Newbie help needed with 3600

search cco.cisco.com for IOS NAT configuration examples

also see

You need to configure:

1. DHCP client on outise interface
2. default route pointing to DHCP assigned outside address
3. NAT (network address translation) to tranlate inside addresses to the ISP DHCP assigned outside address

you will also want to config a default route that points to DHCP assigned outside address:

ip route 0.0.0.0.0 0.0.0.0 dhcp

you will need to ensure that the IOS version on the 3600 supports this feature or the router's IOS vesion will need to be upgraded.

Why in Gods name if they have a cable modem and a Firewall why put a router between them?

My sentiments exactly...except that the firewall and cable's DHCP don't seem to be working in unison. For some (as yet undetermined) reason when the time comes to renew the DHCP license one of the two sides is not cooperating (haven't determined yet which one as the firewall company says their system is set to DHCP standards and the ISP says they don't support business networks under the client's current plan.)

When hooked up to a router (currently a cheapie linksys) this configuration works but there's no way to disable filtering of the ports (i.e. by default all ports are blocked. Not a bad thing except the linksys firewall leaves a ton to be desired and we have a good firewall we need to connect without doubling our work when allowing traffic in and out.) So...if we connect a router to the modem this stablizes the DHCP issue. They have the router already...I just need to set it up properly.

I will investigate the other poster's instructions. Thanks!

what firewall is being used ?

We have a Watchguard Firebox X700

Have you taken a sniffer trace of the linksys DHCP exchange with the ISP ?

If not you may want to so that you can compare once you insert Cisco

A config something along these lines is what you require:

hostname

enable secret

ip routing ip cef ip subnet-zero ip classless no ip domain-lookup

clock timezone service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone logging buffer 10000 debug no logging console

int fa escription Outside interface ip address dhcp ! or if ISP needs more info provided try providing via the following parameters ip address dhcp [client-id interface-name] [hostname host-name] ip nat outside ! speed configure if auto-neg does not work or work well ! duplex configure if auto-neg does not work or work well exit

int fa description Inside interface ! configure IP subnet to be used between router and firewall, ! point firewall default route to this address ip address a.a.a.a m.m.m.m ip nat inside ! speed configure if auto-neg does not work or work well ! duplex configure if auto-neg does not work or work well exit

! nat command to configure the translation of inside source addresses ! to the DHCP address assigned to the outside interface ip nat inside source list 1 interface fast overload access-list 1 permit 10.0.0.0 0.255.255.255

! required static routes

ip route 0.0.0.0.0 0.0.0.0 dhcp

ip route

Hmm.. Is this Comcast and did they install a SMC Modem/Router?