NAT on Cisco 1720 router behind Alcatel ADSL modem

[emiliodk]

I'm having problems using a 1720 with two ethernet interfaces behind an ADSL modem. The provider does not seem to support PPPoE so I can't set up the necessary VPN connection from my router. No problem, I "upgraded" the modem so it dials the VPN connection itself.
So now I have a modem that is always connected, ip address is 10.0.0.138 and I need to use 10.0.0.150 for the pc or in this case the 1720 router. I used Configmaker to draw this network with some pc's behind the router, but I'm having troubles with NAT: do i need to use the WAN interface of the global address pool for source translation? In other words: 10.0.0.150 <-> 10.0.0.150 or do I use the IP address I got from my ISP?
How do I get my clients to connect to the internet? I know their gateway address must be the 1720 (192.168.1.1) but what happens on the router? Shouldn't I tell the router that he has to route trough the ADSL modem?
Please advise, I'm struggling with this for a couple of days now....

Thanks!

Emile

 

[emiliodk]

Sorry, forgot to mention this: the upgrade of the Alcatel Speedtouch home made it a router, so it's a router behind a router. Reason I still want to use the Cisco is that we can't return it AND I bought firewall software for it that I want to use.

 

[jeter]

A ADSL router is PPPoA. The router runs nat internally. I would remove the the cisco and sell it. If your wanting it for a firewall than I would sugguest you get a cisco 1750
with a dsl wic card. Jeter@LasVegas.com
J.Fisher CCNA

 

[Guest_imported]

clock timezone EST -5
clock summer-time EST recurring
ip subnet-zero
no ip source-route
!
ip dhcp pool Private
network xxx.xxx.x.x 255.255.255.0
default-router xxx.xxx.x.x
dns-server xxx.xxx.xxx.xxx
!
no ip bootp server
!
!
!
interface Ethernet0
description Facing RoadRunner Cable Modem
ip address dhcp
ip access-group 100 in
no ip redirects
no ip unreachables
ip accounting mac-address input
ip accounting access-violations
ip nat outside
no cdp enable
!
interface Ethernet1
description Interface facing Internal Lan
ip address xxx.xxx.xxx.xxx 255.255.255.0
no ip redirects
no ip unreachables
ip nat inside
no cdp enable
!
interface Serial0
no ip address
shutdown
no cdp enable
!
interface Serial1
no ip address
shutdown
no cdp enable
!
ip nat inside source list 7 interface Ethernet0 overload
ip nat inside source static esp xxx.xxx.xxx.xxx interface Ethernet0
ip nat inside source static udp xxx.xxx.xxx.xxx 500 interface Ethernet0 500
ip classless
ip route 0.0.0.0 0.0.0.0 Ethernet0
no ip http server
ip pim bidir-enable
!
logging trap debugging
logging xxx.xxx.xxx.xxx
access-list 5 permit xxx.xxx.xxx.xxx
access-list 5 permit xxx.xxx.xxx.xxx 0.0.0.3
access-list 5 deny any log
access-list 7 permit xxx.xxx.0.0 0.0.0.3
access-list 100 deny icmp any any redirect
access-list 100 deny ip 127.0.0.0 0.255.255.255 any
access-list 100 deny ip 224.0.0.0 31.255.255.255 any
access-list 100 permit udp any eq domain host xxx.xxx.xxx.xxx
access-list 100 permit tcp host xxx.xxx.xxx.xxx any
access-list 100 permit tcp host xxx.xxx.xxx.xxx any eq 37
access-list 100 permit udp host xxx.xxx.xxx.xxx any eq ntp
access-list 100 permit udp any host 255.255.255.255 eq bootpc
access-list 100 permit udp any eq isakmp any eq isakmp
access-list 100 deny udp any any lt 1000 log
access-list 100 deny tcp any any lt 1000 log
access-list 100 permit ip any any
access-list 110 permit tcp xxx.xxx.0.0 0.0.0.7 any eq www
access-list 110 permit tcp xxx.xxx.0.0 0.0.0.7 any gt 1024
access-list 110 permit ip any any log
no cdp run



you must have IOS Version 12.2(5)
for some of the above commands to work