Solved

Config file for a Cisco 1840 router

Posted on 2006-07-20
18
2,902 Views
Last Modified: 2013-11-29
Does anyone have a router config file for a cisco 1841 router.  I know I would have to change the IP#s in the config file but was hoping to use a existing config file to upload to it with a tftp server.  

I have my T1 line down and I am a beginer with the routher work.  I was told that I could probably just load a config file using a tftp server (which i already have - Tftpd32 version 3.00)  but i obviously need to make the changes to the IP address area first.

0
Comment
Question by:kfarhang
  • 11
  • 6
18 Comments
 
LVL 7

Expert Comment

by:knightrider2k2
Comment Utility
OK, questions:

T1
What is the framing and line coding, Speed, encapsulation, clocking(line/network)

CSU/DSU
external or a WIC
0
 
LVL 22

Accepted Solution

by:
rickhobbs earned 500 total points
Comment Utility
Current configuration : 3562 bytes
!
! Last configuration change at 19:14:01 PCTime Wed Sep 28 2005 by
! NVRAM config last updated at 16:41:17 PCTime Wed Sep 28 2005 by s
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname asnnet
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200 debugging
enable secret 5 $1$mJUs$bNgWjfOluxaMJ2EBIkLj41
enable password 7 094E431E145646
!
no aaa new-model
!
resource policy
!
clock timezone PCTime -5
clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
no ip source-route
ip cef
!
!
ip tcp synwait-time 10
no ip dhcp use vrf connected
!
!
no ip bootp server
!
username skinner privilege 15 secret 5 $1$pG9H$PZOIE7xVXAAtIiMzBuRkF.
!
!
!
interface Null0
 no ip unreachables
!
interface FastEthernet0/0
 description $ETH-LAN$$FW_INSIDE$
 ip address 192.168.20.145 255.255.255.0
 ip access-group sdm_fastethernet0/0_in in
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat inside
 speed auto
 full-duplex
 no mop enabled
!
interface FastEthernet0/1
 description $ETH-LAN$$FW_OUTSIDE$
 ip address 172.21.38.249 255.255.255.252
 ip access-group sdm_fastethernet0/1_in in
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat outside
 duplex auto
 speed auto
 no mop enabled
!
ip classless
ip route 0.0.0.0 0.0.0.0 172.21.38.250
ip route 10.3.1.0 255.255.255.0 192.168.20.8
ip route 10.5.1.0 255.255.255.0 192.168.20.8
ip route 10.31.17.0 255.255.255.0 172.21.38.250
ip route 192.168.15.0 255.255.255.0 192.168.20.8
!
ip http server
ip http access-class 1
ip http authentication local
ip nat inside source static tcp 192.168.15.41 5060 172.21.38.3 5060 extendable
ip nat inside source static tcp 192.168.20.206 9080 172.21.38.4 9080 extendable
ip nat inside source static tcp 192.168.20.200 80 172.21.38.5 80 extendable
ip nat inside source static tcp 192.168.20.200 445 172.21.38.5 445 extendable
ip nat inside source static 192.168.20.200 172.21.38.5
ip nat inside source static tcp 192.168.20.200 1494 172.21.38.249 1494 extendable
!
ip access-list extended ASNROUTE
 remark SDM_ACL Category=2
 deny   ip host 192.168.20.200 192.168.186.0 0.0.0.255 log
 permit ip any any log
ip access-list extended sdm_fastethernet0/0_in
 remark SDM_ACL Category=1
 permit ip any any log
ip access-list extended sdm_fastethernet0/1_in
 remark SDM_ACL Category=1
 permit ip any any log
ip access-list extended test
 remark SDM_ACL Category=2
 permit ip host 192.168.20.200 host 192.168.186.0
 deny   ip any any
!
logging trap debugging
access-list 1 remark HTTP Access-class list
access-list 1 remark SDM_ACL Category=1
access-list 1 permit 192.168.15.0 0.0.0.255
access-list 1 permit 192.168.20.0 0.0.0.255
access-list 1 deny   any
access-list 100 remark VTY Access-class list
access-list 100 remark SDM_ACL Category=1
access-list 100 permit ip 192.168.15.0 0.0.0.255 any
access-list 100 permit ip 192.168.20.0 0.0.0.255 any
access-list 100 deny   ip any any
no cdp run
!
control-plane
!
banner login ^Cm^C
!
line con 0
 login local
 transport output telnet
line aux 0
 login local
 transport output telnet
line vty 0 4
 access-class 100 in
 password 7 0204094C06555F73
 login local
 transport input telnet
!
scheduler allocate 4000 1000
end
0
 

Author Comment

by:kfarhang
Comment Utility
I have IP addresses only.   The T1 is provided by Cavaliar in Washington DC.  The speed is full T1.
The CSU/DSU is a WIC, already installed it in slot 0

Sorry, I don't have a lot of information.  
0
 
LVL 22

Expert Comment

by:rickhobbs
Comment Utility
!This is the running config of the router: 192.168.20.145
!----------------------------------------------------------------------------
!version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname asnnet
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
no logging buffered
no aaa new-model
!
resource policy
!
clock timezone PCTime -5
clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
no ip source-route
no ip routing
no ip cef
!
!
ip tcp synwait-time 10
no ip dhcp use vrf connected
!
!
no ip bootp server
!
!
!
!
interface Null0
 no ip unreachables
!
interface FastEthernet0/0
 description $FW_INSIDE$$ETH-LAN$
 ip address 192.168.20.145 255.255.255.0
 ip mask-reply
 ip directed-broadcast
 ip nat inside
 no ip route-cache
 speed auto
 full-duplex
 no mop enabled
!
interface FastEthernet0/1
 description $FW_OUTSIDE$$ETH-LAN$
 ip address 172.21.38.249 255.255.255.252
 ip mask-reply
 ip directed-broadcast
 ip nat outside
 no ip route-cache
 duplex auto
 speed auto
 no mop enabled
!
ip classless
ip route 0.0.0.0 0.0.0.0 172.21.38.250
ip route 192.168.15.0 255.255.255.0 192.168.20.8
!
ip http server
ip http access-class 1
ip nat inside source list ASNROUTE interface FastEthernet0/1 overload
!
ip access-list extended ASNROUTE
 remark SDM_ACL Category=2
 permit ip 192.168.20.0 0.0.0.255 172.21.38.0 0.0.0.255
!
access-list 1 remark HTTP Access-class list
access-list 1 remark SDM_ACL Category=1
access-list 1 permit 192.168.15.0 0.0.0.255
access-list 1 permit 192.168.20.0 0.0.0.255
access-list 1 deny   any
access-list 100 remark VTY Access-class list
access-list 100 remark SDM_ACL Category=1
access-list 100 permit ip 192.168.15.0 0.0.0.255 any
access-list 100 permit ip 192.168.20.0 0.0.0.255 any
access-list 100 deny   ip any any
no cdp run
!
control-plane
!
banner login ^Cm^C
!
line con 0
 login local
 transport output telnet
line aux 0
 login local
 transport output telnet
line vty 0 4
 login local
 transport input telnet
!
scheduler allocate 4000 1000
end

There are 2...hope they help
0
 

Author Comment

by:kfarhang
Comment Utility
rickhobbs

I hate to say this, but you are dealing with a complete novice on this matter.  Could you please explain how I can upload your code into the router using the tfpt, i assume?

Do I save it in a .txt file first? or what?

Thanks
Khaled

0
 
LVL 22

Expert Comment

by:rickhobbs
Comment Utility
Yes, save it in a .txt file.  put it in the directory your tftp server is looking for. Then tftp it from the router.  take out the password lines, change the ip addresses, etc. before sending.
0
 
LVL 22

Expert Comment

by:rickhobbs
Comment Utility
For the T1 wic you will need
interface serial0/0/0
  ip address xx.xx.xx.xx yy.yy.yy.yy
  no shut

So add that before tftping the file also   Put it above the FastEthernet stuff
0
 

Author Comment

by:kfarhang
Comment Utility
Where do i put in the IP addresses provided by my ISP

subnet mask 255.255.255.248
Gateway  66.xxx.xx.105
First usable  66.xxx.xx.106
Last usable  66.xxx.xx.110
DNS#1  64.83.1.10
DNS#2  209.137.160.3

and how about the questions posed by the first person, where do I tell it the:

framing and line coding, Speed, encapsulation, clocking???

Thanks
K
0
 
LVL 22

Expert Comment

by:rickhobbs
Comment Utility
Interface serial0/0/0
 ip address 66.xxx.xxx.106 255.255.255.248
  no shut

framing and encoding default is ESF and B8ZS, clocking depends on ISP
if it is encapsulated add
  encapsulation PPP
after the ip address line

then try to ping 4.2.2.1
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 22

Expert Comment

by:rickhobbs
Comment Utility
Those questions need to be asked of the T1 provider.   If the settings I have given don't allow you to ping 4.2.2.1, you are going to have to call them.
0
 

Author Comment

by:kfarhang
Comment Utility
Should I use the first config file or the second one?

K
0
 

Author Comment

by:kfarhang
Comment Utility
Thanks everyone for all the help.  I am still a bit consfused about the changes i need to make on the file.  I have added the

Interface serial0/0/0
 ip address 66.xxx.xxx.106 255.255.255.248
  no shut

Where do I enter the Gateway IP# and the DNS?
also, where do I make the changes for the

framing and encoding default is ESF and B8ZS, clocking depends on ISP
if it is encapsulated add
  encapsulation PPP

Does this router have a firewall built-in?  I see the description as
$FW_INSIDE$$ETH-LAN$  
for the ethernet connections.  There is a SonicWall onsite for the firewall.

And last question:
which line changes the password for the router?  
0
 
LVL 22

Expert Comment

by:rickhobbs
Comment Utility
doesn't matter, just adjust the one you use by adding the WIC information (serial line), changing IP addresses, and remove any lines containing passwords unless you change them immediately.
0
 
LVL 22

Expert Comment

by:rickhobbs
Comment Utility
Here is one that is even more basic.

interface FastEthernet0/0
 description $ETH-SW-LAUNCH$$INTF-INFO-FE 0$$ES_LAN$$FW_INSIDE$$ETH-LAN$
 ip address INTERNALNETWORKaddress INTERNALNETWORKnetmask
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip inspect sdm_ins_in_100 in
 ip virtual-reassembly
 ip route-cache flow
 duplex auto
 speed auto
 no mop enabled
!
interface FastEthernet0/1
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip route-cache flow
 duplex auto
 speed auto
 no mop enabled
!
interface Serial0/0/0
 ip address FIRSTISPADDRESS ISPNETMASK
 ip verify unicast reverse-path
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip route-cache flow
!
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0/0
ip route 0.0.0.0 0.0.0.0 ISPsGATEWAYaddress
ip route INTERNALNETWORKaddress INTERNALNETWORKnetmask FastEthernet0/0
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 600 life 86400 requests 10000
!
ip access-list extended Serial
 remark SDM_ACL Category=1
 permit tcp any eq www any eq www
 permit tcp any eq 443 any eq 443
 permit IP any any
!
logging trap debugging
access-list 1 remark SDM_ACL Category=1
access-list 1 permit INTERNALNETWORKnetwork 0.0.0.255
snmp-server community public RO
no cdp run
!
!
control-plane
!
banner login ^CAuthorized access only!
 Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
 login local
 transport output telnet
line aux 0
 login local
 transport output telnet
line vty 0 4
 privilege level 15
 login local
 transport input telnet ssh
line vty 5 15
 privilege level 15
 login local
 transport input telnet ssh
!
scheduler allocate 4000 1000
end
0
 
LVL 22

Expert Comment

by:rickhobbs
Comment Utility
Where do I enter the Gateway IP# and the DNS? -  the default route line
also, where do I make the changes for the

framing and encoding default is ESF and B8ZS, clocking depends on ISP
if it is encapsulated add
encapsulation PPP
to the serial interface

Does this router have a firewall built-in?  I see the description as
$FW_INSIDE$$ETH-LAN$  
for the ethernet connections.  There is a SonicWall onsite for the firewall.

And last question:
which line changes the password for the router? the enable password line....just remove it before tftping it
0
 
LVL 22

Expert Comment

by:rickhobbs
Comment Utility
another palce the password can be set is the username line
0
 

Author Comment

by:kfarhang
Comment Utility
Folks,
I am still having issues with the router.  Here is another question, in the following line, what do i enter as my INTERNALNETWORKaddress?  I also have a sonic wall with an internal IP# of 192.168.84.1 and the external IP will point to my 66.xxx.xxx.106  which is the Serial0/0 of the router.  

Does it matter what I put in the the below INTERNALNETWORKaddress ?  I currently have it at 192.168.1.1


Interface FastEthernet0/0
 description $ETH-SW-LAUNCH$$INTF-INFO-FE 0$$ES_LAN$$FW_INSIDE$$ETH-LAN$
 ip address INTERNALNETWORKaddress INTERNALNETWORKnetmask

Thanks
K.
0
 
LVL 22

Expert Comment

by:rickhobbs
Comment Utility
It should be something like 192.168.84.2 if you have this:

Internet-------------66.xx.xx.10? network-----------------Router-------192.168.84.0 network----------------Sonicwall
0

Featured Post

New My Cloud Pro Series - organize everything!

With space to keep virtually everything, the My Cloud Pro Series offers your team the network storage to edit, save and share production files from anywhere with an internet connection. Compatible with both Mac and PC, you're able to protect your content regardless of OS.

Join & Write a Comment

This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now