Cisco 877w Configuration

Hi TE,

I'm trying to configure my 877w for home usage. Right now I utilize an ADSL connection. Because of my location, I do not have access to the modem put in place by my ISP. They have however allowed me to run PPPoE passthrough (which works perfect from a PC). With the 877w, I'm trying to hook it up via the PPPoE passthrough and have it function properly. The built-in ports for the 877w are L2 ports so I have to bridge them in some way. My current setup is: Fiber box (which is converted to ethernet) ---> ISP's CTU (with a built-in 4-port switch) ---> Cisco 877w connected via any of the FastEthernet ports. I would like to know how should I bridge the FastEthernet port to either the dialer20 interface or the BVI20 interface (or both). I've posted my configs in hopes that someone can assist me. I've been modifying & erasing my config so much that I think I've now confused myself!

version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log uptime
service password-encryption
!
hostname 877W
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
logging buffered 8192 notifications
enable secret 5 xxxxxxxxxxxxxxxxxxxx
!
aaa new-model
!
!
aaa group server radius rad_eap
!
aaa group server radius rad_mac
!
aaa group server radius rad_acct
!
aaa group server radius rad_admin
!
aaa group server tacacs+ tac_admin
!
aaa group server radius rad_pmip
!
aaa group server radius dummy
!
aaa authentication login default local
aaa authentication login CONSOLE none
aaa authentication login VTY local enable
aaa authentication login HTTP local none
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization ipmobile default group rad_pmip
aaa accounting network acct_methods start-stop group rad_acct
!
!
aaa session-id common
!
crypto pki trustpoint TP-self-signed-2734125745
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-2734125745
 revocation-check none
 rsakeypair TP-self-signed-2734125745
!
!
crypto pki certificate chain TP-self-signed-2734125745
 certificate self-signed 01
  30820251 308201BA A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 32373334 31323537 3435301E 170D3038 31303130 31343035
  34335A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 37333431
  32353734 3530819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100C9E4 05422A4F F545FF75 D4C6E54A AA22EB64 B43D7F9C F2201DB0 11E0C925
  75A76B8E 6EAED6B2 DA08F4BC 5E33CC9D 36AD3ACB C801E9A9 44A3439F 84373DC6
  68380E73 007772CD 222C5D1D 2670E1D1 23F00B2E 5BB7060F 964362C3 19E1AA60
  EE1E5A23 2C8CC60F 74337EFC 87BE61AA C3A0BF2F 32AC383B 8138E4C2 1F9DCB45
  6D7B0203 010001A3 79307730 0F060355 1D130101 FF040530 030101FF 30240603
  551D1104 1D301B82 19383737 572E5341 494E5453 46414E2E 44594E44 4E532E4F
  5247301F 0603551D 23041830 1680140F F6D62DA4 AA4E1780 C21B0C77 C5FDD17C
  62721A30 1D060355 1D0E0416 04140FF6 D62DA4AA 4E1780C2 1B0C77C5 FDD17C62
  721A300D 06092A86 4886F70D 01010405 00038181 00A172FE A4DA7CFD 8EA7E067
  BAEA5198 A1AE5727 72BDF587 44444B4F C5E1E3CD 9E62B7F8 791E29E2 F481D702
  DAEB5025 6F108354 35BB6634 5DE4E93C C7D835ED 91DEA464 39ECFDF0 EAB917C1
  A6C47BF0 0ED11106 B8208AF6 8E871C63 41E2058D 7A67CAC4 B69A1D61 F4CF60CA
  831A6EB5 ACCF2591 3B40E3E4 EAB9FAE0 994A73EA 07
        quit
dot11 syslog
ip source-route
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.10.1 192.168.10.10
ip dhcp excluded-address 192.168.20.1 192.168.20.10
!
ip dhcp pool CLIENTS
   import all
   network 192.168.20.0 255.255.255.0
   default-router 192.168.20.1
   dns-server 192.168.20.1
   lease 7
!
!
ip cef
no ip domain lookup
ip domain name MYDOMAIN.ORG
ip name-server 4.2.2.2
ip name-server 4.2.2.3
login block-for 180 attempts 3 within 60
login delay 5
login quiet-mode access-class 15
login on-failure log every 2
!
!
vpdn enable
!
vpdn-group 20
!
!
!
username dude privilege 15 secret 5 xxxxxxxxx
!
!
!
archive
 log config
  hidekeys
!
!
ip ssh time-out 30
ip ssh authentication-retries 2
ip ssh version 2
!
bridge irb
!
!
interface ATM0
 no ip address
 shutdown
 no atm ilmi-keepalive
 dsl operating-mode auto
!
interface FastEthernet0
 pppoe enable group global
 pppoe-client dial-pool-number 20
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
 no ip address
 speed basic-1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
 station-role root
!
interface Vlan1
 no ip address
!
interface Vlan10
 ip address 192.168.10.1 255.255.255.0
!
interface Vlan20
 ip address 192.168.20.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
!
interface Dialer20
 ip address negotiated
 no ip unreachables
 ip mtu 1438
 ip nat outside
 no ip virtual-reassembly
 encapsulation ppp
 ip tcp adjust-mss 1405
 dialer pool 20
 dialer idle-timeout 0
 dialer-group 20
 no cdp enable
 ppp authentication chap callin
 ppp chap hostname username@my.isp.org
 ppp chap password 7 xxxxxxxxxxx
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer20
ip http server
ip http access-class 10
ip http authentication local
ip http secure-server
ip http timeout-policy idle 600 life 900 requests 5
!
!
!
access-list 10 remark \\INTERNAL CLIENTS//
access-list 10 permit 192.168.10.0 0.0.0.255
access-list 10 permit 192.168.20.0 0.0.0.255
access-list 10 deny   any
access-list 15 remark \\QUIET LOGIN//
access-list 15 permit 192.168.10.0 0.0.0.255
!
!
!
radius-server attribute 32 include-in-access-req format %h
radius-server vsa send accounting
!
control-plane
!
bridge 20 protocol ieee
bridge 20 route ip
banner motd ^C
*********W A R N I N G*********W A R N I N G*********W A R N I N G**********

Unauthorized access will force me to unplug all of the INTERWEBS!!!!!

*********W A R N I N G*********W A R N I N G*********W A R N I N G**********
^C
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
 login authentication CONSOLE
 no modem enable
line aux 0
line vty 0 4
 access-class 10 in
 exec-timeout 15 0
 privilege level 15
 logging synchronous
 login authentication VTY
 terminal-type monitor
 transport input telnet ssh
!
scheduler max-task-time 5000
end

One last side note... when I plug the router up to the CTU, interface Vlan1 comes up up. I would like inteface vlan20 to come up up. Again, any assistance with this configuration is greatly appreciated. Thanks in advanced.

V/r

~Peanut

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

There are no comments yet