We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you two Citrix podcasts. Learn about 2020 trends and get answers to your biggest Citrix questions!Listen Now


cisco 831 on cable modem need a running config to use dhcp on both sides

downsouf912 asked
Medium Priority
Last Modified: 2013-12-14
Has anybody got an 831 cisco router connected to your cable modem (dhcp) and a few computers in the "Switch ports" (inside) ports. I need it to get a dhcp adrress from the cable company and also assign dhcp (i guess it could be static but dhcp would be easier... I am looking for a basic config just to connect to the internet , be able to resolve dns (to browse web) and if I had a simple running config for the cisco 831 I could add security and other fdeatures later.. It doesn't have SDM on it or CRWS... I got it on ebay.. Also how do I completly erase any existing config without deleting the IOS ( I have no access to IOS images ...got it used)
Thank You
Savannah, GA
Watch Question

here is a DHCP configurations,,and ip inspect FW
ip dhcp excluded-address
ip dhcp pool LAN2
   import all
   domain-name palnet.com
   lease 0 2
ip inspect name myfw cuseeme timeout 3600
ip inspect name myfw ftp timeout 3600
ip inspect name myfw rcmd timeout 3600
ip inspect name myfw realaudio timeout 3600
ip inspect name myfw smtp timeout 3600
ip inspect name myfw tftp timeout 30
ip inspect name myfw udp timeout 15
ip inspect name myfw tcp timeout 3600
ip inspect name myfw h323 timeout 3600
ip audit notify log
ip audit po max-events 100
no ftp-server write-enable
interface (WAN.Interface)
ip inspect myfw out
to erqase config. type:
#erase startup-config
try and reply
  Its a good start, but you left out a lot of keys there...

  Here is complete config including memo_tnt's part and a more detailed firewall ruleset.
You can enter it into the router by connecting via a serial terminal.
Issue "config t" without the quotes on the exec line (that is a prompt like 'router#'.  if you see 'router>' then type exec)
Paste the config into your terminal.
Type "end" without the quotes to exit config mode.
Finally, type "copy run start" without quotes to save your configuration.  It will prompt "Destination filename [startup-config]?", just press enter and wait for "[OK]"

I would recommend running at least version 12.4(17) or newer.  Some older versions were a bit buggy and screwed up VPN passthough and such.
You can see what version you are running by typing "sh ver" at the exec ('router#') prompt.

Good luck!
-Cheers, Peter.
interface Ethernet0
 description Internal - LAN Side
 ip address
 no ip proxy-arp
 ip virtual-reassembly
 no keepalive
interface Ethernet1
 description To Provider - Internet Side
 ip address dhcp
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 no ip route-cache cef
 no ip route-cache
 ip accounting output-packets
 ip inspect Firewall_1 out
 ip virtual-reassembly
 duplex auto
 no cdp enable
ip inspect udp idle-time 15
ip inspect tcp idle-time 1800
ip inspect tcp finwait-time 1
ip inspect tcp synwait-time 15
ip inspect name Firewall_1 fragment maximum 256 timeout 5
ip inspect name Firewall_1 ftp
ip inspect name Firewall_1 h323
ip inspect name Firewall_1 icmp
ip inspect name Firewall_1 rcmd
ip inspect name Firewall_1 realaudio
ip inspect name Firewall_1 sqlnet
ip inspect name Firewall_1 tcp
ip inspect name Firewall_1 udp
ip inspect name Firewall_1 streamworks
ip inspect name Firewall_1 rtsp
ip inspect name Firewall_1 esmtp
ip inspect name Firewall_1 sip
ip inspect name Firewall_1 ident
ip inspect name Firewall_1 ssh
ip inspect name Firewall_1 dns
ip inspect name Firewall_1 http
ip inspect name Firewall_1 https
ip inspect name Firewall_1 ftps
ip inspect name Firewall_1 imap
ip inspect name Firewall_1 imap3
ip inspect name Firewall_1 imaps
ip inspect name Firewall_1 pop3
ip inspect name Firewall_1 pop3s
ip inspect name Firewall_1 time
ip inspect name Firewall_1 timed
ip inspect name Firewall_1 ipsec-msft
ip inspect name Firewall_1 isakmp
ip inspect name Firewall_1 pcanywheredata
ip inspect name Firewall_1 pcanywherestat
ip inspect name Firewall_1 appleqtc
ip inspect name Firewall_1 cddbp
ip inspect name Firewall_1 cifs
ip inspect name Firewall_1 ms-dotnetster
ip inspect name Firewall_1 ntp
ip inspect name Firewall_1 pptp
ip dhcp excluded-address
ip dhcp pool LAN2
  import all
  domain-name mydomain.local
  lease 0 2
! -- Below is only if you want to enable NAT --
interface Ethernet0
 ip nat inside
interface Ethernet1
 ip nat outside
ip nat translation timeout 300
ip nat translation tcp-timeout 300
ip nat translation udp-timeout 240
ip nat translation finrst-timeout 45
ip nat translation dns-timeout 90
ip nat inside source list NAT-Permitted interface Ethernet1 overload
ip access-list extended NAT-Permitted
 remark Permit only local traffic from NATing
 remark ---------------------------------------1
 permit ip any
 deny   ip any any
 remark ---------------------------------------2

Open in new window


wow, yes this was buggy hardware the first solution worked, but was not stable, the second one works 9minor modification i put sdm and 12.4(7) that i was lucky enough to find when i saw another 831 @ school (going for ccna next month) and i copied it to the tftp on my laptop, the only reason they had the 831 was fot an (easy) SDM lab, gt lucky there. Thank you very much both of you. I just wish cisco wouldn't charge $thousands$ for someone that wants to download ios to learn and make money for * their* company, oh well some times stupid rules are .meant.. .....

Thank You !
the flash chip is not working well though, the router reoots and it happened after an incident with static electricity. I will figure out how to download the config and ios from tftp.. you can do that right?
ios 9o3sy6-mz.124-5a.bin and sdm v 2.5 , which is great it was worth getting just for sdm it slows my net speed in half because i have 12MB and its 1 10bae t wan half duplex

rommon 4 > xmodem -cr
Do not start the sending program yet...

Invoke this application only for disaster recovery.
Do you wish to continue? y/n  [n]:  y
Ready to receive file c831-k9o3sy6-mz.124-5a.bin
Download Complete!
program load complete, entry point: 0x80013000, size: 0x908538
Stack pointer       : 0x05000000
monstack            : 0x80005E0C
monra               : 0x00000000
edata : 0x8001773C
magic : 0xFEEDFACE
memsize             : 0x05000000
uncomp_size         : 0x01C4ABF4
comp_size           : 0x00903DE8
STACK_BYTES         : 0x00008000
COPY_CODE_BUF       : 0x00000800
_end                : 0x8003FFB0
comp_checksum       : 0xF955732D
comp_checksum       : 0xF955732D
uncomp_checksum     : 0xFBFAA0A1
Self decompressing the image : ########################

^^^ the joy of cisco :-) , the it boots up , hope it stays up:

*Jan  1 01:08:59.955: %LINK-3-UPDOWN: Interface FastEthernet2, changed state to down


you wish to change the configuration? y/n  [n]:

You must reset or power cycle for new config to take effect
rommon 2 > reset

System Bootstrap, Version 12.2(11r)YV3, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 2004 by cisco Systems, Inc.

Testing lower main memory - data equals address
Testing lower main memory - checkerboard
Testing lower main memory - inverse checkerboard
Clearing lower 4K memory for cache initialization
Clearing bss
Enabling interrupts
Reading monitor variables from NVRAM
nvram_sav->confreg: 0xf922, nvram_sav->rconfreg: 0x6dd
our confreg: 0xf922, conf: 0xf922

Enabling instruction cache
Reading cookie
Initializing main memory

it worked but didnt take.. can i load it (ios) from tftp at boot time the flash is damaged  think by static.
Enabling instruction cache
Reading cookie
Initializing main memory
Sizing NVRAM
Sizing flash
Exiting init
C800/SOHO series (Board ID: 29-129) platform with 81920 Kbytes of main memory

rommon 1 >

back in the rommon nodles!


here are Rommon setting sample ,, follow it for your case .
You can check that everything is set up correctly by entering set on its own.


I did that, t this point I am pretty sure the flash (only 12mb) looks like a so-dimm but its flash, I think that i heard static electricity when i was opening it (stupid, never again)
If it were like 10-15 $ I would order it but i can''t stand the people on ebay and web sites are tryomg tp sell it for as much or MORE than the router (worth about $80 it's 10base 10 wan and 1 switch / hub of four ports that it connects with,..good...for 1996, and to learn SDM and some IOS, I got a couple 1711 , 1721 and an 831 now that i can get working for the day but when the ram goes off , it looses its setttings and needs the tftpdnld rommmonn or xmodem to upload (xmodem can be set to 115Kb it's not that bad , , I would love to order an ADSL-WIC to "practice" from home I want to become CCNP/voice

If your unit is loosing config, you may have a config too large for your nvram. I have seen that happen before on 1600 series routers... you basically have to erase the nvram. Although I can't step you through this on the 831s as I have none to test on.

Additionally, I have seen them loose their configs and randomly reboot if the ram is going bad / damaged.

BTW... a cisco contract for those 831 routers is only like $70 for the year.  Then you get support and access to all the IOS firmware files.  But, you are on your honor not to do bad things there.

Also, check out http://www.memoryx.net... the company is Memory Ten.  They sell very good generic ram & flash for cisco routers. I always buy from them for my cisco boxes. 831 flash chips start at like $30.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts


Well, it looks like I am going to have to get a new flash memory I am 99.9% sure this is the problem, its just not worth it now, i bought this "legacy" device from ebay for $90 to play around with and learn SDM for the CCNA. That I accomplished. I will look out for deals on new flash,
Thanks for the help.
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.