cisco 831 on cable modem need a running config to use dhcp on both sides

Posted on 2009-02-11
Last Modified: 2013-12-14
Has anybody got an 831 cisco router connected to your cable modem (dhcp) and a few computers in the "Switch ports" (inside) ports. I need it to get a dhcp adrress from the cable company and also assign dhcp (i guess it could be static but dhcp would be easier... I am looking for a basic config just to connect to the internet , be able to resolve dns (to browse web) and if I had a simple running config for the cisco 831 I could add security and other fdeatures later.. It doesn't have SDM on it or CRWS... I got it on ebay.. Also how do I completly erase any existing config without deleting the IOS ( I have no access to IOS images it used)
Thank You
Savannah, GA
Question by:downsouf912
    LVL 16

    Expert Comment

    here is a DHCP configurations,,and ip inspect FW
    ip dhcp excluded-address
    ip dhcp pool LAN2
       import all
       lease 0 2
    ip inspect name myfw cuseeme timeout 3600
    ip inspect name myfw ftp timeout 3600
    ip inspect name myfw rcmd timeout 3600
    ip inspect name myfw realaudio timeout 3600
    ip inspect name myfw smtp timeout 3600
    ip inspect name myfw tftp timeout 30
    ip inspect name myfw udp timeout 15
    ip inspect name myfw tcp timeout 3600
    ip inspect name myfw h323 timeout 3600
    ip audit notify log
    ip audit po max-events 100
    no ftp-server write-enable
    interface (WAN.Interface)
    ip inspect myfw out
    to erqase config. type:
    #erase startup-config
    try and reply
    LVL 5

    Expert Comment

      Its a good start, but you left out a lot of keys there...

      Here is complete config including memo_tnt's part and a more detailed firewall ruleset.
    You can enter it into the router by connecting via a serial terminal.
    Issue "config t" without the quotes on the exec line (that is a prompt like 'router#'.  if you see 'router>' then type exec)
    Paste the config into your terminal.
    Type "end" without the quotes to exit config mode.
    Finally, type "copy run start" without quotes to save your configuration.  It will prompt "Destination filename [startup-config]?", just press enter and wait for "[OK]"

    I would recommend running at least version 12.4(17) or newer.  Some older versions were a bit buggy and screwed up VPN passthough and such.
    You can see what version you are running by typing "sh ver" at the exec ('router#') prompt.

    Good luck!
    -Cheers, Peter.
    interface Ethernet0
     description Internal - LAN Side
     ip address
     no ip proxy-arp
     ip virtual-reassembly
     no keepalive
    interface Ethernet1
     description To Provider - Internet Side
     ip address dhcp
     no ip redirects
     no ip unreachables
     no ip proxy-arp
     no ip route-cache cef
     no ip route-cache
     ip accounting output-packets
     ip inspect Firewall_1 out
     ip virtual-reassembly
     duplex auto
     no cdp enable
    ip inspect udp idle-time 15
    ip inspect tcp idle-time 1800
    ip inspect tcp finwait-time 1
    ip inspect tcp synwait-time 15
    ip inspect name Firewall_1 fragment maximum 256 timeout 5
    ip inspect name Firewall_1 ftp
    ip inspect name Firewall_1 h323
    ip inspect name Firewall_1 icmp
    ip inspect name Firewall_1 rcmd
    ip inspect name Firewall_1 realaudio
    ip inspect name Firewall_1 sqlnet
    ip inspect name Firewall_1 tcp
    ip inspect name Firewall_1 udp
    ip inspect name Firewall_1 streamworks
    ip inspect name Firewall_1 rtsp
    ip inspect name Firewall_1 esmtp
    ip inspect name Firewall_1 sip
    ip inspect name Firewall_1 ident
    ip inspect name Firewall_1 ssh
    ip inspect name Firewall_1 dns
    ip inspect name Firewall_1 http
    ip inspect name Firewall_1 https
    ip inspect name Firewall_1 ftps
    ip inspect name Firewall_1 imap
    ip inspect name Firewall_1 imap3
    ip inspect name Firewall_1 imaps
    ip inspect name Firewall_1 pop3
    ip inspect name Firewall_1 pop3s
    ip inspect name Firewall_1 time
    ip inspect name Firewall_1 timed
    ip inspect name Firewall_1 ipsec-msft
    ip inspect name Firewall_1 isakmp
    ip inspect name Firewall_1 pcanywheredata
    ip inspect name Firewall_1 pcanywherestat
    ip inspect name Firewall_1 appleqtc
    ip inspect name Firewall_1 cddbp
    ip inspect name Firewall_1 cifs
    ip inspect name Firewall_1 ms-dotnetster
    ip inspect name Firewall_1 ntp
    ip inspect name Firewall_1 pptp
    ip dhcp excluded-address
    ip dhcp pool LAN2
      import all
      domain-name mydomain.local
      lease 0 2
    ! -- Below is only if you want to enable NAT --
    interface Ethernet0
     ip nat inside
    interface Ethernet1
     ip nat outside
    ip nat translation timeout 300
    ip nat translation tcp-timeout 300
    ip nat translation udp-timeout 240
    ip nat translation finrst-timeout 45
    ip nat translation dns-timeout 90
    ip nat inside source list NAT-Permitted interface Ethernet1 overload
    ip access-list extended NAT-Permitted
     remark Permit only local traffic from NATing
     remark ---------------------------------------1
     permit ip any
     deny   ip any any
     remark ---------------------------------------2

    Open in new window


    Author Comment

    wow, yes this was buggy hardware the first solution worked, but was not stable, the second one works 9minor modification i put sdm and 12.4(7) that i was lucky enough to find when i saw another 831 @ school (going for ccna next month) and i copied it to the tftp on my laptop, the only reason they had the 831 was fot an (easy) SDM lab, gt lucky there. Thank you very much both of you. I just wish cisco wouldn't charge $thousands$ for someone that wants to download ios to learn and make money for * their* company, oh well some times stupid rules are .meant.. .....

    Thank You !
    the flash chip is not working well though, the router reoots and it happened after an incident with static electricity. I will figure out how to download the config and ios from tftp.. you can do that right?
    ios 9o3sy6-mz.124-5a.bin and sdm v 2.5 , which is great it was worth getting just for sdm it slows my net speed in half because i have 12MB and its 1 10bae t wan half duplex

    rommon 4 > xmodem -cr
    Do not start the sending program yet...

    Invoke this application only for disaster recovery.
    Do you wish to continue? y/n  [n]:  y
    Ready to receive file c831-k9o3sy6-mz.124-5a.bin
    Download Complete!
    program load complete, entry point: 0x80013000, size: 0x908538
    Stack pointer       : 0x05000000
    monstack            : 0x80005E0C
    monra               : 0x00000000
    edata : 0x8001773C
    magic : 0xFEEDFACE
    memsize             : 0x05000000
    uncomp_size         : 0x01C4ABF4
    comp_size           : 0x00903DE8
    STACK_BYTES         : 0x00008000
    COPY_CODE_BUF       : 0x00000800
    _end                : 0x8003FFB0
    comp_checksum       : 0xF955732D
    comp_checksum       : 0xF955732D
    uncomp_checksum     : 0xFBFAA0A1
    Self decompressing the image : ########################

    ^^^ the joy of cisco :-) , the it boots up , hope it stays up:

    *Jan  1 01:08:59.955: %LINK-3-UPDOWN: Interface FastEthernet2, changed state to down


    Author Comment

    you wish to change the configuration? y/n  [n]:

    You must reset or power cycle for new config to take effect
    rommon 2 > reset

    System Bootstrap, Version 12.2(11r)YV3, RELEASE SOFTWARE (fc2)
    Technical Support:
    Copyright (c) 2004 by cisco Systems, Inc.

    Testing lower main memory - data equals address
    Testing lower main memory - checkerboard
    Testing lower main memory - inverse checkerboard
    Clearing lower 4K memory for cache initialization
    Clearing bss
    Enabling interrupts
    Reading monitor variables from NVRAM
    nvram_sav->confreg: 0xf922, nvram_sav->rconfreg: 0x6dd
    our confreg: 0xf922, conf: 0xf922

    Enabling instruction cache
    Reading cookie
    Initializing main memory

    it worked but didnt take.. can i load it (ios) from tftp at boot time the flash is damaged  think by static.
    Enabling instruction cache
    Reading cookie
    Initializing main memory
    Sizing NVRAM
    Sizing flash
    Exiting init
    C800/SOHO series (Board ID: 29-129) platform with 81920 Kbytes of main memory

    rommon 1 >

    back in the rommon nodles!

    LVL 16

    Expert Comment


    here are Rommon setting sample ,, follow it for your case .
    You can check that everything is set up correctly by entering set on its own.

    Author Comment

    I did that, t this point I am pretty sure the flash (only 12mb) looks like a so-dimm but its flash, I think that i heard static electricity when i was opening it (stupid, never again)
    If it were like 10-15 $ I would order it but i can''t stand the people on ebay and web sites are tryomg tp sell it for as much or MORE than the router (worth about $80 it's 10base 10 wan and 1 switch / hub of four ports that it connects with,..good...for 1996, and to learn SDM and some IOS, I got a couple 1711 , 1721 and an 831 now that i can get working for the day but when the ram goes off , it looses its setttings and needs the tftpdnld rommmonn or xmodem to upload (xmodem can be set to 115Kb it's not that bad , , I would love to order an ADSL-WIC to "practice" from home I want to become CCNP/voice
    LVL 5

    Accepted Solution


    If your unit is loosing config, you may have a config too large for your nvram. I have seen that happen before on 1600 series routers... you basically have to erase the nvram. Although I can't step you through this on the 831s as I have none to test on.

    Additionally, I have seen them loose their configs and randomly reboot if the ram is going bad / damaged.

    BTW... a cisco contract for those 831 routers is only like $70 for the year.  Then you get support and access to all the IOS firmware files.  But, you are on your honor not to do bad things there.

    Also, check out the company is Memory Ten.  They sell very good generic ram & flash for cisco routers. I always buy from them for my cisco boxes. 831 flash chips start at like $30.

    Author Closing Comment

    Well, it looks like I am going to have to get a new flash memory I am 99.9% sure this is the problem, its just not worth it now, i bought this "legacy" device from ebay for $90 to play around with and learn SDM for the CCNA. That I accomplished. I will look out for deals on new flash,
    Thanks for the help.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Let’s list some of the technologies that enable smooth teleworking. 
    If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    760 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    9 Experts available now in Live!

    Get 1:1 Help Now