Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

T1 installation

Posted on 2009-04-02
6
Medium Priority
?
324 Views
Last Modified: 2013-12-27
I am setting up a T1 and was provided with a diagram with the information. I was wondering if anyone had a config that I could use as an example. It includes S0/0, FA0/0, and modem interface. I am unsure how to setup the modem part. Also I am unsure as to why my FA0/0 interface would get a 12.x.x.x network for local LAN instead of a normal 192.x.x.x network.
SCAN0017.JPG
0
Comment
Question by:occs07
  • 4
  • 2
6 Comments
 
LVL 43

Expert Comment

by:JFrederick29
ID: 24051226
Here is a basic configuration.

You don't need to use the public range on the fa0/0 interface.  You can use a private range and use the public range for NAT.

To connect the modem to the router, use the specified cable and connect to the console port on the router.  No configuration is necessary on the router.

enable secret <password>

interface FastEthernet0/0
 ip address 192.168.10.1 255.255.255.0
 ip nat inside

interface Serial0/0/0
 ip address 12.90.91.10 255.255.255.252
 encapsulation ppp
 ip nat outside

ip nat pool nat-pool 12.236.150.201 12.236.150.201 netmask 255.255.255.248
ip nat inside source list nat pool nat-pool overload
!
ip access-list standard nat
 permit 192.168.10.0 0.0.0.255

ip access-list standard 1
 permit 192.168.10.0 0.0.0.255

line vty 0 15
password <password>
login
access-class 1 in    <--restrict telnet to inside network
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 24051235
Sorry, forgot default route:

ip route 0.0.0.0 0.0.0.0 12.90.91.9
0
 

Author Comment

by:occs07
ID: 24057016
another question: if I wanted to block everything and only allow HTTP and HTTPS what would I have as my access-list? My thoughts are this:

access-list 100 deny any any
access-list 100 permit any any eq www
access-list 100 permit any any eq https
0
WatchGuard Case Study: NCR

With business operations for thousands of customers largely depending on the internal systems they support, NCR can’t afford to waste time or money on security products that are anything less than exceptional. That’s why they chose WatchGuard.

 
LVL 43

Accepted Solution

by:
JFrederick29 earned 2000 total points
ID: 24058699
If outbound, do this to allow DNS (required) and HTTP/HTTPS.

ip access-list ext 150
permit udp any any eq 53
permit tcp any any eq 80
permit tcp any any eq 443
deny ip any any

int fa0/0
ip access-group 150 in
0
 

Author Comment

by:occs07
ID: 24059500
I am trying to block people from accessing anything but HTTP/HTTPS, i.e. I only want them to be able to use the internet on the network. So wouldnt I need this inbound and outbound? If so how?
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 24059732
The access-list I posted blocks everything but HTTP/HTTPS (DNS) outbound meaning anyone sitting on the fa0/0 LAN can only connect to the Internet using HTTP/HTTPS.  Is that what you want?  Nobody on the Internet can connect to anything on your LAN as it stands because you have no inbound NAT configured.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question