Use of 4 Ethernet ports on a Cisco 877

I'm new to Cisco routers, but have an 877 installed in a small office for Internet access with NAT for a single external IP address. Ethernet port 0 is connected to the office's main Ethernet switch.

It has three "spare" ethernet ports which set me to wondering if there was anything interesting they could be used for.

The 877 is described as having a four port *switch*. From this I inferred that it was not really intended for Ethernet-Ethernet routing. However since it supports VLANs, can the 877 be used for any of ...

  • Guest Internet access. E.g. allow a visitor to plug in a notebook PC to a wallport patched to Ethernet port 3 on the router, with the router configured to prevent traffic passing between Ethernet ports 0 (main LAN) and 3 (visitor)?

  • Ditto with DHCP service to the visitor PC?

  • A DMZ? E.g. plug a webserver into ethernet port 2 and configure the router so that inbound traffic to port 80 gets mapped to the webserver, which has no access to the main LAN?

  • Something else?

The 800 series also have a serial console port, which I believe doubles as a virtual AUX port. Can this be used for anything useful? (other than as a console port for configuring the router)

  • attach a V.90 modem for remote dial-in to router and from there telnet to a server?

  • Something else?

Reply to
RedGrittyBrick
Loading thread data ...

One of the four switch ports can be reconfigured as a routed interface. But for the other three ports, there is no way to control the traffic between them: the traffic between them would not go through the router if the traffic is in the same broadcast domain.

Reply to
Walter Roberson

You may wish to investigate the Cisco 877 Config Wizard:

formatting link
Sincerely,

Brad Reese Cisco Resumes

formatting link

Reply to
www.BradReese.Com

I can't find any reference to this restriction on Cisco's webpage:

formatting link
Can you please provide a pointer to some documentation which documents this restriction? E.g. which ethernet port can be used as a routed interface.

Kind regards

Reply to
Matthias Scheler

If you have an 87x AND the expensive software (Advanced IP Services) you can indeed seperate the physical ports into seperate IP networks..

If you have the base software or an 85x you are restricted to one VLAN.

There are no arbitrary restrictions as to their use or configuration.

vlan 2 vlan 3

int vlan 2 ip add ...

int vl 3 ip add ...

int fa 2 sw acc vl 2

int fa 3 sw acc vl 3

Should I think work.

Reply to
Bod43

That's only one of the 87x's product descriptions.

It appears that the feature I was thinking of was for the earlier 800 series router. For the 870, DMZ is by VLAN, with four VLANs being permitted with the Advanced IP Feature Set, and no VLAN support with the Advanced Security image. No VLANs on the 850 series either.

formatting link

Reply to
Walter Roberson

You can indeed use the aux port with a modem, given the appropriate DB9-DB25 (IIRC) adapter. We use it for some customers to provide (admittedly v limited) backup if the ADSL connection fails, as well as providing out-of-band access to the router in that eventuality. I don't have a config to hand, but could possibly post/email you something if you're interested... (We use it with 877s too, and have in the past used this setup with

837s)

Regards,

Al

Reply to
Al

I just tried the latest T train image with the adv. sec. feature set on a

877 and was able to run a second vlan. Bye, Tosh
Reply to
Tosh

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.