T1 installation

I am setting up a T1 and was provided with a diagram with the information. I was wondering if anyone had a config that I could use as an example. It includes S0/0, FA0/0, and modem interface. I am unsure how to setup the modem part. Also I am unsure as to why my FA0/0 interface would get a 12.x.x.x network for local LAN instead of a normal 192.x.x.x network.
SCAN0017.JPG
occs07Asked:
Who is Participating?
 
JFrederick29Connect With a Mentor Commented:
If outbound, do this to allow DNS (required) and HTTP/HTTPS.

ip access-list ext 150
permit udp any any eq 53
permit tcp any any eq 80
permit tcp any any eq 443
deny ip any any

int fa0/0
ip access-group 150 in
0
 
JFrederick29Commented:
Here is a basic configuration.

You don't need to use the public range on the fa0/0 interface.  You can use a private range and use the public range for NAT.

To connect the modem to the router, use the specified cable and connect to the console port on the router.  No configuration is necessary on the router.

enable secret <password>

interface FastEthernet0/0
 ip address 192.168.10.1 255.255.255.0
 ip nat inside

interface Serial0/0/0
 ip address 12.90.91.10 255.255.255.252
 encapsulation ppp
 ip nat outside

ip nat pool nat-pool 12.236.150.201 12.236.150.201 netmask 255.255.255.248
ip nat inside source list nat pool nat-pool overload
!
ip access-list standard nat
 permit 192.168.10.0 0.0.0.255

ip access-list standard 1
 permit 192.168.10.0 0.0.0.255

line vty 0 15
password <password>
login
access-class 1 in    <--restrict telnet to inside network
0
 
JFrederick29Commented:
Sorry, forgot default route:

ip route 0.0.0.0 0.0.0.0 12.90.91.9
0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
occs07Author Commented:
another question: if I wanted to block everything and only allow HTTP and HTTPS what would I have as my access-list? My thoughts are this:

access-list 100 deny any any
access-list 100 permit any any eq www
access-list 100 permit any any eq https
0
 
occs07Author Commented:
I am trying to block people from accessing anything but HTTP/HTTPS, i.e. I only want them to be able to use the internet on the network. So wouldnt I need this inbound and outbound? If so how?
0
 
JFrederick29Commented:
The access-list I posted blocks everything but HTTP/HTTPS (DNS) outbound meaning anyone sitting on the fa0/0 LAN can only connect to the Internet using HTTP/HTTPS.  Is that what you want?  Nobody on the Internet can connect to anything on your LAN as it stands because you have no inbound NAT configured.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.