Cisco 1750 + WIC-IDSU-T1 Setup

I am going to be setting up a Cisco 1750 + WIC-IDSU-T1, neither of which I have set up before and wanted to check the configuration file before I started tinkering around with it.  The phone company has installed a dedicated T1 line for Internet access that I need to configure the router with.
Here is the information the ISP has given me (the * represents the same number in all of the addresses):
ISP Serial:       *.127.134.93/30 ( 255.255.255.252 )
Customer Serial:      *.127.134.94/30 ( 255.255.255.252 )
Encapsulation:      CISCO-HDLC
LAN IP Block:      *.125.135.176/29 ( 255.255.255.248 )
Routing Type:      Static

And I here is what I have pieced together for a configuration:
!
!
memory size iomem 20
ip subnet-zero
!
interface Ethernet0/0
 ip address *.125.135.176 255.255.255.248
!
interface FastEthernet/0/0
 ip address 10.0.0.1 255.255.255.0
!
interface Serial1/0
 ip address *.127.134.93 255.255.255.252
 encapsualtion CISCO-HDLC
!
router rip
 redistributed connected
 network 10.0.0.0
 network *.0.0.0
!
ip classes
ip route 0.0.0.0 0.0.0.0 *.127.134.93
no http server

line con 0
line aux 0
line vty 0 4

-------------------------

Does this look right?  Also how difficult will it be to install the T1 card into the router?

Thanks,
Chad
LVL 1
bdhtechnologyAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

BytorCommented:
Hello,

The router T1 card should be a slide in module, very easy to install.  The only thing to watch for is that if the router is not shipping with the T1 card already installed, they could be shipping you a V2 Wic T1 card, and the router could have been sitting on the shelf and have an older IOS version that doesn't support the V2 card.  You would need to update the IOS.  But if you put the card in the router, and it boots up and sees it, do a 'show version' or 'sh ver' for short and make sure it sees the card.  You can also get your IOS version from here.

Look at your config, the first thing I notice is that your int serial 1/0 IP is wrong, based on the info you have provided you should be using *.127.134.94/30, as the ISP's router is *.127.134.93.  Router default route looks correct.  I see that you have turned RIP on, does that mean you have network's sitting behind the Internet Router on a WAN?  If you only have one or two networks I would use static routes as routing protocols add overhead to your router.  If you only have a couple of remote locations then it would be just as easy to use static routes.  If you don't have any routed networks sitting behind you, then you definitly don't need to turn on RIP.

Make sure you put a password and access-list on your telnet port if you want to access it remotely. The below config will setup telnet access from the 10.0.0.0/24 subnet to the router and prompt for a password

config t
access-list 1 permit 10.0.0.0 255.255.255.0
line vty 0 4
password 'password'
access-class 1 in
login

Also, You need to setup NAT if you are going to use the Private 10.0.0.0/24 network on your LAN.  I would NAT to the LAN IP Block you have been given.  Something like this

config t
ip nat pool NATPOOL *.125.135.176 255.255.255.248
int s1/0
ip nat outside
exit
int eth 0/0
ip nat inside


It's been a few years since I had to configure NAT on a Cisco router, so I would check the syntax, as I know there are some new config options.  If you are going to be hosting servers, ie. SMTP, inside your network, then I would really recommend you get a Firewall, personal preference is Watchguard, and put the LAN IP Block on the Ethernet Interface and let the Firewall do NAT and handle your inbound rules.  I would avoid have the router be a firewall for anything other than NAT.

Hope this helps.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
calvinetterCommented:
Hi Chad,

Bytor is right - you'll need to correct the IP on your serial interface to the *.127.134.94 address.

I also agree that unless you have a compelling reason to use routing protocols (ie, you have maybe 8 or more internal networks in which routes would change daily), you should instead use static routes.  And if you must use routing protocols, if you have all Cisco routers, EIGRP is a MUCH better choice than RIP.


Here's the series of commands you can use to setup NAT (technically PAT in this case) on your router:

ip access-list ext 100
permit ip 10.0.0.0 0.0.0.255 any
exit

route-map ONE permit 3
match ip address 100
exit

ip nat inside source route-map ONE interface Serial1/0 overload

Good luck!
bdhtechnologyAuthor Commented:
Yea I just typed the serial address line wrong, but it's better that I found it now instead of pulling my hair out later.  I'll get rid of the router rip, I just used it in a different config that I based this one from.  And I will add the telnet config in for sure.

All of this equipment is suppose to be new so hopefully it will have the current IOS on it, but if not does anyone know what the minimum version would need to be to support a V2 card?

So as for NAT/PAT, what would the correct configuration be?  I have seen what looks like several different setups.

Thanks!
bdhtechnologyAuthor Commented:
Well it was a V1 card so that wasn't an issue, I am still having problems with NAT/PAT but I will post a different thread for that since it is different than the orginal questions.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking

From novice to tech pro — start learning today.