Question

Locked

Cisco Router 871 Configure for Small Business

By linas ·
Hi All,

Having problem seting up Cisco 871 software 12.3 router for internet use at my office.

Here is the setup.

We have broadband provided by phone line. I have adsl modem in bridge mode.

So here is what i did for cisco box:

1.Because it is not a first time i am doing this i have reseted my router to factory defaults.

2.Gave router name, configured enable secret and password.

3.Because 4 ports on the router are level 2 (figured this out recently:), i am creating vlan 172

config t
int vlan 172
ip address 172.20.20.100 255.255.255.0
no shutdown

4. Configured F0 interface to be switch port mode access. And switchport access vlan 172.

config t
int f0
switchport mode access
switchport access vlan 172
no shutdown

So now i have f0 int on vlan 172. and i can ping ip 172.20.20.100

5.Configured Https access to router

ip http server

ip http secure-server

ip http authentication local

Created a user account with privilege level 15.

username username privilege 15 password 0 password

Configured SSH and Telnet for local login and privilege level 15:

line vty 0 4

privilege level 15

login local

transport input telnet

transport input telnet ssh

Enabled local logging to support the log monitoring function:

logging buffered 51200 warning

copy run start

reload


Have access now with Cisco Professional


6. Confiured my laptop with static ip address of 172.20.20.102, gateway is cisco 172.20.20.100. DNS is isp. Opened Cisco Professional the look of it is the same as Cisco SDM.


7. Went in to Intefaces and Connections.

Selected Create New Connection, Ethernet (PPOE or Unencapsulated Routing).
Enabled PPOE Encapsulation

Under ip address section selected Easy IP (IP Negotiated) because this is reuirement form ISP, as gateways are redundant.

Selecet Chap and PAP Authentication type as i am not sure which is ISP using.

Next i selected Default static route, and selected "use this interface as forwarding interface", and selected PAT option and choose VLAN172 as to be translated.

these wre comands sent to router after step 7

access-list 1 remark INSIDE_IF=Vlan172
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 172.20.20.0 0.0.0.255
interface Vlan172
ip tcp adjust-mss 1412
ip nat inside
exit
interface Dialer0
exit
default interface Dialer0
interface Dialer0
ip mtu 1452
no shutdown
ip address negotiated
ip nat outside
dialer pool 1
dialer-group 1
encapsulation ppp
dialer idle-timeout 120
dialer fast-idle 20
ppp authentication chap pap callin
ppp pap sent-username eircom@eircom.net password 0 **********
ppp chap hostname eircom@eircom.net
ppp chap password 0 **********
exit
interface FastEthernet4
description $ETH-WAN$
no shutdown
pppoe-client dial-pool-number 1
exit
ip nat inside source list 1 interface Dialer0 overload
ip route 0.0.0.0 0.0.0.0 Dialer0 1
dialer-list 1 protocol ip permit


After this step i have PPP light coming up on my router, so it is connected to ISP.

if i run SH IP INT Dialer 0

Internet address is **.46.***.**/32
Broadcast address is 255.255.255.255
Address determined by IPCP
MTU is 1452 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Outgoing access list is not set
Inbound access list is not set
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP fast switching on the same interface is enabled
IP Flow switching is disabled
IP CEF switching is disabled
IP Feature Fast switching turbo vector
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Policy routing is disabled
Network address translation is enabled, interface in domain outside
BGP Policy Mapping is disabled


So i can notice in begining internet address is given to my router.

But if i try to ping any public ip address or do trace route it keeps timing out.

Here is my router runing config:

Building configuration...


Current configuration : 3472 bytes

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname NIS-Router

!

boot-start-marker

boot-end-marker

!

logging buffered 51200 warnings

enable secret 5 $1$dy8e$2E26INghms91ckeV0vTeK/

enable password ***

!

no aaa new-model

!

crypto pki trustpoint TP-self-signed-1774761845

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-1774761845

revocation-check none

rsakeypair TP-self-signed-1774761845

!

!

crypto pki certificate chain TP-self-signed-1774761845

certificate self-signed 01

30820242 308201AB A0030201 02020101 300D0609 2A864886 F70D0101 04050030

31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274

69666963 6174652D 31373734 37363138 3435301E 170D3039 30363132 30313334

34365A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649

4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 37373437

36313834 3530819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281

8100CF52 90FA4F8A 7A831727 878FDD35 2334B07B FDB39D99 6D629F82 F42FB9B9

B7C2986B 2DB1220E E20EEC09 A9B6BB73 0CD2C4AC 4943B3DD 04BF7846 568E1265

EE69E373 5ABDDA58 F9CBD05F 43C5F4D3 2E420688 D88F23CF CA9312D2 D90D07

FA94664F 47501C28 D6E00C5D F16FEEC0 2D0FB77F 2AC202D1 BF50D57B AE0D967C

F6690203 010001A3 6A306830 0F060355 1D130101 FF040530 030101FF 30150603

551D1104 0E300C82 0A4E4953 2D526F75 74657230 1F060355 1D230418 30168014

C9E39292 716AB4E0 96D6F8EC 522355C5 EBD0A0B1 301D0603 551D0E04 160414C9

E3929271 6AB4E096 D6F8EC52 2355C5EB D0A0B130 0D06092A 864886F7 0D010104

05000381 81006E7A 52C396F2 9C82DF84 B90753C2 4FF574AA 408DE6F9 5C7E7250

A94C3E58 AAB8236F 8F42E9F4 C4CACE21 28C8B329 C3B5B26A 92CAD21F 88C081C3

A420D661 222D4144 9CB9D3C5 FB85F71C C03E7E17 B8DAF65D 34291E29 9CDCA1F5

62891740 BEAC2B81 D8669C9E 20E7D000 616D34FE 6958D230 DEFE3AA4 0E66D984

651ABF2F C459

quit

dot11 syslog

no ip routing

no ip cef

!

!

!

!

!

username admin privilege 15 password 0 *******

!

!

archive

log config

hidekeys

!

!

!

!

!

interface FastEthernet0

switchport access vlan 172

!

interface FastEthernet1

shutdown

!

interface FastEthernet2

shutdown

!

interface FastEthernet3

shutdown

!

interface FastEthernet4

description $ETH-WAN$

no ip address

no ip route-cache

duplex auto

speed auto

pppoe-client dial-pool-number 1

!

interface Vlan1

no ip address

no ip route-cache

shutdown

!

interface Vlan172

ip address 172.20.20.100 255.255.255.0

ip nat inside

ip virtual-reassembly

ip tcp adjust-mss 1412

!

interface Dialer0

ip address negotiated

ip mtu 1452

ip nat outside

ip virtual-reassembly

encapsulation ppp

dialer pool 1

dialer-group 1

ppp authentication chap pap callin

ppp chap hostname eircom@eircom.net

ppp chap password 0 ******

ppp pap sent-username eircom@eircom.net password 0 *****

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 Dialer0

!

ip http server

ip http authentication local

ip http secure-server

ip nat inside source list 1 interface Dialer0 overload

!

access-list 1 remark INSIDE_IF=Vlan172

access-list 1 remark CCP_ACL Category=2

access-list 1 permit 172.20.20.0 0.0.0.255

dialer-list 1 protocol ip permit

snmp-server community public RO

!

!

!

control-plane

!

!

line con 0

no modem enable

line aux 0

line vty 0 4

privilege level 15

password *****

login local

transport input telnet ssh

!

scheduler max-task-time 5000

end

So my question is what i am missing as i am getting furstrated here after playing with this for 3 days, and googling every thing i could think of.

Why i am not getting on to internet ? even without dns ? Why cant i ping any public address?

Any suggestions will be appresiated !!

Thanks in advance for your time !

This conversation is currently closed to new comments.

8 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Use Cisco SDM

by CG IT In reply to Cisco Router 871 Configur ...

I suggest you use SDM to configure your router.

http://www.cisco.com/pcgi-bin/tablebuild.pl/sdm

It will configure your router for you to give you basic services. Beyond that, you really need to know IOS.

Collapse -

Thats what i use

by linas In reply to Use Cisco SDM

Hi,

Thanks for quick reply, thats what i am using.

Cisco SDM or Cisco Professional, they look almost identical.

But i am not getting results.

So thats way i am asking your help :)

I had Cisco SR520 configured with no problem but this router is giving me hard time.

I want someone to look at the config and see is there something missing.

And i am familiar with IOS, a bit, but far not enought.

Collapse -

There is a tutorial on Techrepublic for

by CG IT In reply to Thats what i use

configuring the Cisco 800 series routers. I think Dave Davies created it.

Here's a link to a portion of it.

http://articles.techrepublic.com.com/5100-10878_11-6112367.html

Best I'm gonna do. While someone might look at your config and tell ya, I won't. The reason is that you have to know why something is the way it is on Cisco IOS. Without that, you'll never know why one config works and another doesn't.

Collapse -

Thanks for that, but i just want someone to look at my config file

by linas In reply to There is a tutorial on Te ...

Thanks for your help. I have looked at the link, and this is not what i am looking for, my router is not wireless and i dont need anything more than internet, if i get internet working i will get everything else working my self. It just something is blocking it right now. I appreciate your help !

Collapse -

Sorted

by linas In reply to Thanks for that, but i ju ...

Got sorted, forgot to enable ip routing :)

Collapse -

Hi

by demo2020 In reply to Cisco Router 871 Configur ...

Hi, add "IP CLASSLESS" global configuration command to your config. This shld work.
I also think you shld configure the router as a dhcp server and let it allocate IPs to your devices.

Collapse -

Got sorted this problem

by linas In reply to Hi

Hi,

Thanks for reply, i got sorted with this, i had bo routing turned on, and in relation to DHCP i have winsbs2003 acting as dhcp !


Thanks !

Back to Networks Forum
8 total posts (Page 1 of 1)  

Related Discussions

Related Forums