Configuring an 857W

Jas21Jas21 Posts: 51Member ■■□□□□□□□□
Hi

I wanted to replace my ADSL router with the Cisco 857W and have my lab (when I get round to actually configuring everything!) connect up via a default router to the 857

I found this config Cisco 857 Simple Config which looks to do the job - however, I can't figure out what DNS information I need from my ISP. DNS domain name - is this just going to be myisp.com?

As I don't get a static IP from them, do I just need their DNS IP, or as the config states, DNS 1 and 2?

Also, enabling PPP with PAP and CHAP - Is that a username and password I am supplying for authentication? (I guess this must be)

Any thoughts - config from link posted below:

!
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname [name of your router]
!
boot-start-marker
boot-end-marker
!
enable password [your enable password]
!
username [username] privilege 15 password 0 [password]
no aaa new-model
ip subnet-zero
ip dhcp excluded-address 192.168.0.1 192.168.0.4
!
ip dhcp pool sdm-pool1
network 192.168.0.1 255.255.255.0
domain-name [dns domain name]
dns-server [isp dns server 1] [isp dns server 2]
default-router 192.168.0.1
!
!
ip cef
ip name-server [isp dns server 1]
ip name-server [isp dns server 2]
no ftp-server write-enable
!
!
!
!
!
bridge irb
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode ansi-dmt
!
interface ATM0.1 point-to-point
logging event subif-link-status
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface FastEthernet0
no ip address
!
interface FastEthernet1
no ip address
!
interface FastEthernet2
no ip address
!
interface FastEthernet3
no ip address
!
interface Dot11Radio0
no ip address
!
encryption mode ciphers tkip

ssid [your wireless ssid]
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii 0 [your wpa-psk key]
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
bridge-group 1
bridge-group 1 spanning-disabled
!
interface Vlan1
no ip address
bridge-group 1
!
interface Dialer0
ip address negotiated
ip nat outside
ip virtual-reassembly
encapsulation ppp
logging event subif-link-status
dialer pool 1
dialer-group 1
ppp authentication pap chap callin
ppp chap hostname [your ISP username]
ppp chap password 0 [your ISP password]
ppp pap sent-username [your ISP username] password 0 [your ISP password]
hold-queue 224 in
!
interface BVI1
ip address 192.168.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
no ip http server
ip http authentication local
no ip http secure-server
ip nat pool pool1 192.168.0.0 192.168.1.0 netmask 0.0.0.255
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source list 102 interface Dialer0 overload
!
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 102 permit ip 0.0.0.0 255.255.255.0 any
dialer-list 1 protocol ip permit
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
!
line con 0
no modem enable
transport preferred all
transport output all
line aux 0
transport preferred all
transport output all
line vty 0 4
privilege level 15
login local
transport preferred all
transport input ssh
transport output all
!
scheduler max-task-time 5000
end

Comments

  • f3z81f3z81 Posts: 37Member ■■□□□□□□□□
    What ISP you with?

    I'm not sure about links being allowed but, this link covers most of the ISP'S in the uk

    link

    Hope this helps
    2011:

    CCNA April / May (Hopefully)

    ITIL v3
    Prince2
    MCTS Windows 7

    Then Rest! :thumbup:
  • SteveThingSteveThing Posts: 42Member ■■□□□□□□□□
    As far as DNS goes, why not use a public one such as google's? (8.8.4.4 and 8.8.8.icon_cool.gif

    With the authentication stuff, it depends on your ISP. If they require authentication, it is usually your login to their website or your e-mail login information. Such as:

    [email protected]
    MyPasswordIsThis

    Or

    f3z81
    MyPasswordIsThis
    CompTIA: Net+, Sec+
    Aruba: ACMA, ACMP
    Air Force:
    2E251, 3D152, Fiber Installation Expert, Certified Cryptographic Network Professional, and a couple hundred useless certs on nothing important in real life (aka, Tree Killing+)
  • Jas21Jas21 Posts: 51Member ■■□□□□□□□□
    cheers guys

    So my ISP (Be broadband) have replied:

    We are not using PPP, but rather MpoA RFC 1483 bridged connection. Third party router configuration assistance can be found here: Cisco router configuration info for BE - BE Usergroup Technotes

    Your connection is on dynamic IP, so if possible configure it to obtain an IP address automatically. If not you can give us a call to change to a static IP. The DNS servers are 87.194.255.154 and 87.194.255.155.
  • SteveThingSteveThing Posts: 42Member ■■□□□□□□□□
    Aha, neato. Most ISPs in the US don't provide those details. I had to figure it out when I was using Verizon DSL. Good thing I know a couple things about authentication. Was a bunch of trial and error.

    FYI, Verizon uses the same authentication methods for those in Texas.
    CompTIA: Net+, Sec+
    Aruba: ACMA, ACMP
    Air Force:
    2E251, 3D152, Fiber Installation Expert, Certified Cryptographic Network Professional, and a couple hundred useless certs on nothing important in real life (aka, Tree Killing+)
  • APAAPA Posts: 959Member
    Wow thatś pretty cool.... I haven´t come across many ISPs still implementing MPoA...... most are using IPoE\CLIPS, PPPoE or PPPoA.

    CCNA | CCNA:Security | CCNP | CCIP
    JNCIA:JUNOS | JNCIA:EX | JNCIS:ENT | JNCIS:SEC
    JNCIS:SP | JNCIP:SP
  • Jas21Jas21 Posts: 51Member ■■□□□□□□□□
    question: regards the config, if I don't need to use PPP - what is the correct syntax to use MpoA instead?
  • SteveThingSteveThing Posts: 42Member ■■□□□□□□□□
    My config was similar to this:
    interface ATM0
     no ip address
     no atm ilmi-keepalive
    
    interface ATM0.1 point-to-point
     ip address dhcp
     ip nat outside
     atm route-bridged ip
     pvc 0/35 
      encapsulation aal5snap
    

    If that doesn't work, lemme know and provide some debug logs if you can.
    CompTIA: Net+, Sec+
    Aruba: ACMA, ACMP
    Air Force:
    2E251, 3D152, Fiber Installation Expert, Certified Cryptographic Network Professional, and a couple hundred useless certs on nothing important in real life (aka, Tree Killing+)
  • Jas21Jas21 Posts: 51Member ■■□□□□□□□□
    hmmm, not working. not sure if I need vlan 1 with IP address or BVI1

    config as posted if anyone cares to cast an eye? Asterix denotes sensitive info


    857W>en
    Password:
    857W#sh run
    Building configuration...

    Current configuration : 2442 bytes
    !
    version 12.4
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname 857W
    !
    boot-start-marker
    boot-end-marker
    !
    enable password *****
    !
    no aaa new-model
    !
    !
    dot11 syslog
    !
    dot11 ssid *********
    authentication open
    authentication key-management wpa
    guest-mode
    wpa-psk ascii 0 *********
    !
    no ip dhcp use vrf connected
    ip dhcp excluded-address 192.168.0.1 192.168.0.4
    !
    ip dhcp pool sdm-pool1
    network 192.168.0.0 255.255.255.0
    domain-name be.co.uk
    dns-server 87.194.255.155 87.194.255.154
    default-router 192.168.0.1
    !
    !
    ip cef
    ip name-server 87.194.255.155
    ip name-server 87.194.255.154
    !
    !
    !
    username ***** privilege 15 password 0 *****
    !
    !
    archive
    log config
    hidekeys
    !
    !
    !
    bridge irb
    !
    !
    interface FastEthernet0
    !
    interface FastEthernet1
    !
    interface FastEthernet2
    !
    interface FastEthernet3
    !
    interface FastEthernet4
    no ip address
    shutdown
    duplex auto
    speed auto
    !
    interface Dot11Radio0
    no ip address
    shutdown
    !
    encryption mode ciphers tkip
    !
    ssid ***********
    !
    speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
    station-role root
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 spanning-disabled
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    !
    interface Vlan1
    no ip address
    no ip proxy-arp
    ip nat inside
    ip virtual-reassembly
    bridge-group 1
    !
    interface Dialer0
    no ip address
    ip nat outside
    ip virtual-reassembly
    logging event subif-link-status
    dialer pool 1
    dialer-group 1
    hold-queue 224 in
    !
    interface BVI1
    ip address 192.168.0.1 255.255.255.0
    ip nat inside
    ip virtual-reassembly
    !
    ip forward-protocol nd
    ip route 0.0.0.0 0.0.0.0 Dialer0
    !
    no ip http server
    ip http authentication local
    no ip http secure-server
    ip nat pool pool1 192.168.0.0 192.168.1.0 netmask 0.0.0.255
    ip nat inside source list 1 interface Dialer0 overload
    ip nat inside source list 102 interface Dialer0 overload
    !
    access-list 1 permit 192.168.0.0 0.0.0.255
    access-list 102 permit ip 0.0.0.0 255.255.255.0 any
    dialer-list 1 protocol ip permit
    !
    control-plane
    !
    bridge 1 protocol ieee
    bridge 1 route ip
    !
    line con 0
    no modem enable
    transport output all
    line aux 0
    transport output all
    line vty 0 4
    privilege level 15
    login local
    transport input ssh
    transport output all
    !
    scheduler max-task-time 5000
    end

    857W#
  • phoeneousphoeneous Go ping yourself... Posts: 2,333Member ■■■■■■■□□□
    access-list 102 permit ip 0.0.0.0 255.255.255.0 any

    What's going on there for nat?
  • Jas21Jas21 Posts: 51Member ■■□□□□□□□□
    Ha you know what, stupid me this is an 851 not an 857 icon_redface.gif

    I'll be back! icon_rolleyes.gif
Sign In or Register to comment.