Question

  • Creator
    Topic
  • #2202992

    How to configure two interface card in cisco 2821 to access the internet.

    Locked

    by derflanoj ·

    Hi! to everybody,

    I want to seek advise from all of you guys how can I allow 2 network interface to access the internet. I have configured the first interface(GigabitEthernet0/0=192.168.0.1/24 ) to connect to the internet, now I wanted to allow also second interface(GigabitEthernet0/1=192.168.1.100/28) to connect to the internet.
    How can I do this? is it possible to do it even I only have 1 public IP? Pls. give me step by step command on how to do this.

    NOTE:
    My Cisco IP:192.168.0.1
    Serial interface IP:xxx.xxx.xxx.26 (the PUBLIC IP)
    GigabitEthernet0/0: 192.168.0.1
    GigabitEthernet0/1: 192.168.1.100

    here is the running config of my cisco 2821 router

    version 12.4
    no service pad
    service tcp-keepalives-in
    service tcp-keepalives-out
    service timestamps debug datetime msec localtime show-timezone
    service timestamps log datetime msec localtime show-timezone
    service password-encryption
    service sequence-numbers
    !
    hostname !@#$@#
    !
    boot-start-marker
    boot-end-marker
    !
    security authentication failure rate 3 log
    security passwords min-length 6
    logging buffered 51200 debugging
    logging console critical
    enable secret 5 $1$Be54$lIRh4POUuo7pnOfgoi1ct/!$%&
    !
    no aaa new-model
    !
    resource policy
    !
    clock timezone PCTime 8
    ip subnet-zero
    no ip source-route
    ip tcp synwait-time 10
    !
    !
    ip cef
    !
    !
    no ip bootp server
    ip domain name @#$%^&*
    ip name-server xxx.xxx.xxx.xxx
    ip name-server xxx.xxx.xxx.xxx
    !
    username zxdy privilege 15 secret 5 $1$gAot$WKD5ZYXSi0iYExp1CfASw0#$%@#
    username wxyz view SDM_Monitor secret 5 $1$OeXW$jJswAMybYdhkBk/4H1^&8

    !
    !
    class-map match-any SDM-Transactional-1
    match dscp af21
    match dscp af22
    match dscp af23
    class-map match-any SDM-Signaling-1
    match dscp cs3
    match dscp af31
    class-map match-any SDM-Scavenger-1
    match dscp cs1
    class-map match-any SDM-Routing-1
    match dscp cs6
    class-map match-any SDM-Voice-1
    match dscp ef
    class-map match-any SDM-Streaming-Video-1
    match dscp cs4
    class-map match-any SDM-Management-1
    match dscp cs2
    class-map match-any SDM-Interactive-Video-1
    match dscp af41
    class-map match-any SDM-BulkData-1
    match dscp af11
    match dscp af12
    match dscp af13
    !
    !
    policy-map SDM-QoS-Policy-1
    class SDM-Voice-1
    priority percent 55
    class SDM-Signaling-1
    bandwidth percent 5
    class SDM-Routing-1
    bandwidth percent 5
    class SDM-Management-1
    bandwidth percent 5
    class SDM-Transactional-1
    bandwidth percent 5
    class class-default
    fair-queue
    random-detect
    !
    !
    !
    interface GigabitEthernet0/0
    description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$$ES_LAN$$FW_I
    ip address 192.168.0.1 255.255.255.0
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    ip nat inside
    ip route-cache flow
    duplex auto
    speed auto
    no mop enabled
    !
    interface GigabitEthernet0/1
    description $ETH-LAN$
    ip address 192.168.1.100 255.255.255.240
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    ip nat inside
    ip route-cache flow
    shutdown
    duplex auto
    speed auto
    no mop enabled
    !
    interface Serial0/0/0
    description $ES_WAN$$FW_OUTSIDE$
    ip address xxx.xxx.xxx.26 255.255.255.252
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    ip nat outside
    ip route-cache flow
    service-policy output SDM-QoS-Policy-1
    !
    ip classless
    ip route 0.0.0.0 0.0.0.0 Serial0/0/0
    !
    no ip http server
    ip http authentication local
    ip http timeout-policy idle 60 life 86400 requests 10000
    ip nat source static tcp 192.168.0.116 80 xxx.xxx.xxx.26 80 extendable
    ip nat inside source list NatOut interface Serial0/0/0 overload
    ip nat inside source static tcp 192.168.0.116 21 xxx.xxx.xxx.26 21 ext
    ip nat inside source static tcp 192.168.0.116 80 xxx.xxx.xxx.26 80 ext
    ip nat inside source static tcp 192.168.0.116 443 xxx.xxx.xxx.26 443 e
    ip nat inside source static tcp 192.168.0.116 3389 xxx.xxx.xxx.26 3389
    !
    ip access-list extended NatOut
    remark SDM_ACL Category=2
    permit ip 192.168.0.0 0.0.0.255 any
    deny ip any any
    !
    logging trap debugging
    access-list 1 remark INSIDE_IF=GigabitEthernet0/0
    access-list 1 remark SDM_ACL Category=2
    access-list 1 deny 192.168.0.5
    access-list 1 permit 192.168.0.0 0.0.0.255
    no cdp run
    !
    control-plane
    !
    banner login ^CAuthorized access only!
    Disconnect IMMEDIATELY if you are not an authorized user!^C
    !
    line con 0
    login local
    transport output telnet
    line aux 0
    login local
    transport output telnet
    line vty 0 4
    privilege level 15
    login local
    transport input telnet
    line vty 5 14
    privilege level 15
    login local
    transport input telnet
    line vty 15
    privilege level 15
    login local
    transport input telnet
    parser view SDM_Monitor
    secret 5 $1$Dj0Q$nCJhiN9DROgTKJc9W$jOQg#%&*.
    commands configure include end
    commands configure include all interface
    commands exec include dir all-filesystems
    commands exec include dir
    commands exec include all ping ip
    commands exec include ping
    commands exec include configure terminal
    commands exec include configure
    commands exec include all show
    commands exec include debug ip
    commands exec include debug
    commands exec include all clear

All Answers

Viewing 0 reply threads