Suggested prerequisite reading:
»Cisco Forum FAQ »Things to expect when setup network for home or small business
For a quick guide and some network topology, check out the following FAQ
»Cisco Forum FAQ »Quick Guide of Configuring Cisco router for PPPoE using external modem
This FAQ serves as a basic walk through of the above FAQ in order to provide deeper descriptions in configuring any Cisco routers running IOS with two ethernet interfaces for ADSL. For more info, check out the above FAQ.
First we will need to build the VPDN group so we will be able to add our dialer after we configure the Ethernet interface we will use for the WAN connection.
router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
router(config)#vpdn enable
router(config)#vpdn-group 1
router(config-vpdn)#request-dialin
router(config-vpdn)#protocol pppoe
router(config-vpdn)#exit
Now we configure one Ethernet interface for use as our WAN interface.
router(config)#interface Ethernet1
router(config-if)#description ADSL WAN Interface
router(config-if)#no ip address
router(config-if)#no ip redirects
router(config-if)#no ip unreachables
router(config-if)#no ip proxy-arp
router(config-if)#no ip mroute-cache
router(config-if)#pppoe enable
router(config-if)#no cdp enable
router(config-if)#exit
Now to add your Dialer interface:
router(config)#interface Dialer1
router(config-if)#description ADSL WAN Dialer
router(config-if)#ip address negotiated
router(config-if)#no ip unreachables
router(config-if)#ip nat outside
router(config-if)#encapsulation ppp
router(config-if)#no ip mroute-cache
router(config-if)#dialer pool 1
router(config-if)#dialer-group 1
router(config-if)#no cdp enable
At this point you will need to find out what type of authentication your ISP requires. When you run into problems with this (ISP says one thing, it's actually something else...), you are suggested to turn on the debug ppp packet option to view low level packet output. Generally you will need to either use CHAP or PAP authentication. In some cases ISP requires both type of authentication. Following is how to set both up.
router(config-if)#ppp authentication chap callin
router(config-if)#ppp chap hostname ispusername
You want to make sure that username is whatever your ISP requires. Some ISP like the full e-mail address and some just need the username. You may receive a letter or email regarding this info. Consult your ISP if you are unsure. Following is the setup.
router(config-if)#ppp chap password isppassword
router(config-if)#ppp pap sent-username ispusername password isppassword
You can see with PAP as opposed to chap you input your username and password all at once in one command.
Note that the Dialer1 interface is part of dialer group 1. This dialer group controls the Layer-3 protocol traffic that go over the Layer-2 PPP encapsulation. For this dialer group control, you need to specify which Layer-3 protocols the Dialer1 interface is allowed to pass through over the Layer-2 PPP. In this case, you want to pass IP protocols. Following is the setup.
router(config-if)#exit
router(config)#dialer-list 1 protocol ip permit
Another problem you may experience with many providers making constant changes to their network is with packet fragmentation from PCs with MTUs set too high. Many people on BBR suggest setting MTU size and tweaking each machine for optimal broadband settings, but the Cisco IOS allows you to perform traffic shaping on your Dialer interface that will correct this problem.
Feel free to read the following
Troubleshooting MTU Size in PPPoE Dialin Connectivity
for additional information about adjusting Maximum Segment (MSS) sizes on your equipment.
Now you configure the other Ethernet interface for use as the LAN interface:
router(config)#interface Ethernet0
router(config-if)#description ADSL LAN Interface
When adding the IP address you can pretty much put whatever on there as long as the rest of the NAT setup matches. Format is ip address and the subnet mask.
router(config-if)#ip address 10.10.10.1 255.255.255.0
router(config-if)#no ip redirects
router(config-if)#no ip unreachables
router(config-if)#no ip proxy-arp
router(config-if)#ip nat inside
router(config-if)#no ip mroute-cache
router(config-if)#no cdp enable
router(config-if)#exit
Now you're done with the actual LAN/WAN setup. The next steps are just to add a few more parts to get everything working.
We add our access-list for NAT:
router(config)#access-list 10 permit 10.10.10.0 0.0.0.255
And disable CDP:
router(config)#no cdp run
And add our NAT source list:
router(config)#ip nat inside source list 10 interface Dialer1 overload
Turn on CIDR routing:
router(config)#ip classless
And finally add our default route to the internet. There are two ways of doing so. One (the correct way) is to let PPP negotiation process determine the default gateway IP address. To do so, enter the following commands.
router(config)#interface Dialer1
router(config-if)#shutdown
router(config-if)#ppp ipcp route default
router(config-if)#no shutdown
router(config-if)#exit
On some IOS images, the ppp ipcp command is not supported unfortunately. When this applies to you, then you have no choice to either upgrade the IOS image that support the command or to use the following command.
router(config)#ip route 0.0.0.0 0.0.0.0 Dialer1
When your router IOS image does support ppp ipcp command, then following commands are suggested to be entered under the Dialer1 interface in addition to the ppp ipcp route default command.
ppp ipcp dns request accept
ppp ipcp address accept
to have the router receives ISP DNS IP addresses and WAN IP address through the PPP process. Note that these two commands are not requirements since the router can still do network functionality even without these two commands present.
After setting the default route, you should have a basic connection built and running. You will probably want to add a little more in the way of security such as setting vty, console, and enable passwords, as well as disabling any unnecessary services on the router and adding name servers, time servers, etc.
 feedback form
 feedback form
by amethyst1x  edited by aryoba
last modified: 2009-10-21 16:22:36 |
