Announcement

Collapse
No announcement yet.

Cisco 1812 for internet connection

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Cisco 1812 for internet connection

    We have 2 routers for internet connection. One old cisco for routing ISP public WAN to our public WAN IP's, and the second one for NAT and firewall internet connection to internal LAN. Between them is a small switch on which we can use all of ours public IP's.
    I want to replace those 2 routers with cisco 1812. Is this possible?

  • #2
    Re: Cisco 1812 for internet connection

    Sure you can do that, assuming you have the available interfaces to do so. Better option would be to use the 1812 as your edge router from the ISP and then use an ASA behind it for NAT/Firewall etc. From the ASA you could carve out interfaces for LAN, DMZ etc.

    If you have to use one device, then make sure you have the advanced security IOS for the 1812 to setup zone based firewall etc.
    CCNA, CCNA-Security, CCNP
    CCIE Security (In Progress)

    Comment


    • #3
      Re: Cisco 1812 for internet connection

      Ok. I have to use one device.
      I have 2 interfaces Fe0 and Fe1 and 6port switch (vlan1).

      My idea was connect Fe0 to ISP and route traffic to vlan1 (5 ports of switch or less if necessarily).
      Vlan1 will be ours public wlan block.
      Last port of switch configured as vlan2. NAT+FW between vlan2 and Fe1.
      Connect Fe1 to our internal network.

      Is this possible and how to connect vlan1 and wlan2? With patch?

      I’m confused here.

      Comment


      • #4
        Re: Cisco 1812 for internet connection

        Best bet would be to use subinterfaces fa0/1 for your vlans.


        int fa0/1
        no shut

        int fa0/1.10
        encapsulation dot1q 10
        ip address x.x.x.x y.y.y.y
        ip nat inside

        int fa0/1.20
        encapsulation dot1q 20
        ip address x.x.x.x
        ip nat inside

        configure fa0/0 with your public ip address to internet. Configure your switch ports in the appropriate vlan. Then I would setup zone based firewall and to control traffic between zones and also configure nat. I used vlans 10 and 20 in this example. Not a good idea to use vlan 1 as that is a default on all cisco equipment. Then you need to setup the trunk on the switch. I am assuming this is a managed switch. Configure the vlans in their respective ports as well.
        Last edited by auglan; 12th March 2012, 14:54.
        CCNA, CCNA-Security, CCNP
        CCIE Security (In Progress)

        Comment


        • #5
          Re: Cisco 1812 for internet connection

          I need more help from you.

          Iím green at cisco routers. Basically I use them to simple ppoE to internet and config VPNs to our ISA, easyVPN etc.
          Usually config them with SDM and CCP.

          Can you please help me a bit more.
          Iíve got from ISP:
          Example: WAN block: 79.79.79.252/30
          ISP port: 79.79.79.253
          My port: 79.79.79.254

          My public IPs: 212.200.200.176/29

          On IP will be for internet access.

          Switch I mentioned in earlier post is in router 1812.

          So my plan is to use only 1812 to connect to our lan (192.168.1.x) switch (not managed).

          Using subinterfaces looks good, but I didnít use them before. So help needed.

          Comment


          • #6
            Re: Cisco 1812 for internet connection

            Okay instead of creating sub interfaces just create SVI's (Switched Virtual Interfaces) for each vlan.


            First create your vlans. Not sure if the integrated switch module supports the normal vlan commands:


            config# vlan 10
            config# vlan 20

            Put your hosts in their respective vlans:

            int fa0/2
            switchport mode access
            switchport access vlan 10


            Then create your SVI's (Layer 3 interfaces for your vlans)


            int vlan 10
            ip address x.x.x.x y.y.y.y
            ip nat inside



            int vlan 20
            ip address x.x.x.x y.y.y.y
            ip nat inside
            CCNA, CCNA-Security, CCNP
            CCIE Security (In Progress)

            Comment


            • #7
              Re: Cisco 1812 for internet connection

              Tnx, I'm a bit busy with other stuff this days. I didnít try much those days.
              But I can see I will need more details help from you.

              Comment

              Working...
              X