 
>>> IPs you are allocated.
>>>
>>> I realize I have an 851 verses your 827, but I am certain that what 
>>> you want to do can be done.
>>>
>>> I can be of more help if I know more specifics.
>>>
>>> Sincerely,
>>>
>>> Jesse
>>>
>>> ----- Original Message ----- From: "Dan" <dan at technc.com>
>>> Cc: <cisco-nsp at puck.nether.net>
>>> Sent: Tuesday, April 10, 2007 2:19 PM
>>> Subject: [c-nsp] 827 router as 'DMZ'
>>>
>>>
>>>> Hello,
>>>>
>>>> I'm wondering if anyone has been able to setup an 827 router as a DMZ
>>>> router.  What I would like to be able to do is have this box 
>>>> connecting
>>>> to my ISP via PPPoE, then have the box forward all traffic through the
>>>> e0 interface into a port on my 2801 router where I would setup 
>>>> nat.  Is
>>>> this possible with this 827 router?
>>>>
>>>> Thanks,
>>>> Dan.
>>>>
>>>> _______________________________________________
>>>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>>>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>>>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>>>
>>>
>>
>>
>>
>

More information about the cisco-nsp mailing list