Cisco 1720 Ethernet 0 blocking IP address range 1

[rphips]

I have been trying to reconfigure my Cisco 1720 router to add a firewall. I was told I need to change the ethernet IP address from a 192.168.1.2 number to a 146.140.37.3 and then have the firewall point to the router ethernet IP.

The problem is when I go and change it I get the following:

The ip network number 146.140.37.0 subnet mask 255.255.255.248 for this connection requires use of IP range 146.140.37.0 - 146.140.37.7. It is conflicting with IP address 146.140.37.3 subnet mask 255.255.255.248 on Cisco 1720 10/100 Ethernet 0 blocking IP address range 146.140.37.0 - 146.140.37.7

Any ideas of what I am doing wrong and why it keeps acting like this

Thanks



bob

"ZOINKS !!!!!"

Shaggy

 

[computerhighguy]

Yeah. You can't have an IP address on the WAN and LAN side that reside in the same subnet. This would defeat the purpose of routing since there would be nothing to route (need 2 networks to use routing). You want to use the

IP unnumbered command

I can tell you typically most people put an IP address on the Ethernet interface and then put the unnumbered address on the serial interface.

So lets say you have the following interfaces

Serial 0/0
FastEthernet 0/0

you config will work something like this

Fastethernet 0/0
ip address 146.140.37.0 255.255.255.252

Serial 0/0
ip address unnumbered fastethernet 0/0


That will give the router 1 IP address and allow you use your firewall. At least it should. Hope this helps.

 

[rphips]

computerhighguy

Thanks for the response and the info
I downloaded ConfigMaker but it doesn't seem to bring down all the cofiguration of the router and I am a little leary on if I push the new info up will it work

any suggestions



bob

"ZOINKS !!!!!"

Shaggy

 

[computerhighguy]

Hook up a console cable and ge rid of the config maker. Might as well start learning it now. No one ever made any money using the config maker.

 

[rphips]

Easier said than done - considering that I have no documentation on this 1720 router and I don't have a clue on what our ISP did to it - (and they'er no help) I can't drop thye internet so that leaves out playing around with it.

So my choices are do it right the first time or don't do it at all


bob

"ZOINKS !!!!!"

Shaggy

 

[computerhighguy]

Postyour config here, minus the passwords and maybe change the outside IP address and see what kind of help you can get.


It is what it is!!
__________________________________
A+, Net+, I-Net+, Certified Web Master, MCP, MCSA, MCSE, CCNA, CCDA, and few others (I got bored one day)

 

[rphips]

computerhighguy

Heres the configuration all According to my ISP all I need to do is change the 192.168.1.2 255.255.255.0 IP address to 146.140.37.3, 255.255.255.248 and remove NAT

But It won't change

any help on what I need to do?


testing#show configuration
Using 1075 out of 29688 bytes
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname testing
!
no logging console
enable secret 5 $1$BsAT$GXuvenM/t4dQzhH/X6tvj1
enable password ?????
!
memory-size iomem 25
ip subnet-zero
ip name-server 146.140.37.2
ip name-server 146.140.37.3
!
!
!
!
interface Loopback0
no ip address
no ip directed-broadcast
!
interface Serial0
description connected to Internet
ip address 146.140.37.2 255.255.255.248
no ip directed-broadcast
ip nat outside
no fair-queue
!
interface FastEthernet0
description connected to EthernetLAN
ip address 192.168.1.2 255.255.255.0
no ip directed-broadcast
ip nat inside
!
ip nat pool net-5 146.140.37.5 146.140.37.6 netmask 255.255.255.248
ip nat inside source list 170 pool net-5 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0
no ip http server
!
access-list 11 permit 192.168.1.0 0.0.0.255
access-list 170 permit ip 192.168.0.0 0.0.255.255 any
!
line con 0
transport input none
line aux 0
line vty 0 4
password ?????
login
!
no scheduler allocate
end

testing#

bob

"ZOINKS !!!!!"

Shaggy

 

[computerhighguy]

Try this after hours.

version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname testing
!
no logging console
enable secret 5 $1$BsAT$GXuvenM/t4dQzhH/X6tvj1
enable password ?????
!
memory-size iomem 25
ip subnet-zero
ip name-server 146.140.37.2
ip name-server 146.140.37.3
!
!
!
!
interface Loopback0
no ip address
no ip directed-broadcast
!
interface Serial0
description connected to Internet
ip unnumbered FastEthernet0
no ip directed-broadcast
no fair-queue
!
interface FastEthernet0
description connected to EthernetLAN
ip address 146.140.37.2 255.255.255.248
no ip directed-broadcast
!
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0
no ip http server
!

line con 0
transport input none
line aux 0
line vty 0 4
password ?????
login
!
no scheduler allocate
end


It is what it is!!
__________________________________
A+, Net+, I-Net+, Certified Web Master, MCP, MCSA, MCSE, CCNA, CCDA, and few others (I got bored one day)

 

[rphips]

will try it and I will get back to you.

Thanks


bob

"ZOINKS !!!!!"

Shaggy