Cisco 1720 NAT/DHCP with 3 AP1200's

[sibon3]

This is my first stab at configuring a Cisco router or any router for that matter. I am looking to connect a 1720 to a T1 and share the conection through 3 cisco AP1200 access points. I want to use NAT to save IP addresses and use DHCP from router for convenience... I don't want to use a server.

Here are the particulars:

Router Serial IP 12.126.232.25
LAN IP Block allocated 12.158.5.8/29
Router Ethernet IP 12.158.5.9
AP1 IP 12.158.5.10
AP2 IP 12.158.5.11
AP3 IP 12.158.5.12
DNS Servers(ATT) 12.127.16.67/12.127.17.71

Can someone look at the following config and let me know if this is correct or if there are critical mistakes... thanks.

!
service timestamps debug uptime
service timestamps log uptime
service password-encryption
no service tcp-small-servers
no service udp-small-servers
!
hostname ***********
!
enable password ***********
!
no ip name-server
!
ip subnet-zero
no ip domain-lookup
ip routing
!
interface FastEthernet 0
no shutdown
description connected to Cisco1538
ip address 12.158.5.9 255.255.255.0
ip nat inside
keepalive 10
!
interface Serial 0
no shutdown
description connected to ATT Router
service-module t1 clock source line
service-module t1 data-coding normal
service-module t1 remote-loopback full
service-module t1 framing esf
service-module t1 linecode b8zs
service-module t1 lbo none
service-module t1 remote-alarm-enable
ip address 12.126.232.26 255.255.255.252
ip nat outside
encapsulation ppp
!
! Access Control List 1
!
no access-list 1
access-list 1 permit 12.158.5.0 0.0.0.255
!
! Access Control List 100
!
no access-list 100
access-list 100 permit ip any any
!
! Static NAT
!
ip nat inside source static 12.158.5.9 12.126.232.26
!
! Dynamic NAT
!
ip nat translation timeout 86400
ip nat translation tcp-timeout 86400
ip nat translation udp-timeout 300
ip nat translation dns-timeout 60
ip nat translation finrst-timeout 60
ip nat pool ******Router-natpool-1 12.158.5.9 12.158.5.14 netmask 255.0.0.0
ip nat inside source list 1 pool *******Router-natpool-1 overload
!
! DHCP Server
!
service dhcp
ip dhcp excluded-address 12.158.5.9 12.158.5.14
ip dhcp pool 1
network 12.158.5.0 255.255.255.0
domain-name ***************
default-router 12.158.5.9
dns-server 12.127.16.67 12.127.17.71
!
router rip
version 2
network 12.0.0.0
passive-interface Serial 0
no auto-summary
!
!
ip classless
!
! IP Static Routes
ip route 0.0.0.0 0.0.0.0 Serial 0
ip http server
snmp-server community public RO
snmp-server location Ebert Farm
no snmp-server contact
!
line console 0
exec-timeout 0 0
password *******
login
!
line vty 0 4
password *******
login
!
end

 

[MTandSAV]

if I am not mistaken you should use the private IP addresses for NAT ( 10.0.0.0, 192.168.0.0) Now you are using public IP's for that and I doubt whether thats going to work.
Also, if you post you config, remove public IP's or at least the last parts.

 

[sibon3]

If I use private IP's will I still be able to access the AP's behind the router. Or can I leave the AP's with static public addresses, and NAT all hosts with Private IP's?

If this is correct... how would this config look (Public addresses for access points and private for all other hosts).

Thanks!

 

[MTandSAV]

I would personally give the AP's also a private IP, either static or via dhcp (if you give them static, make sure the dhcp server can't give those addresses out to hosts). In that way you don't have to do a lot of configurations on the AP's.