dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1797
share rss forum feed


nozero
Eschew Obfuscation
Premium,MVM,ExMod 2003-06
join:1999-12-29
InnerSanctum
kudos:3
Reviews:
·PowWeb
·Time Warner Cable

1 recommendation

Take The Cisco Challenge...

Okay here's your chance to help keep your skills sharp while you help others. Were once again looking for your suggestions for topics for new FAQ's for this forum.

You can suggest topics here in this thread or if you have a FAQ, or better yet, a FAQ and an Answer to the FAQ to suggest, you can submit it here http://www.dslreports.com/faq/cisco/edit.

I'd also like to take this opportunity to thanks those who have already made contributions to the FAQ. Your efforts are very much appreciated!

You will now be returned to regularly scheduled programming.:o
--
Every moment is a chance to turn it all around.
Even if only one cure is found, don't you want to be part of it?
Join us won't you?


Covenant
Premium,MVM
join:2003-07-01
England

2 recommendations

hmmm...

How about a typical config. for a UBR9xx cable modem. I know that some of you are adept at getting those things up and running!

Also a config. for a 25xx series router might be valuable here!

[RANT]

Come on guys and gals, post your comments or submit a new FAQ. If you are reading this, it means that you have an interest in Cisco. Why not use that interest to improve your documentation skills and it will help you in the long run regarding job prospects as you can print out the FAQ and take it to an interview and say "I am not only good technically, I can also impart my knowledge on others, either via writing manuals or by teaching people how to set something up".

There are lots and lots of people who are BRILLIANT technically, but there are only a FEW who can pass on that knowledge to others, so please people, treat it as a training exercise to distinguish yourself from the rest!

[/RANT]

Thanks for reading.

HM


Covenant
Premium,MVM
join:2003-07-01
England
reply to nozero
Sticky please!


rolande
Certifiable
Premium,Mod
join:2002-05-24
Dallas, TX
kudos:6
Reviews:
·AT&T U-Verse
·ViaTalk

2 recommendations

reply to nozero
Believe me...after the torture I have just been through getting this stupid WIC-1ADSL module working with my 2620XM I will document it. My DSL will be installed in about a week. So, once I have it successfully up, I'll put something together on this. I am taking the CCIE written exam on Wednesday, so my brain will actually be able to focus on something else for a change.
--
Remember what they say: "There are 10 types of people in the world.. those who understand binary, and those who don't."

sanchito75

join:2003-09-06
Aurora, IL

2 recommendations

reply to nozero
here is the best info I can provide for all the pain I went through getting and 827 ADSL up and running for SBC/Megapath. This web site is the easiest for anyone that is not a cisco guru for setting up an ADSL router and the cli setup config info also.

»www.azacamis.com/cisco

Configuration for PPPoA with NAT
Note: the steps here are only for the purpose of getting connected with your ISP. Other issues like security and features are not inclusive. The are where you enter your details

Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#interface ethernet 0
router(config)#no ip http server
Router(config-if)#ip address 10.10.10.1 255.255.255.0
Router(config-if)#ip nat inside
Router(config-if)#no shutdown
Router(config-if)#exit
Router(config)#interface dialer 0

If you are assigned a static IP by your ISP, then follow this command
Router(config-if)#ip address

If you are assigned a dynamic IP address by your ISP, then follow this command
Router(config-if)#ip address negotiated

Continue with the rest of command
Router(config-if)#ip nat outside
Router(config-if)#encapsulation ppp
Router(config-if)#dialer pool 1
Router(config-if)#ppp pap sent-username password
Router(config-if)#exit
Router(config)#interface atm 0
Router(config-if)#pvc
Router(config-if-atm-vc)#en aal5mux ppp dialer
Router(config-if-atm-vc)#dialer pool-member 1
Router(config-if-atm-vc)#no shutdown
Router(config-if)#exit
Router(config)#ip nat inside source list 1 interface dialer 0 overload

If you are assigned a static IP by your ISP, then follow this command
Router(config)#ip route 0.0.0.0 0.0.0.0

If you are assigned a dynamic IP address by your ISP, then follow this command
Router(config)#ip route 0.0.0.0 0.0.0.0 dialer 0

Continue with the rest of command
Router(config)#access-list 1 permit 10.10.10.0 0.0.0.255
Router(config)#exit
Router#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
[OK]
Router#

!
!
!
!
Configuration for PPPoE with NAT
Note: Pls note that the steps here are only for the purpose of getting connected with your ISP. Other issues like security and features are not inclusive. The are where you enter your details

Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#no ip http server
Router(config)#vpdn enable
Router(config)#vpdn-group ppoe
Router(config-vpdn)#request-dialin
Router(config-vpdn-req-in)#protocol pppoe
Router(config-vpdn-req-in)#exit
Router(config-vpdn)#exit
Router(config)#interface ethernet0
Router(config-if)#ip address 10.10.10.1 255.255.255.0
Router(config-if)#ip nat inside
Router(config-if)#no shutdown
Router(config-if)#exit
Router(config)#interface atm0
Router(config-if)#pvc
Router(config-if)#no shutdown
Router(config-if-atm-vc)#pppoe-client dial-pool-number 1
Router(config-if-atm-vc)#exit
Router(config-if)#exit
Router(config)#int dialer 1

f you are assigned a static IP by your ISP, then follow this command
Router(config-if)#ip address

If you are assigned a dynamic IP address by your ISP, then follow this command
Router(config-if)#ip address negotiated

Continue with the rest of command
Router(config-if)#ip mtu 1492
Router(config-if)#ip nat outside
Router(config-if)#dialer pool 1
Router(config-if)#ppp authentication pap callin
Router(config-if)#ppp pap sent-username password
Router(config-if)#exit
Router(config)#ip nat inside source list 1 interface dialer 1 overload
Router(config)#ip classless

If you are assigned a static IP by your ISP, then follow this command
Router(config)#ip route 0.0.0.0 0.0.0.0

If you are assigned a dynamic IP address by your ISP, then follow this command
Router(config)#ip route 0.0.0.0 0.0.0.0 dialer 1

Continue with the rest of command
Router(config)#no ip http server
Router(config)#access-list 1 permit 10.10.10.1 0.0.0.255
Router(config)#exit
Router#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
[OK]
Router#

Hope this helps somebody


nozero
Eschew Obfuscation
Premium,MVM,ExMod 2003-06
join:1999-12-29
InnerSanctum
kudos:3


sortofageek
Runs from Clowns
Premium,Mod
join:2001-08-19
kudos:23
reply to nozero
The FAQ submissions we're getting now are very much appreciated. Covenant See Profile has a valid point in that documentation is a very important aspect of those skills sought after by the smart employer.

For those who are dedicated to helping others here, these FAQs will certainly make that task easier. Given enough of them, one would only need to link to a pertinent FAQ, would save a lot of repetitive typing/copying/pasting, etc.

Thanks so much to all the contributors. If this keeps up, this forum could become one of the best resources for Cisco info/help on the internet.
--
Team Helix Forum - Join Us?


nd_tech

join:2003-04-10
Troy, MI
reply to nozero
how bout some Frame-relay stuff, VOIP and perhaps even ATM??
Or you could go with manually configuring routing protocols such as OSPF...actually one for routing protocols in general would be good for some.


nozero
Eschew Obfuscation
Premium,MVM,ExMod 2003-06
join:1999-12-29
InnerSanctum
kudos:3

1 recommendation

AFAIC, I'll publish anything submitted, as long as it's Cisco related and useful.

We aim to please...


I_Route
Premium,VIP
join:2003-09-19
Merrimack, NH
reply to rolande
Let me know if you have any issues you need help with. I have a 2651XM with the WIC-1ADSL that I have used with Verizon and now SpeakEasy, no problems. PPPoE and normal.

Later,
Jeff


MrTwister

@156.63.x.x
reply to nozero
I really need to lookup my password for this, that way I dont keep posting anonymously.

someone asked for a Frame-relay example.
Here's a Frame-relay example that uses
sub-interfaces to talk to multiple sites
via multiple DLCI's.

The physical interface is Serial4/1/0
and is connected to a Frame-relay T1
with the primary DLCI having 1024k CIR
and the others having 256k CIR.
(pay no attention to that nasty little
ipx type-20-propagation, this is for a
nasty legacy application that uses NETBUI).

Also if you notice the description for the first
sub interface says "Frame to ATM-2", this isnt a
typo, the remote sites are Frame-relay sites,
while the head-end border routers are connected
to a Stratacom switch via ATM, the Stratacom
handles the ATM-Frame conversions (when configured
properly )..

Config starts now:...
------------------------
service timestamps debug datetime
service timestamps log datetime localtime show-timezone
service password-encryption
no service udp-small-servers
no service tcp-small-servers
!
hostname (your hostname here)
!
clock timezone EST -5
clock summer-time EDT recurring
enable secret 5 xxxxxxxxxxxxxxxxxxxxxxx
!
ipx routing 0000.0000.0000
!
interface Loopback0
ip address 192.168.255.80 255.255.255.255
transmit-buffers backing-store
!
interface FastEthernet1/0/0
ip address 192.168.80.1 255.255.255.0
no ip route-cache optimum
ipx network EABCDE encapsulation SAP
ipx type-20-propagation
!
interface FastEthernet1/1/0
no ip address
shutdown

!
interface Serial4/1/0
no ip address
encapsulation frame-relay IETF
no fair-queue
frame-relay lmi-type ansi
!
interface Serial4/1/0.1 point-to-point
description FrameRelay to ATM-2 (ATM0/0.5520) CID-69DHZAxxxxxx DLCI-687
ip address 192.168.0.34 255.255.255.252
ip ospf network broadcast
ipx network FA5509
ipx output-network-filter 801
ipx output-sap-filter 1001
ipx sap-interval 5
frame-relay interface-dlci 687
!
interface Serial4/1/0.3 point-to-point
description PVC to Site1
ip address 192.168.89.1 255.255.255.252
ip ospf network broadcast
ipx network FA55091
ipx type-20-propagation
frame-relay interface-dlci 200
!
interface Serial4/1/0.4 point-to-point
description PVC to Site3
ip address 192.168.89.5 255.255.255.252
ip ospf network broadcast
ipx network FA55093
ipx type-20-propagation
frame-relay interface-dlci 201
!
interface Serial4/1/0.5 point-to-point
description PVC to Site4
ip address 192.168.89.9 255.255.255.252
ip ospf network broadcast
ipx network FA55094
frame-relay interface-dlci 202
!
interface Serial4/1/1
no ip address
shutdown
!
interface Serial4/1/2
no ip address
shutdown
!
interface Serial4/1/3
no ip address
shutdown
!
router ospf 111
network 192.168.0.0 0.0.255.255 area 55
!
ip domain-name odjfs.state.oh.us
ip name-server 10.0.1.100
ip name-server 10.100.10.100
ip name-server 10.63.130.120
ip name-server 10.63.130.75
ip classless
ip route 0.0.0.0 0.0.0.0 10.55.0.33
ip route 192.168.140.0 255.255.255.0 192.168.89.2
ip route 192.168.88.0 255.255.255.0 192.168.80.2
logging buffered
logging trap errors
logging facility local6
logging 10.1.2.11
access-list 801 permit E76021 0
access-list 801 permit E76022 0
access-list 801 permit E76023 0
access-list 801 permit E76024 0
access-list 801 permit B7602 0
access-list 801 permit B7604 0
access-list 801 permit FA5509 0
access-list 801 permit FA55091 0
access-list 801 permit FA55093 0
access-list 801 permit FA55094 0
access-list 1001 permit E76021 4
access-list 1001 permit E76022 4
access-list 1001 permit E76023 4
access-list 1001 permit E76024 4
access-list 1001 permit B7602 4
access-list 1001 permit B7604 4
access-list 1001 permit FA5509 4
access-list 1001 permit FA55091 4
access-list 1001 permit FA55093 4
access-list 1001 permit FA55094 4
access-list 1001 permit E76021 107
access-list 1001 permit E76022 107
access-list 1001 permit E76023 107
access-list 1001 permit E76024 107
access-list 1001 permit B7602 107
access-list 1001 permit B7604 107
access-list 1001 permit FA5509 107
access-list 1001 permit FA55091 107
access-list 1001 permit FA55093 107
access-list 1001 permit FA55094 107
access-list 1001 permit E76021 237
access-list 1001 permit E76022 237
access-list 1001 permit E76023 237
access-list 1001 permit E76024 237
access-list 1001 permit B7602 237
access-list 1001 permit B7604 237
access-list 1001 permit FA5509 237
access-list 1001 permit FA55091 237
access-list 1001 permit FA55093 237
access-list 1001 permit FA55094 237
access-list 1001 permit E76021 238
access-list 1001 permit E76022 238
access-list 1001 permit E76023 238
access-list 1001 permit E76024 238
access-list 1001 permit B7602 238
access-list 1001 permit B7604 238
access-list 1001 permit FA5509 238
access-list 1001 permit FA55091 238
access-list 1001 permit FA55093 238
access-list 1001 permit FA55094 238
access-list 1001 permit E76021 268
access-list 1001 permit E76022 268
access-list 1001 permit E76023 268
access-list 1001 permit E76024 268
access-list 1001 permit B7602 268
access-list 1001 permit B7604 268
access-list 1001 permit FA5509 268
access-list 1001 permit FA55091 268
access-list 1001 permit FA55093 268
access-list 1001 permit FA55094 268
access-list 1001 permit E76021 278
access-list 1001 permit E76022 278
access-list 1001 permit E76023 278
access-list 1001 permit E76024 278
access-list 1001 permit B7602 278
access-list 1001 permit B7604 278
access-list 1001 permit FA5509 278
access-list 1001 permit FA55091 278
access-list 1001 permit FA55093 278
access-list 1001 permit FA55094 278
!
!
!
!
snmp-server community public RO
snmp-server community btsnet RW
snmp-server community homer RW 5
snmp-server enable traps channel-failures
snmp-server enable traps isdn
snmp-server enable traps config
snmp-server enable traps envmon
snmp-server enable traps bgp
snmp-server enable traps frame-relay
snmp-server host 10.1.8.206 public
snmp-server host 10.1.2.11 public
snmp-server host 10.1.8.254 public
banner motd ^C
****************************************************************
* *
* WARNING: System is RESTRICTED to authorized personnel ONLY! *
* Unauthorized use of this system will be logged and *
* prosecuted to the fullest extent of the law. *
* *
* If you are NOT authorized to use this system, LOG OFF NOW! *
* *
**************************************************************** ^C
!
line con 0
password 7 xxxxxxxxxx
login
line aux 0
password 7 xxxxxxxxxx
login
line vty 0 4
password 7 xxxxxxxxxxxx
login
!
ntp clock-period 17180456
ntp server 10.0.1.20
end

-------------
MrTwister


MrTwister

@156.63.x.x
I forgot to mention the Access-lists.
Most if not all of them are for IPX
service SAPS. Without these access-lists
and the SAP-interval of 5, the SAPs would
over-run the circuit with useless information.
When using the "ipx sap-interval 5 (or X)",
you must take care to have the same interval
on both the head-end and the remote-router.
Otherwise you'll see servers coming and going
from the sap tables.


Domwilko
CCVP, CCNP, CCNA, CCDA

join:2002-03-02
UK
kudos:1

1 recommendation

reply to nozero
OK here you go, for your FAQ collection.

A working configuration for a Cisco 1720 router for a UK ADSL ISP. The 1720 is fitted with 48Mb DRAM/16Mb FLASH and running IOS 12.3(1).

It also has, obviously, a WIC-1ADLS module and a WIC-2T (not currently used).

In the configuration is also included an example of how to build 3 GRE tunnels to remote sites and how to synchronise the router clock with a NTP time source.

I hope someone will find this of use.

!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Cisco1720
!
enable password 7 xxxxxxxx
!
username xxxxxxx@dslgateb.xxxxxxxx.co.uk password 7 xxxxxxxx
username xxxxxxx password 7 xxxxxxx
memory-size iomem 25
ip subnet-zero
!
!
ip name-server 193.xxx.xxx.xxx
ip name-server 194.xxx.xxx.xxx
ip name-server 194.xxx.xxx.xxx
!
ip cef
ip audit notify log
ip audit po max-events 100
no ftp-server write-enable
!
xsm
xsm vdm
xsm edm
xsm history vdm
xsm history edm
!
interface Loopback0
description +++ Always Up Interface +++
ip address 10.10.10.10 255.255.255.255
!
interface Tunnel0
description +++ IP GRE VPN TO Office1 +++
ip address 192.168.xxx.2 255.255.255.252
tunnel source 213.xxx.xxx.76
tunnel destination 213.xxx.xxx.114
tunnel key 123abc
!
interface Tunnel1
description ++++ IP GRE VPN To Office2 ++++
ip address 192.168.xxx.9 255.255.255.252
tunnel source 213.xxx.xxx.76
tunnel destination 213.xxx.xxx.113
tunnel key 123abc
!
interface Tunnel2
description ++++ IP GRE VPN To Office3 ++++
ip address 192.xxx.xxx.13 255.255.255.252
tunnel source 213.xxx.xxx.76
tunnel destination 80.xxx.xxx.xxx
tunnel key 123abc
!
interface ATM0
no ip address
no ip mroute-cache
no atm ilmi-keepalive
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
dsl operating-mode auto
hold-queue 224 in
!
interface FastEthernet0
description +++ Connection To LAN +++
ip address 192.168.30.1 255.255.255.0
ip nat inside
speed auto
full-duplex
!
interface Serial0
no ip address
shutdown
no fair-queue
!
interface Serial1
no ip address
shutdown
!
interface Dialer0
description +++ Connection To ISP ADSL +++
ip address 213.xxx.xxx.76 255.255.255.0
ip nat outside
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap callin
ppp chap hostname xxxxxxx@dslgateb.xxxxxxx.co.uk
ppp chap password 7 xxxxxxxx
ppp pap sent-username xxxxxxx@dslgateb.xxxxxxx.co.uk password 7 xxxxxxx
!
router eigrp 1
redistribute connected
network 10.0.0.0
network 192.168.xxx.0
network 192.168.xxx.0
network 213.xxx.xxx.0
no auto-summary
!
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 10.10.10.10 443 interface Dialer0 443
ip nat inside source static tcp 10.10.10.10 23 interface Dialer0 23
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
ip http server
ip http secure-server
!
!
access-list 1 permit any
!
banner motd ^C

****************************
* WARNING BANNER *
****************************

WARNING - authorised users only

The owner and any subsidiary companies, has proprietary rights
over this system and data. Unauthorized access is unlawful and may
result in disciplinary action and/or legal proceedings.

Access to this system is monitored.
^C
!
line con 0
line aux 0
line vty 0 4
exec-timeout 60 0
password 7 xxxxxxx
login local
transport input telnet
!
ntp clock-period 17179651
ntp server 128.2.129.21
!
end

Cisco1720#

Hope this helps,
--
Domwilko - CCNP, CCNA, CCDA


Covenant
Premium,MVM
join:2003-07-01
England

1 recommendation

reply to nozero
Hey Domwilko and MrTwister! Thanks for posting the FAQ material.

It would be easier all round if you created an FAQ by just clicking on the following link:

»Cisco Forum FAQ

...and just cutting and pasting whatever config or pieces of information you have into there.

FYI, this is the FAQ submit page and it would ensure that you get the recognition and gratitude that you deserve.

All you have to do is choose the section that the FAQ will go into, in both cases, configuration. Then give it a relevant title and its cut&paste from there on.

Click preview and you are ready to post the FAQ after visual inspection.

Note that you can use HTML tags within the text box.

Thanks for the input again guys.
--
When you post a question, you expect a reply. When I post a reply, I expect a response. Not only if the problem still exists, but also when it works. Its nice to know that the reply I gave works AND it also helps others with that problem to solve it.


nozero
Eschew Obfuscation
Premium,MVM,ExMod 2003-06
join:1999-12-29
InnerSanctum
kudos:3
Reviews:
·PowWeb
·Time Warner Cable
reply to nozero
Not only is it easier for the FAQ editors, but that way it credits to the one who submitted it. Just posted this one submitted by Domwilko See Profile


Domwilko
CCVP, CCNP, CCNA, CCDA

join:2002-03-02
UK
kudos:1

3 recommendations

Thanks Nozero & rhodium_uk,

Now I know the correct process, I'll see what other FAQ input I can provide.
--
Domwilko - CCNP, CCNA, CCDA


MrTwister
Premium
join:2003-09-27
Hilliard, OH

2 recommendations

reply to nozero
Ahh.. thanks for pointing me in the right direction.
I'll tag that link for future reference.

Here in the future I'll be able to add a few things
I havent been able to document. Things like soft pvc's,
QoS, and a few other little diddies associated with VoIP.

I've been swamped lately with tons of work, like backbone conversions, VoIP rollout, and Local office transistions
(gotta love government agencies and their wacky moves.. Lets put everyone in one building.... 2 days later.. no lets put 8 here, 3 here, 3 here..... now lets make them all
talk.. oh we forgot, we need connectivty to them, VPN and such.. and dont forget this application XYZ (you know the one that doesnt run well over WAN links), so we're gonna make you try to use DSL with VPM for this..))..

lol.. I do try to keep an eye on this group, there's lots of great knowledge here, one shouldnt have to try to re-invent the wheel.

like this one;
TechTip: I knew there had to be a better way, and finally
I found it. When programming a 29xx, 35xx, or
many of the the newer IOS based (none CAT based ie
not 5xxx,6xxx based), where when you want to
assign the vlan/speed/whatever to a group of ports
instead of hitting every FAXX/XX port, use the
interface range command;

switchxyz#> interface range fa0/1 -xx

notice the space between the 1 and the '-', if
you dont put that there, it will error out.
Then, simply put your commands that you want
for that range of ports and wella..
Normally I use that for the vlan membership,
speed, duplex, and the spantree-portfast.

I gotta run, thanks for pointing me to the right
place for future faq's. Now I gotta go mess with
trying to recover few pieces of equipment that got
slapped around by last nights massive Thunderstorm
front...

MrTwister


Domwilko
CCVP, CCNP, CCNA, CCDA

join:2002-03-02
UK
kudos:1
MrTwister,

Your average day sounds very much like mine!!
I remember the times when I used to be able to post on here on a daily basis, but like you, totally swamped with work!!
--
Domwilko - CCNP, CCNA, CCDA


Covenant
Premium,MVM
join:2003-07-01
England
said by Domwilko:
I remember the times when I used to be able to post on here on a daily basis

Hey Domwilko See Profile, I am living those times at the mo!


rolande
Certifiable
Premium,Mod
join:2002-05-24
Dallas, TX
kudos:6
Reviews:
·AT&T U-Verse
·ViaTalk
reply to Domwilko
Join the club... We have so many last minute projects piling up already that we have to hire another 2 contractors on top of the 2 CCIE's we just hired.
--
Remember what they say: "There are 10 types of people in the world.. those who understand binary, and those who don't."

sanchito75

join:2003-09-06
Aurora, IL

1 recommendation

reply to nozero
Here is a guarantee working config for Anyone using Ameritech ADSL for their circuit provider and Megapath.net for ISP. It took 2 calls 2 cisco and weeks of fighting with ISP tech support but I learned a valuable lesson about ADSL PPPoE specifically. This is from the mouth of Cisco. If you have ADSL running PPPoE and run into problems resolving DNS adjust your MTU on your ethernet interface to using the command ip tcp adjust-mss 1452. This is because PPPoE requires more bits in the header packet than any other type of circuit. It was news to me but the minute we adjusted the MTU all my problems were fixed. So with that in mind here is a 100% working config from my 827 ADSL router. Hope this lesson I learned helps someone out in the future!!!!

SANCH_INT_RTR#sh run
Building configuration...

Current configuration : 2593 bytes
!
version 12.1
no service single-slot-reload-enable
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname SANCH_INT_RTR
!
logging rate-limit console 10 except errors
no logging console
enable secret 5 $encrypted password$
!
username Cisco privilege 15 password 7
username Router password 7
ip subnet-zero
no ip finger
ip name-server 66.80.130.23
ip name-server 66.80.131.5
!
no ip dhcp-client network-discovery
vpdn enable
no vpdn logging
!
vpdn-group pppoe
request-dialin
protocol pppoe
!
!
!
!
interface Ethernet0
ip address 69.33.X.X 255.255.255.224
ip tcp adjust-mss 1452
no ip mroute-cache
!
interface ATM0
no ip address
ip access-group 101 in
ip access-group 101 out
no ip mroute-cache
no atm ilmi-keepalive
bundle-enable
dsl operating-mode auto
hold-queue 224 in
!
interface ATM0.1 point-to-point
pvc 0/35
protocol pppoe
pppoe-client dial-pool-number 1
!
!
interface Dialer0
no ip address
no cdp enable
!
interface Dialer1
mtu 1492
ip address 69.33.XX.XX 255.255.255.0
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication pap chap callin
ppp chap hostname ppp-username@megapathdsl.net
ppp chap password 7 Encrypted password
ppp pap sent-username ppp-username@megapathdsl.net password 7 encrypted password
0A
!
ip classless
ip route 0.0.0.0 0.0.0.0 69.33.X.X
no ip http server
!
access-list 101 deny tcp any any eq 135
access-list 101 deny tcp any any eq 136
access-list 101 deny tcp any any eq 137
access-list 101 deny tcp any any eq 138
access-list 101 deny tcp any any eq 139
access-list 101 deny tcp any any eq 140
access-list 101 deny udp any any eq 135
access-list 101 deny udp any any eq 136
access-list 101 deny udp any any eq netbios-ns
access-list 101 deny udp any any eq netbios-dgm
access-list 101 deny udp any any eq netbios-ss
access-list 101 deny udp any any eq 140
access-list 101 deny tcp any any eq 445
access-list 101 deny udp any any eq tftp
access-list 101 deny tcp any any eq 4444
access-list 101 deny tcp any any eq 593
access-list 101 permit tcp any any eq www
access-list 101 permit tcp any any eq 1723
access-list 101 permit tcp any any eq 110
access-list 101 permit tcp any any eq 25
access-list 101 permit gre any any
access-list 101 permit icmp any any
dialer-list 1 protocol ip permit
banner login ^CC^C
!
line con 0
password 7 XXXXXXXXX
transport input none
stopbits 1
line vty 0 4
exec-timeout 30 0
password 7 XXXXXXXXX
login
length 0
!
scheduler max-task-time 5000
end


nozero
Eschew Obfuscation
Premium,MVM,ExMod 2003-06
join:1999-12-29
InnerSanctum
kudos:3

1 recommendation



XCOM
digitalnUll
Premium
join:2002-06-10
Spring, TX

1 recommendation

Ok I just added an FAQ hope it gets aproved and be of help to others
--
Over Kill Systems


nozero
Eschew Obfuscation
Premium,MVM,ExMod 2003-06
join:1999-12-29
InnerSanctum
kudos:3
It was added here http://www.dslreports.com/faq/8239, but you knew that.


E

@qwest.net
reply to nozero
I have some cisco questions id like answered I have a cisco 678. using PVC VPI/VCI: 0/35. it is an adsl router. I have the keycodes for my isp also. I have it configured like this.

set ppp restart enabled
set ppp wan0-0 ipcp 0.0.0.0
set ppp wan0-0 dns 0.0.0.0
set ppp wan0-0 login xxxxxxxxx
set ppp wan0-0 password xxxxxxxxx
set nat enable
set nat timeout udp 3600
set nat timeout icmp 3600
set dhcp server enable
set int wan0-0 disable
write
set wan0-0 vpi 0
set int wan0-0 vci 32
set int wan0-0 enable
set ppp wan0-0 subnet 0.0.0.0
set web disable
set web port 8081
set web remote 255.255.255.255
write
reboot

Now the line trains, but i still get no internet. It says I see it transmitting, but it will not receive. Any clues as to where the problem may lie? This is frustrating. I seen posts of this config working with vpi/vci 0/32. but mine is different in my area. Any suggestions would be helpful. You can reach me at ldap2004 on aim:) thanks


XCOM
digitalnUll
Premium
join:2002-06-10
Spring, TX
These is for tutorials please post these in the main forum.
--
Over Kill Systems


XCOM
digitalnUll
Premium
join:2002-06-10
Spring, TX
To respond your question please read these FAQ.
»Cisco Forum FAQ »678 ADSL External Modem/Router
--
Over Kill Systems


TerryMiller
Premium
join:2003-10-23
reply to nozero
The most confusing thing to me about Cisco routing is VPN setup. crypto map, isakmp setup, vpngroup & vpdn setup either is not very well explained or not understood by me. Also why is their a separate address pool for vpn clients.
I don't know if this post belongs here or the VPN forum, but it's the reason we don't have VPN's at work.


Covenant
Premium,MVM
join:2003-07-01
England

2 recommendations

said by TerryMiller:
The most confusing thing to me about Cisco routing is VPN setup. crypto map, isakmp setup, vpngroup & vpdn setup either is not very well explained or not understood by me. Also why is their a separate address pool for vpn clients.
I don't know if this post belongs here or the VPN forum, but it's the reason we don't have VPN's at work.
Hi TerryMiller See Profile,

VPN setup is not so bad once you know what the individual entities do and the theory behind it.

Here's a link on CCO about IPSEC.

Have a look at that link for a starter and then if you have any more questions, you could start a new thread with your unresolved queries and we will try to answer them.

Hope that helps and maybe that thread will turn into a fully fledged tutorial on Cisco VPNs for everyone else to post in queries as well as answers.
--
When you post a question, you expect a reply. When I post a reply, I expect a response. Not only if the problem still exists, but also when it works. Its nice to know that the reply I gave works AND it also helps others with that problem to solve it.


nozero
Eschew Obfuscation
Premium,MVM,ExMod 2003-06
join:1999-12-29
InnerSanctum
kudos:3
Reviews:
·PowWeb
·Time Warner Cable

1 recommendation

said by Covenant:
Hope that helps and maybe that thread will turn into a fully fledged tutorial on Cisco VPNs for everyone else to post in queries as well as answers.
That would mean more food for the FAQ and it is one hungry little monster!
--
Every moment is a chance to turn it all around.
Even if only one cure is found, don't you want to be part of it?
Join us won't you?