Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
  • Students Click Here

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here


IP/NAT config over SDSL Frame-Relay line.... need advice!!!!

IP/NAT config over SDSL Frame-Relay line.... need advice!!!!

IP/NAT config over SDSL Frame-Relay line.... need advice!!!!

i have just installed a PVC at my ops centre and need to hook a couple of guys in different locations in town so they can use my Internet over my high speed satellite connection... they will be assigned, static, public ip addresses for each of their individual connections, and data will be encapsulated using frame realy to support multiple logical PVCs into my single DSU....

i am wondering how i am going to setup their routing tables/information in their cisco routers... their setup is...

* private IPs.. for the internal LAN
* a Linux server which will masquerade the connections for the LAN computers onto the router/internet...
* a cisco 1601 and above router connected to the CSU

* encapsulation type on the cisco router is frame-relay

i have thought of some routing algorithms for each of my client's routers, but i am not really sure if it will work... lemmie just explain... please note, for obvious reason, i am going to use fake IPs

the main cisco router is a 2509 series router connected onto the satellite... it's ethernet IP address is the ip address of the serial interface connected to th DSU/PVC is

now, to configure the router of my first client, i have assigned the ip address of his serial interface that's connected to the CSU/PVC as

my client's linux server has two ethernet cards, one to the internal network and another to the router... the one connected to the internal network has the ip address as and the one connected to the ethernet interface of the router is so what happens is that the firewall in the linux server is supposed to masquerade the internal private network into the ip address, which in turn will be masqueraded to the true public ip of the router..... i would like the connection to appear like it came from the router and not the linux server.. although any suggestions otherwise would be welcome.....

so, i have decided to give this client's router the public ip address of so here is the configuration i will assume for the cisco router on the client's side...

conf t
* this will set the ip address of the router's ethernet interface, which is similar to that of the linux server on the router's side

int e0
ip address
ip nat inside
* this will set the ip address of the serial interface connected to the CSU/PVC

int s0
ip address
ip nat outside

* this will allow NAT to translate the ip address [and all other internal ip addresses thereto] of the external interface card on the linux server,, into the SINGLE PUBLIC IP ADDRESS...

ip nat pool ovrld prefix 24

* this will allow NAT to make translation for any of the private ip addresses into the public public ip address... in this case, the only ip to translate is that of the external network card on the linux server... as the other internal ones have been already masqueraded into it....

ip nat inside source list 2 pool ovrld overload

* this will define the list of ips for NAT to translate into the IP address...

access-list 7 permit

i think that should be it... the reason i want most of the translation to be done by linux is to free the cisco 1601 routers at the client's places of that extra processing load.. what do you think... should i..... can't it work both ways.. that the router translates all the internal ip addresses.....?...

*then finally.. i need to specify a route path of the

ip route

that should direct any packet that has a non-local ip address to the serial interface of my 2509 router.. then out onto the satellite/internet....

what i wonder is.. is it possible to ping that users router on that public address... since it's not assigned to any interface.. but is just meant to be overloaded..... do u think this is the best way to go about it..... will i have transparent routing as if they were directly connected thru ethernet at my data centre.....

also, if i were to manage bandwidth based on IP addresses, can i set up the bandwidth manager to look out for the public ip address from my client's router.. that is.. and then limit it's bandwidth usage to a pre-set capacity..?...

i really appreciate any responses to my question.. thanks...

desparate AKNIT

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close