Configuring an 857W
Jas21
Member Posts: 51 ■■□□□□□□□□
in CCNA & CCENT
Hi
I wanted to replace my ADSL router with the Cisco 857W and have my lab (when I get round to actually configuring everything!) connect up via a default router to the 857
I found this config Cisco 857 Simple Config which looks to do the job - however, I can't figure out what DNS information I need from my ISP. DNS domain name - is this just going to be myisp.com?
As I don't get a static IP from them, do I just need their DNS IP, or as the config states, DNS 1 and 2?
Also, enabling PPP with PAP and CHAP - Is that a username and password I am supplying for authentication? (I guess this must be)
Any thoughts - config from link posted below:
!
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname [name of your router]
!
boot-start-marker
boot-end-marker
!
enable password [your enable password]
!
username [username] privilege 15 password 0 [password]
no aaa new-model
ip subnet-zero
ip dhcp excluded-address 192.168.0.1 192.168.0.4
!
ip dhcp pool sdm-pool1
network 192.168.0.1 255.255.255.0
domain-name [dns domain name]
dns-server [isp dns server 1] [isp dns server 2]
default-router 192.168.0.1
!
!
ip cef
ip name-server [isp dns server 1]
ip name-server [isp dns server 2]
no ftp-server write-enable
!
!
!
!
!
bridge irb
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode ansi-dmt
!
interface ATM0.1 point-to-point
logging event subif-link-status
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface FastEthernet0
no ip address
!
interface FastEthernet1
no ip address
!
interface FastEthernet2
no ip address
!
interface FastEthernet3
no ip address
!
interface Dot11Radio0
no ip address
!
encryption mode ciphers tkip
ssid [your wireless ssid]
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii 0 [your wpa-psk key]
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
bridge-group 1
bridge-group 1 spanning-disabled
!
interface Vlan1
no ip address
bridge-group 1
!
interface Dialer0
ip address negotiated
ip nat outside
ip virtual-reassembly
encapsulation ppp
logging event subif-link-status
dialer pool 1
dialer-group 1
ppp authentication pap chap callin
ppp chap hostname [your ISP username]
ppp chap password 0 [your ISP password]
ppp pap sent-username [your ISP username] password 0 [your ISP password]
hold-queue 224 in
!
interface BVI1
ip address 192.168.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
no ip http server
ip http authentication local
no ip http secure-server
ip nat pool pool1 192.168.0.0 192.168.1.0 netmask 0.0.0.255
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source list 102 interface Dialer0 overload
!
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 102 permit ip 0.0.0.0 255.255.255.0 any
dialer-list 1 protocol ip permit
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
!
line con 0
no modem enable
transport preferred all
transport output all
line aux 0
transport preferred all
transport output all
line vty 0 4
privilege level 15
login local
transport preferred all
transport input ssh
transport output all
!
scheduler max-task-time 5000
end
I wanted to replace my ADSL router with the Cisco 857W and have my lab (when I get round to actually configuring everything!) connect up via a default router to the 857
I found this config Cisco 857 Simple Config which looks to do the job - however, I can't figure out what DNS information I need from my ISP. DNS domain name - is this just going to be myisp.com?
As I don't get a static IP from them, do I just need their DNS IP, or as the config states, DNS 1 and 2?
Also, enabling PPP with PAP and CHAP - Is that a username and password I am supplying for authentication? (I guess this must be)
Any thoughts - config from link posted below:
!
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname [name of your router]
!
boot-start-marker
boot-end-marker
!
enable password [your enable password]
!
username [username] privilege 15 password 0 [password]
no aaa new-model
ip subnet-zero
ip dhcp excluded-address 192.168.0.1 192.168.0.4
!
ip dhcp pool sdm-pool1
network 192.168.0.1 255.255.255.0
domain-name [dns domain name]
dns-server [isp dns server 1] [isp dns server 2]
default-router 192.168.0.1
!
!
ip cef
ip name-server [isp dns server 1]
ip name-server [isp dns server 2]
no ftp-server write-enable
!
!
!
!
!
bridge irb
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode ansi-dmt
!
interface ATM0.1 point-to-point
logging event subif-link-status
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface FastEthernet0
no ip address
!
interface FastEthernet1
no ip address
!
interface FastEthernet2
no ip address
!
interface FastEthernet3
no ip address
!
interface Dot11Radio0
no ip address
!
encryption mode ciphers tkip
ssid [your wireless ssid]
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii 0 [your wpa-psk key]
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
bridge-group 1
bridge-group 1 spanning-disabled
!
interface Vlan1
no ip address
bridge-group 1
!
interface Dialer0
ip address negotiated
ip nat outside
ip virtual-reassembly
encapsulation ppp
logging event subif-link-status
dialer pool 1
dialer-group 1
ppp authentication pap chap callin
ppp chap hostname [your ISP username]
ppp chap password 0 [your ISP password]
ppp pap sent-username [your ISP username] password 0 [your ISP password]
hold-queue 224 in
!
interface BVI1
ip address 192.168.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
no ip http server
ip http authentication local
no ip http secure-server
ip nat pool pool1 192.168.0.0 192.168.1.0 netmask 0.0.0.255
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source list 102 interface Dialer0 overload
!
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 102 permit ip 0.0.0.0 255.255.255.0 any
dialer-list 1 protocol ip permit
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
!
line con 0
no modem enable
transport preferred all
transport output all
line aux 0
transport preferred all
transport output all
line vty 0 4
privilege level 15
login local
transport preferred all
transport input ssh
transport output all
!
scheduler max-task-time 5000
end
Comments
-
SteveThing Member Posts: 42 ■■□□□□□□□□As far as DNS goes, why not use a public one such as google's? (8.8.4.4 and 8.8.8.
With the authentication stuff, it depends on your ISP. If they require authentication, it is usually your login to their website or your e-mail login information. Such as:
f3z81@uk.isp.net
MyPasswordIsThis
Or
f3z81
MyPasswordIsThisCompTIA: Net+, Sec+
Aruba: ACMA, ACMP
Air Force:
2E251, 3D152, Fiber Installation Expert, Certified Cryptographic Network Professional, and a couple hundred useless certs on nothing important in real life (aka, Tree Killing+) -
Jas21 Member Posts: 51 ■■□□□□□□□□cheers guys
So my ISP (Be broadband) have replied:
We are not using PPP, but rather MpoA RFC 1483 bridged connection. Third party router configuration assistance can be found here: Cisco router configuration info for BE - BE Usergroup Technotes
Your connection is on dynamic IP, so if possible configure it to obtain an IP address automatically. If not you can give us a call to change to a static IP. The DNS servers are 87.194.255.154 and 87.194.255.155. -
SteveThing Member Posts: 42 ■■□□□□□□□□Aha, neato. Most ISPs in the US don't provide those details. I had to figure it out when I was using Verizon DSL. Good thing I know a couple things about authentication. Was a bunch of trial and error.
FYI, Verizon uses the same authentication methods for those in Texas.CompTIA: Net+, Sec+
Aruba: ACMA, ACMP
Air Force:
2E251, 3D152, Fiber Installation Expert, Certified Cryptographic Network Professional, and a couple hundred useless certs on nothing important in real life (aka, Tree Killing+) -
APA Member Posts: 959Wow thatś pretty cool.... I haven´t come across many ISPs still implementing MPoA...... most are using IPoE\CLIPS, PPPoE or PPPoA.
CCNA | CCNA:Security | CCNP | CCIP
JNCIA:JUNOS | JNCIA:EX | JNCIS:ENT | JNCIS:SEC
JNCIS:SP | JNCIP:SP -
Jas21 Member Posts: 51 ■■□□□□□□□□question: regards the config, if I don't need to use PPP - what is the correct syntax to use MpoA instead?
-
SteveThing Member Posts: 42 ■■□□□□□□□□My config was similar to this:
interface ATM0 no ip address no atm ilmi-keepalive interface ATM0.1 point-to-point ip address dhcp ip nat outside atm route-bridged ip pvc 0/35 encapsulation aal5snap
If that doesn't work, lemme know and provide some debug logs if you can.CompTIA: Net+, Sec+
Aruba: ACMA, ACMP
Air Force:
2E251, 3D152, Fiber Installation Expert, Certified Cryptographic Network Professional, and a couple hundred useless certs on nothing important in real life (aka, Tree Killing+) -
Jas21 Member Posts: 51 ■■□□□□□□□□hmmm, not working. not sure if I need vlan 1 with IP address or BVI1
config as posted if anyone cares to cast an eye? Asterix denotes sensitive info
857W>en
Password:
857W#sh run
Building configuration...
Current configuration : 2442 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname 857W
!
boot-start-marker
boot-end-marker
!
enable password *****
!
no aaa new-model
!
!
dot11 syslog
!
dot11 ssid *********
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii 0 *********
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.0.1 192.168.0.4
!
ip dhcp pool sdm-pool1
network 192.168.0.0 255.255.255.0
domain-name be.co.uk
dns-server 87.194.255.155 87.194.255.154
default-router 192.168.0.1
!
!
ip cef
ip name-server 87.194.255.155
ip name-server 87.194.255.154
!
!
!
username ***** privilege 15 password 0 *****
!
!
archive
log config
hidekeys
!
!
!
bridge irb
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
no ip address
shutdown
duplex auto
speed auto
!
interface Dot11Radio0
no ip address
shutdown
!
encryption mode ciphers tkip
!
ssid ***********
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Vlan1
no ip address
no ip proxy-arp
ip nat inside
ip virtual-reassembly
bridge-group 1
!
interface Dialer0
no ip address
ip nat outside
ip virtual-reassembly
logging event subif-link-status
dialer pool 1
dialer-group 1
hold-queue 224 in
!
interface BVI1
ip address 192.168.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0
!
no ip http server
ip http authentication local
no ip http secure-server
ip nat pool pool1 192.168.0.0 192.168.1.0 netmask 0.0.0.255
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source list 102 interface Dialer0 overload
!
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 102 permit ip 0.0.0.0 255.255.255.0 any
dialer-list 1 protocol ip permit
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
!
line con 0
no modem enable
transport output all
line aux 0
transport output all
line vty 0 4
privilege level 15
login local
transport input ssh
transport output all
!
scheduler max-task-time 5000
end
857W#
-
phoeneous Member Posts: 2,333 ■■■■■■■□□□access-list 102 permit ip 0.0.0.0 255.255.255.0 any
What's going on there for nat? -
Jas21 Member Posts: 51 ■■□□□□□□□□Ha you know what, stupid me this is an 851 not an 857
I'll be back!