Question
-
Topic
-
How to configure two interface card in cisco 2821 to access the internet.
LockedHi! to everybody,
I want to seek advise from all of you guys how can I allow 2 network interface to access the internet. I have configured the first interface(GigabitEthernet0/0=192.168.0.1/24 ) to connect to the internet, now I wanted to allow also second interface(GigabitEthernet0/1=192.168.1.100/28) to connect to the internet.
How can I do this? is it possible to do it even I only have 1 public IP? Pls. give me step by step command on how to do this.NOTE:
My Cisco IP:192.168.0.1
Serial interface IP:xxx.xxx.xxx.26 (the PUBLIC IP)
GigabitEthernet0/0: 192.168.0.1
GigabitEthernet0/1: 192.168.1.100here is the running config of my cisco 2821 router
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname !@#$@#
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200 debugging
logging console critical
enable secret 5 $1$Be54$lIRh4POUuo7pnOfgoi1ct/!$%&
!
no aaa new-model
!
resource policy
!
clock timezone PCTime 8
ip subnet-zero
no ip source-route
ip tcp synwait-time 10
!
!
ip cef
!
!
no ip bootp server
ip domain name @#$%^&*
ip name-server xxx.xxx.xxx.xxx
ip name-server xxx.xxx.xxx.xxx
!
username zxdy privilege 15 secret 5 $1$gAot$WKD5ZYXSi0iYExp1CfASw0#$%@#
username wxyz view SDM_Monitor secret 5 $1$OeXW$jJswAMybYdhkBk/4H1^&8!
!
class-map match-any SDM-Transactional-1
match dscp af21
match dscp af22
match dscp af23
class-map match-any SDM-Signaling-1
match dscp cs3
match dscp af31
class-map match-any SDM-Scavenger-1
match dscp cs1
class-map match-any SDM-Routing-1
match dscp cs6
class-map match-any SDM-Voice-1
match dscp ef
class-map match-any SDM-Streaming-Video-1
match dscp cs4
class-map match-any SDM-Management-1
match dscp cs2
class-map match-any SDM-Interactive-Video-1
match dscp af41
class-map match-any SDM-BulkData-1
match dscp af11
match dscp af12
match dscp af13
!
!
policy-map SDM-QoS-Policy-1
class SDM-Voice-1
priority percent 55
class SDM-Signaling-1
bandwidth percent 5
class SDM-Routing-1
bandwidth percent 5
class SDM-Management-1
bandwidth percent 5
class SDM-Transactional-1
bandwidth percent 5
class class-default
fair-queue
random-detect
!
!
!
interface GigabitEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$$ES_LAN$$FW_I
ip address 192.168.0.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip route-cache flow
duplex auto
speed auto
no mop enabled
!
interface GigabitEthernet0/1
description $ETH-LAN$
ip address 192.168.1.100 255.255.255.240
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip route-cache flow
shutdown
duplex auto
speed auto
no mop enabled
!
interface Serial0/0/0
description $ES_WAN$$FW_OUTSIDE$
ip address xxx.xxx.xxx.26 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip route-cache flow
service-policy output SDM-QoS-Policy-1
!
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0/0
!
no ip http server
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat source static tcp 192.168.0.116 80 xxx.xxx.xxx.26 80 extendable
ip nat inside source list NatOut interface Serial0/0/0 overload
ip nat inside source static tcp 192.168.0.116 21 xxx.xxx.xxx.26 21 ext
ip nat inside source static tcp 192.168.0.116 80 xxx.xxx.xxx.26 80 ext
ip nat inside source static tcp 192.168.0.116 443 xxx.xxx.xxx.26 443 e
ip nat inside source static tcp 192.168.0.116 3389 xxx.xxx.xxx.26 3389
!
ip access-list extended NatOut
remark SDM_ACL Category=2
permit ip 192.168.0.0 0.0.0.255 any
deny ip any any
!
logging trap debugging
access-list 1 remark INSIDE_IF=GigabitEthernet0/0
access-list 1 remark SDM_ACL Category=2
access-list 1 deny 192.168.0.5
access-list 1 permit 192.168.0.0 0.0.0.255
no cdp run
!
control-plane
!
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
login local
transport output telnet
line aux 0
login local
transport output telnet
line vty 0 4
privilege level 15
login local
transport input telnet
line vty 5 14
privilege level 15
login local
transport input telnet
line vty 15
privilege level 15
login local
transport input telnet
parser view SDM_Monitor
secret 5 $1$Dj0Q$nCJhiN9DROgTKJc9W$jOQg#%&*.
commands configure include end
commands configure include all interface
commands exec include dir all-filesystems
commands exec include dir
commands exec include all ping ip
commands exec include ping
commands exec include configure terminal
commands exec include configure
commands exec include all show
commands exec include debug ip
commands exec include debug
commands exec include all clear