Configuring an 857W

Jas21 · March 2011

Hi

I wanted to replace my ADSL router with the Cisco 857W and have my lab (when I get round to actually configuring everything!) connect up via a default router to the 857

I found this config Cisco 857 Simple Config which looks to do the job - however, I can't figure out what DNS information I need from my ISP. DNS domain name - is this just going to be myisp.com?

As I don't get a static IP from them, do I just need their DNS IP, or as the config states, DNS 1 and 2?

Also, enabling PPP with PAP and CHAP - Is that a username and password I am supplying for authentication? (I guess this must be)

Any thoughts - config from link posted below:

!
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname [name of your router]
!
boot-start-marker
boot-end-marker
!
enable password [your enable password]
!
username [username] privilege 15 password 0 [password]
no aaa new-model
ip subnet-zero
ip dhcp excluded-address 192.168.0.1 192.168.0.4
!
ip dhcp pool sdm-pool1
network 192.168.0.1 255.255.255.0
domain-name [dns domain name]
dns-server [isp dns server 1] [isp dns server 2]
default-router 192.168.0.1
!
!
ip cef
ip name-server [isp dns server 1]
ip name-server [isp dns server 2]
no ftp-server write-enable
!
!
!
!
!
bridge irb
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode ansi-dmt
!
interface ATM0.1 point-to-point
logging event subif-link-status
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface FastEthernet0
no ip address
!
interface FastEthernet1
no ip address
!
interface FastEthernet2
no ip address
!
interface FastEthernet3
no ip address
!
interface Dot11Radio0
no ip address
!
encryption mode ciphers tkip

ssid [your wireless ssid]
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii 0 [your wpa-psk key]
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
bridge-group 1
bridge-group 1 spanning-disabled
!
interface Vlan1
no ip address
bridge-group 1
!
interface Dialer0
ip address negotiated
ip nat outside
ip virtual-reassembly
encapsulation ppp
logging event subif-link-status
dialer pool 1
dialer-group 1
ppp authentication pap chap callin
ppp chap hostname [your ISP username]
ppp chap password 0 [your ISP password]
ppp pap sent-username [your ISP username] password 0 [your ISP password]
hold-queue 224 in
!
interface BVI1
ip address 192.168.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
no ip http server
ip http authentication local
no ip http secure-server
ip nat pool pool1 192.168.0.0 192.168.1.0 netmask 0.0.0.255
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source list 102 interface Dialer0 overload
!
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 102 permit ip 0.0.0.0 255.255.255.0 any
dialer-list 1 protocol ip permit
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
!
line con 0
no modem enable
transport preferred all
transport output all
line aux 0
transport preferred all
transport output all
line vty 0 4
privilege level 15
login local
transport preferred all
transport input ssh
transport output all
!
scheduler max-task-time 5000
end

f3z81 · March 2011

What ISP you with?

I'm not sure about links being allowed but, this link covers most of the ISP'S in the uk

link

Hope this helps

SteveThing · March 2011

As far as DNS goes, why not use a public one such as google's? (8.8.4.4 and 8.8.8.

With the authentication stuff, it depends on your ISP. If they require authentication, it is usually your login to their website or your e-mail login information. Such as:

f3z81@uk.isp.net
MyPasswordIsThis

Or

f3z81
MyPasswordIsThis

Jas21 · March 2011

cheers guys

So my ISP (Be broadband) have replied:

We are not using PPP, but rather MpoA RFC 1483 bridged connection. Third party router configuration assistance can be found here: Cisco router configuration info for BE - BE Usergroup Technotes

Your connection is on dynamic IP, so if possible configure it to obtain an IP address automatically. If not you can give us a call to change to a static IP. The DNS servers are 87.194.255.154 and 87.194.255.155.

SteveThing · March 2011

Aha, neato. Most ISPs in the US don't provide those details. I had to figure it out when I was using Verizon DSL. Good thing I know a couple things about authentication. Was a bunch of trial and error.

FYI, Verizon uses the same authentication methods for those in Texas.

APA · March 2011

Wow thatś pretty cool.... I haven´t come across many ISPs still implementing MPoA...... most are using IPoE\CLIPS, PPPoE or PPPoA.

Jas21 · March 2011

question: regards the config, if I don't need to use PPP - what is the correct syntax to use MpoA instead?

SteveThing · March 2011

My config was similar to this:

interface ATM0
 no ip address
 no atm ilmi-keepalive

interface ATM0.1 point-to-point
 ip address dhcp
 ip nat outside
 atm route-bridged ip
 pvc 0/35 
  encapsulation aal5snap

If that doesn't work, lemme know and provide some debug logs if you can.

Jas21 · March 2011

hmmm, not working. not sure if I need vlan 1 with IP address or BVI1

config as posted if anyone cares to cast an eye? Asterix denotes sensitive info

857W>en
Password:
857W#sh run
Building configuration...

Current configuration : 2442 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname 857W
!
boot-start-marker
boot-end-marker
!
enable password *****
!
no aaa new-model
!
!
dot11 syslog
!
dot11 ssid *********
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii 0 *********
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.0.1 192.168.0.4
!
ip dhcp pool sdm-pool1
network 192.168.0.0 255.255.255.0
domain-name be.co.uk
dns-server 87.194.255.155 87.194.255.154
default-router 192.168.0.1
!
!
ip cef
ip name-server 87.194.255.155
ip name-server 87.194.255.154
!
!
!
username ***** privilege 15 password 0 *****
!
!
archive
log config
hidekeys
!
!
!
bridge irb
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
no ip address
shutdown
duplex auto
speed auto
!
interface Dot11Radio0
no ip address
shutdown
!
encryption mode ciphers tkip
!
ssid ***********
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Vlan1
no ip address
no ip proxy-arp
ip nat inside
ip virtual-reassembly
bridge-group 1
!
interface Dialer0
no ip address
ip nat outside
ip virtual-reassembly
logging event subif-link-status
dialer pool 1
dialer-group 1
hold-queue 224 in
!
interface BVI1
ip address 192.168.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0
!
no ip http server
ip http authentication local
no ip http secure-server
ip nat pool pool1 192.168.0.0 192.168.1.0 netmask 0.0.0.255
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source list 102 interface Dialer0 overload
!
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 102 permit ip 0.0.0.0 255.255.255.0 any
dialer-list 1 protocol ip permit
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
!
line con 0
no modem enable
transport output all
line aux 0
transport output all
line vty 0 4
privilege level 15
login local
transport input ssh
transport output all
!
scheduler max-task-time 5000
end

857W#

phoeneous · March 2011

access-list 102 permit ip 0.0.0.0 255.255.255.0 any

What's going on there for nat?

Jas21 · March 2011

Ha you know what, stupid me this is an 851 not an 857

I'll be back!

Configuring an 857W

Comments