Cisco 877w Configuration
peanutnoggin
Member Posts: 1,096 ■■■□□□□□□□
in CCNP
Hi TE,
I'm trying to configure my 877w for home usage. Right now I utilize an ADSL connection. Because of my location, I do not have access to the modem put in place by my ISP. They have however allowed me to run PPPoE passthrough (which works perfect from a PC). With the 877w, I'm trying to hook it up via the PPPoE passthrough and have it function properly. The built-in ports for the 877w are L2 ports so I have to bridge them in some way. My current setup is: Fiber box (which is converted to ethernet) ---> ISP's CTU (with a built-in 4-port switch) ---> Cisco 877w connected via any of the FastEthernet ports. I would like to know how should I bridge the FastEthernet port to either the dialer20 interface or the BVI20 interface (or both). I've posted my configs in hopes that someone can assist me. I've been modifying & erasing my config so much that I think I've now confused myself!
One last side note... when I plug the router up to the CTU, interface Vlan1 comes up up. I would like inteface vlan20 to come up up. Again, any assistance with this configuration is greatly appreciated. Thanks in advanced.
V/r
~Peanut
I'm trying to configure my 877w for home usage. Right now I utilize an ADSL connection. Because of my location, I do not have access to the modem put in place by my ISP. They have however allowed me to run PPPoE passthrough (which works perfect from a PC). With the 877w, I'm trying to hook it up via the PPPoE passthrough and have it function properly. The built-in ports for the 877w are L2 ports so I have to bridge them in some way. My current setup is: Fiber box (which is converted to ethernet) ---> ISP's CTU (with a built-in 4-port switch) ---> Cisco 877w connected via any of the FastEthernet ports. I would like to know how should I bridge the FastEthernet port to either the dialer20 interface or the BVI20 interface (or both). I've posted my configs in hopes that someone can assist me. I've been modifying & erasing my config so much that I think I've now confused myself!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log uptime
service password-encryption
!
hostname 877W
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
logging buffered 8192 notifications
enable secret 5 xxxxxxxxxxxxxxxxxxxx
!
aaa new-model
!
!
aaa group server radius rad_eap
!
aaa group server radius rad_mac
!
aaa group server radius rad_acct
!
aaa group server radius rad_admin
!
aaa group server tacacs+ tac_admin
!
aaa group server radius rad_pmip
!
aaa group server radius dummy
!
aaa authentication login default local
aaa authentication login CONSOLE none
aaa authentication login VTY local enable
aaa authentication login HTTP local none
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization ipmobile default group rad_pmip
aaa accounting network acct_methods start-stop group rad_acct
!
!
aaa session-id common
!
crypto pki trustpoint TP-self-signed-2734125745
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2734125745
revocation-check none
rsakeypair TP-self-signed-2734125745
!
!
crypto pki certificate chain TP-self-signed-2734125745
certificate self-signed 01
30820251 308201BA A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32373334 31323537 3435301E 170D3038 31303130 31343035
34335A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 37333431
32353734 3530819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100C9E4 05422A4F F545FF75 D4C6E54A AA22EB64 B43D7F9C F2201DB0 11E0C925
75A76B8E 6EAED6B2 DA08F4BC 5E33CC9D 36AD3ACB C801E9A9 44A3439F 84373DC6
68380E73 007772CD 222C5D1D 2670E1D1 23F00B2E 5BB7060F 964362C3 19E1AA60
EE1E5A23 2C8CC60F 74337EFC 87BE61AA C3A0BF2F 32AC383B 8138E4C2 1F9DCB45
6D7B0203 010001A3 79307730 0F060355 1D130101 FF040530 030101FF 30240603
551D1104 1D301B82 19383737 572E5341 494E5453 46414E2E 44594E44 4E532E4F
5247301F 0603551D 23041830 1680140F F6D62DA4 AA4E1780 C21B0C77 C5FDD17C
62721A30 1D060355 1D0E0416 04140FF6 D62DA4AA 4E1780C2 1B0C77C5 FDD17C62
721A300D 06092A86 4886F70D 01010405 00038181 00A172FE A4DA7CFD 8EA7E067
BAEA5198 A1AE5727 72BDF587 44444B4F C5E1E3CD 9E62B7F8 791E29E2 F481D702
DAEB5025 6F108354 35BB6634 5DE4E93C C7D835ED 91DEA464 39ECFDF0 EAB917C1
A6C47BF0 0ED11106 B8208AF6 8E871C63 41E2058D 7A67CAC4 B69A1D61 F4CF60CA
831A6EB5 ACCF2591 3B40E3E4 EAB9FAE0 994A73EA 07
quit
dot11 syslog
ip source-route
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.10.1 192.168.10.10
ip dhcp excluded-address 192.168.20.1 192.168.20.10
!
ip dhcp pool CLIENTS
import all
network 192.168.20.0 255.255.255.0
default-router 192.168.20.1
dns-server 192.168.20.1
lease 7
!
!
ip cef
no ip domain lookup
ip domain name MYDOMAIN.ORG
ip name-server 4.2.2.2
ip name-server 4.2.2.3
login block-for 180 attempts 3 within 60
login delay 5
login quiet-mode access-class 15
login on-failure log every 2
!
!
vpdn enable
!
vpdn-group 20
!
!
!
username dude privilege 15 secret 5 xxxxxxxxx
!
!
!
archive
log config
hidekeys
!
!
ip ssh time-out 30
ip ssh authentication-retries 2
ip ssh version 2
!
bridge irb
!
!
interface ATM0
no ip address
shutdown
no atm ilmi-keepalive
dsl operating-mode auto
!
interface FastEthernet0
pppoe enable group global
pppoe-client dial-pool-number 20
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
no ip address
speed basic-1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
!
interface Vlan1
no ip address
!
interface Vlan10
ip address 192.168.10.1 255.255.255.0
!
interface Vlan20
ip address 192.168.20.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface Dialer20
ip address negotiated
no ip unreachables
ip mtu 1438
ip nat outside
no ip virtual-reassembly
encapsulation ppp
ip tcp adjust-mss 1405
dialer pool 20
dialer idle-timeout 0
dialer-group 20
no cdp enable
ppp authentication chap callin
ppp chap hostname username@my.isp.org
ppp chap password 7 xxxxxxxxxxx
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer20
ip http server
ip http access-class 10
ip http authentication local
ip http secure-server
ip http timeout-policy idle 600 life 900 requests 5
!
!
!
access-list 10 remark \\INTERNAL CLIENTS//
access-list 10 permit 192.168.10.0 0.0.0.255
access-list 10 permit 192.168.20.0 0.0.0.255
access-list 10 deny any
access-list 15 remark \\QUIET LOGIN//
access-list 15 permit 192.168.10.0 0.0.0.255
!
!
!
radius-server attribute 32 include-in-access-req format %h
radius-server vsa send accounting
!
control-plane
!
bridge 20 protocol ieee
bridge 20 route ip
banner motd ^C
*********W A R N I N G*********W A R N I N G*********W A R N I N G**********
Unauthorized access will force me to unplug all of the INTERWEBS!!!!!
*********W A R N I N G*********W A R N I N G*********W A R N I N G**********
^C
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
login authentication CONSOLE
no modem enable
line aux 0
line vty 0 4
access-class 10 in
exec-timeout 15 0
privilege level 15
logging synchronous
login authentication VTY
terminal-type monitor
transport input telnet ssh
!
scheduler max-task-time 5000
end
One last side note... when I plug the router up to the CTU, interface Vlan1 comes up up. I would like inteface vlan20 to come up up. Again, any assistance with this configuration is greatly appreciated. Thanks in advanced.
V/r
~Peanut
We cannot have a superior democracy with an inferior education system!
-Mayor Cory Booker
-Mayor Cory Booker