In this scenario, I will show you how to configure a CISCO 2600 Series router (it can be any other Cisco router) so that you can deploy it at the client’s site to provide Internet connection to them. In essence, we will act as an ISP (Internet Service Provider) proving the Internet connection and the modem/router. Assume that the modem and physical connection has been setup by the ISP; we will now deploy a router on site. The router will have two interfaces called FastEthernet0/0 and FastEthernet0/1. I will dedicate FastEthernet0/0 as the WAN facing connection and the other one facing the LAN. This LAN (FastEthernet0/1) will in turn be the WAN for the client router. The client will have their IT administrator connect a local router that connect its WAN interface to our FastEthernet0/1 and obtain a static Internet IP address given to them by us.
2/ TCP/IP Addresses
The ISP provides the following TCP/IP components:
The WAN TCP/IP is a /30 subnet, which means that the subnet mask is 255.255.255.252.
30 bits = 11111111.11111111.11111111.11111100
The above bit patterns is equal to 255.255.255.252
WAN IP Address: 126.96.36.199 Subnet Mask: 255.255.255.252 Gateway: 188.8.131.52 DNS1: 184.108.40.206 DNS2: 220.127.116.11 LAN IP Subnet: /29 LAN IP Address: 18.104.22.168
As you can see, the WAN IP address is on a different block of subnet and the LAN IP is on a different block of subnet.
Take a look at the WAN subnet mask. Two bits are being used for the hosts, which means we have 22 = 4 IP addresses. They are:
22.214.171.124 126.96.36.199 188.8.131.52 184.108.40.206
The first IP address 220.127.116.11 is the network ID and cannot be used. The last IP address is the broadcast IP and cannot be used. The IP address 18.104.22.168 is on the ISP’s side and the only remaining one: 22.214.171.124 can be used as WAN on the Cisco router. This IP address will be assigned to FastEthernet0/0.
To avoid double-NATting, we will also provide a public IP address to the LAN interface (this will be the client’s WAN IP address). The ISP is so generous that it provides a /29 subnet. Let’s see what that means.
29 bits = 11111111.11111111.11111111.11111000
The above bit patterns is equal to 255.255.255.248
The IP Range that the customer can use is 126.96.36.199-188.8.131.52
However, 184.108.40.206 cannot be used as it is the network ID.
220.127.116.11 is programmed as a LAN IP Address on the PSSNET Router.
The client therefore, is left with: *.10, *.11, *.12, *.13, *.14.
18.104.22.168 cannot be used as it is a broadcast IP address.
The Default gateway is 22.214.171.124
The Subnet Mask is 255.255.255.248
In this scenario, I programmed my laptop with the *.10 IP and it appeared to work flawlessly.
3/ Router configurations
The following is the configuration on the Cisco Router.
service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname dalaris-router ! boot-start-marker boot-end-marker ! enable secret 5 $1$FO/k$zniuCv0lWkY0WYwDOFLy7/ enable password 7 001400152468001F18715E4A1A ! no network-clock-participate slot 1 no network-clock-participate wic 0 no aaa new-model ip subnet-zero ip cef ! ! ip domain name dalaris.com ! ip dhcp pool 126.96.36.199/29 network 188.8.131.52 255.255.255.248 default-router 184.108.40.206 dns-server 220.127.116.11 18.104.22.168 ! ip audit po max-events 100 ! ! ! username pssadm privilege 15 password 7 21392C88772233D0D55 ! ! ! interface FastEthernet0/0 ip address 22.214.171.124 255.255.255.252 ip access-group 102 in ip access-group 101 out ip nat outside duplex auto speed auto ! interface FastEthernet0/1 ip address 126.96.36.199 255.255.255.248 ip nat inside speed auto full-duplex ! ip default-gateway 188.8.131.52 ip nat inside source list 101 interface FastEthernet0/0 overload ip http server no ip http secure-server ip classless ip route 0.0.0.0 0.0.0.0 184.108.40.206 ! ! access-list 101 permit ip any any access-list 102 permit icmp any any echo-reply access-list 102 permit ip any any ! ! ! line con 0 line aux 0 line vty 0 4 access-class 1 in exec-timeout 30 0 privilege level 15 password 7 199F1A4C882277432C44321E37 login local transport preferred ssh transport input ssh ! ! end dalaris-router#
Since the Cisco router LAN IP address is 220.127.116.11 with the subnet mask of /29, it means that this IP belongs to this pool of IP addresses:
18.104.22.168 22.214.171.124 126.96.36.199 188.8.131.52 184.108.40.206 220.127.116.11 18.104.22.168 22.214.171.124
There are three bits used for the hosts so totally we have 23 = 8 IP addresses. The first IP address 126.96.36.199 cannot be used as it is the network ID. The last IP address is the broadcast IP address. The second IP is programmed on the LAN interface (FastEthernet0/1). There are five IP addresses the client can use. In this test, I plugged in a laptop and the DHCP provides me an IP address of 188.8.131.52.
The client’s IT administrator need to configure his router with a WAN IP address in the range of 184.108.40.206-14.
Information to be given to the customer (Client’s IT personnel):
IPv4 Address. . . . . . . . . . . : 220.127.116.11(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.248 Default Gateway . . . . . . . . . : 18.104.22.168 DHCP Server . . . . . . . . . . . : 22.214.171.124 C:\Users\dalaris>ping 126.96.36.199 Pinging 188.8.131.52 with 32 bytes of data: Reply from 184.108.40.206: bytes=32 time=17ms TTL=57 Reply from 220.127.116.11: bytes=32 time=16ms TTL=57 Reply from 18.104.22.168: bytes=32 time=16ms TTL=57 Reply from 22.214.171.124: bytes=32 time=16ms TTL=57 Ping statistics for 126.96.36.199: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 16ms, Maximum = 17ms, Average = 16ms C:\Users\pdalaris>ping google.com Pinging google.com [188.8.131.52] with 32 bytes of data: Reply from 184.108.40.206: bytes=32 time=19ms TTL=56 Reply from 220.127.116.11: bytes=32 time=18ms TTL=56 Reply from 18.104.22.168: bytes=32 time=18ms TTL=56 Reply from 22.214.171.124: bytes=32 time=18ms TTL=56 Ping statistics for 126.96.36.199: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 18ms, Maximum = 19ms, Average = 18ms C:\Users\dalaris>ipconfig /all Ethernet adapter LAN: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Realtek PCIe FE Family Controller Physical Address. . . . . . . . . : 1C-75-08-67-C5-70 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::6875:b2f2:23a9:4de6%11(Preferred) IPv4 Address. . . . . . . . . . . : 188.8.131.52(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.248 Lease Obtained. . . . . . . . . . : Friday, June 27, 2014 2:25:01 PM Lease Expires . . . . . . . . . . : Saturday, June 28, 2014 2:25:01 PM Default Gateway . . . . . . . . . : 184.108.40.206 DHCP Server . . . . . . . . . . . : 220.127.116.11 DHCPv6 IAID . . . . . . . . . . . : 236745992 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-09-EA-35-1C-75-08-67-C5-70 DNS Servers . . . . . . . . . . . : 18.104.22.168 22.214.171.124 NetBIOS over Tcpip. . . . . . . . : Enabled
In this scenario, I have demonstrated how to configure the Cisco router for Customer’s end as an ISP.