premiere1
asked on
Cisco 1841 ios router config
We are switching to a bonded t1 and changed routers. We are getting a straight ethernet handoff from our provider. The 1841 has 2 fastethernet ports. I configured 0/0 for wan and 0/1 for lan. I somewhat followed our old config that was doing a fractional t1, but there are some differences. I added vpn to this one. Please scrutinize the config and tell me if it looks ok. I am a novice at ios.
Some differences:
no ip routing
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 xxx.xxx.79.112
Not sure what the above should be, it was one less than my gateway on my other router.
archive
log config
hidekeys
multilink bundle-name authenticated
Thanks in advance for any help.
Some differences:
no ip routing
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 xxx.xxx.79.112
Not sure what the above should be, it was one less than my gateway on my other router.
archive
log config
hidekeys
multilink bundle-name authenticated
Thanks in advance for any help.
Building configuration...
Current configuration : 4395 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname C1841
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
no logging console
enable secret 5 xxxxxxxxxxxxxxxxxx
enable password xxxxxxxxxxxxxxxxxx
!
aaa new-model
!
!
aaa authentication ppp default local
!
!
aaa session-id common
dot11 syslog
ip source-route
no ip routing
!
!
no ip dhcp conflict logging
ip dhcp excluded-address 192.168.1.1 192.168.1.100
ip dhcp excluded-address 192.168.1.149 192.168.1.254
ip dhcp ping packets 10
!
ip dhcp pool dhcppool
network 192.168.1.0 255.255.255.0
dns-server 64.83.0.10 209.137.160.3 209.137.171.10
netbios-node-type h-node
default-router 192.168.1.5
!
!
no ip cef
no ip domain lookup
ip name-server 64.83.0.10
ip name-server 209.137.160.3
no ipv6 cef
!
multilink bundle-name authenticated
!
vpdn enable
!
vpdn-group premiere
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
!
!
!
!
!
username test password 0 pwd
archive
log config
hidekeys
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address xxx.xxx.79.113 255.255.255.240
ip access-group outside_in in
no ip redirects
ip nat outside
ip virtual-reassembly
no ip route-cache
duplex auto
speed auto
no mop enabled
!
interface FastEthernet0/1
ip address 192.168.1.5 255.255.255.0
no ip redirects
no ip proxy-arp
ip nat inside
ip virtual-reassembly
no ip route-cache
duplex auto
speed auto
!
interface Virtual-Template1
ip unnumbered FastEthernet0/1
peer default ip address pool defaultpool
ppp encrypt mppe auto required
ppp authentication ms-chap ms-chap-v2
!
ip local pool defaultpool 192.168.1.60 192.168.1.69
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 xxx.xxx.79.112
no ip http server
no ip http secure-server
!
!
ip nat translation timeout 300
ip nat inside source list 1 interface FastEthernet0/0 overload
ip nat inside source static 192.168.1.80 xxx.xxx.79.120
ip nat inside source static 192.168.1.83 xxx.xxx.79.121
ip nat inside source static 192.168.1.90 xxx.xxx.79.122
ip nat inside source static 192.168.1.92 xxx.xxx.79.123
ip nat inside source static 192.168.1.188 xxx.xxx.79.124
ip nat inside source static 192.168.1.89 xxx.xxx.79.125
ip nat inside source static 192.168.1.149 xxx.xxx.79.126
!
ip access-list extended outside_in
permit tcp any any established
permit udp any eq domain any
permit icmp any any unreachable
permit icmp any any time-exceeded
permit icmp any any echo-reply
permit tcp any host xxx.xxx.79.120 eq www
permit tcp any host xxx.xxx.79.120 eq ftp
permit icmp any any echo
permit tcp any host xxx.xxx.79.120 eq ftp-data
permit tcp any host xxx.xxx.79.125 eq smtp
permit tcp any host xxx.xxx.79.125 eq pop3
permit tcp any host xxx.xxx.79.125 eq 143
permit udp any host xxx.xxx.79.124 eq 1723
permit tcp any host xxx.xxx.79.124 eq 1723
permit tcp any host xxx.xxx.79.122 eq www
permit tcp any host xxx.xxx.79.122 eq 8011
permit tcp any host xxx.xxx.79.122 eq 8004
permit tcp any host xxx.xxx.79.122 eq 8443
permit tcp any host xxx.xxx.79.120 eq 200
permit tcp any host xxx.xxx.79.120 eq 201
permit tcp any host xxx.xxx.79.124 eq 47
permit udp any host xxx.xxx.79.124 eq 47
permit tcp any host xxx.xxx.79.123 eq www
permit tcp any host xxx.xxx.79.122 eq smtp
permit tcp any host xxx.xxx.79.122 eq 143
permit tcp any host xxx.xxx.79.122 eq pop3
permit tcp any host xxx.xxx.79.122 eq ftp-data
permit tcp any host xxx.xxx.79.122 eq ftp
permit tcp any host xxx.xxx.79.120 eq 443
permit tcp any host xxx.xxx.79.122 eq 443
permit tcp any host xxx.xxx.79.123 eq 8443
permit tcp any host xxx.xxx.79.123 eq 443
permit udp any host xxx.xxx.79.126 eq 5566
permit udp any host xxx.xxx.79.126 eq 5567
permit tcp any host xxx.xxx.79.126 eq 5566
permit tcp any host xxx.xxx.79.126 eq www
permit gre any host xxx.xxx.79.124
permit tcp any host xxx.xxx.79.121 eq www
permit tcp any host xxx.xxx.79.121 eq 443
permit tcp any host xxx.xxx.79.122 eq 8080
deny ip any any log
!
access-list 1 deny 192.168.1.89
access-list 1 deny 192.168.1.90
access-list 1 deny 192.168.1.92
access-list 1 deny 192.168.1.80
access-list 1 deny 192.168.1.83
access-list 1 deny 192.168.1.188
access-list 1 deny 192.168.1.149
access-list 1 permit 192.168.1.0 0.0.0.255
snmp-server community public RO
!
!
!
!
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line vty 0 4
password xxxxxxxxxxxxx
!
scheduler allocate 20000 1000
end
The default gateway is wrong also as .112 is the subnet address for your block of addresses. You'll need to confirm with your ISP as to what your gateway should be.
ASKER
The default gateway is on the interface according to the isp specs or is the ip on 0/0 not the gateway?
Is this the gateway?
ip route 0.0.0.0 0.0.0.0 xxx.xxx.79.112
Here is the info provided from our isp.
The following provides IP information as well as general setup options.
xxx.xxx..79.112/28
Your usable IP address range is: xxx.xxx.79.114 - 126
Subnet Mask: 255.255.255.240
Your gateway should be set to: xxx.xxx.79.113
Your DNS Servers are:
64.83.0.10, 209.137.160.3, 209.137.171.10Notes:
The channel bank will provide you with a straight Ethernet handoff.
To connect to channel bank with a laptop use a crossover cable.
Is this the gateway?
ip route 0.0.0.0 0.0.0.0 xxx.xxx.79.112
Here is the info provided from our isp.
The following provides IP information as well as general setup options.
xxx.xxx..79.112/28
Your usable IP address range is: xxx.xxx.79.114 - 126
Subnet Mask: 255.255.255.240
Your gateway should be set to: xxx.xxx.79.113
Your DNS Servers are:
64.83.0.10, 209.137.160.3, 209.137.171.10Notes:
The channel bank will provide you with a straight Ethernet handoff.
To connect to channel bank with a laptop use a crossover cable.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
ok, I got that straightened out. I am going to leave this open for the day and see if anyone else has any comments. Thanks for the help.
The ip routing command is need