Changing ISP so need to change Cisco 861 Config from DSL PPPOE to Cable connection and VPN tunnel
I am working on a project to improve our internet connection to a satellite office we have. Currently this office has a 1.5mb DSL connection with a Cisco 861 router configured for a site to site vpn tunnel back to our HQ. I have ordered a cable internet connection for this office and need to go visit and install. My question has to do with how to reconfigure the router for the new cable internet connection. I am not a cisco expert so I just want to run it by my favorite group of experts before I do it. I am thinking I remove the dialer part of the config and reconfig the WAN port with the ip address of the new cable internet IP address which will be static.
crypto map ChiOffice 1 ipsec-isakmp
description Tunnel to Chicago
set peer xxx.xxx.xxx.xxx (chicgo office public IP)
set transform-set ChiOffice
set pfs group5
match address 101
!
!
!
!
!
interface FastEthernet0
switchport access vlan 10
spanning-tree portfast
!
interface FastEthernet1
switchport access vlan 10
spanning-tree portfast
!
interface FastEthernet2
switchport access vlan 10
spanning-tree portfast
!
interface FastEthernet3
switchport access vlan 10
!
interface FastEthernet4
description WAN interface
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
duplex auto
speed auto
pppoe-client dial-pool-number 1
no cdp enable
!
interface Vlan1
no ip address
!
interface Vlan10
description Internal Network
ip address 192.168.145.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
ip nat inside
ip virtual-reassembly
!
interface Dialer1
description DSL PPPOE Dialier
ip address xxx.xxx.xxx.xxx 255.255.255.248
no ip unreachables
ip mtu 1492
ip nbar protocol-discovery
ip flow egress
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
dialer-group 1
ppp authentication pap callin
ppp pap sent-username xxxxxxxxxxxxxxx password 7 xxxxxxxxxxxxxx
ppp ipcp dns request accept
ppp ipcp address accept
no cdp enable
crypto map ChiOffice
!
no ip forward-protocol nd
no ip http server
no ip http secure-server
ip flow-export source Vlan10
ip flow-export version 5
ip flow-export destination 192.168.5.10 9996
!
ip nat inside source list 110 interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx
Thanks in advance for any help, I surely do appreciate EE and all the experts!!!!
crypto map ChiOffice 1 ipsec-isakmp
description Tunnel to Chicago
set peer xxx.xxx.xxx.xxx (chicgo office public IP)
set transform-set ChiOffice
set pfs group5
match address 101
!
!
!
!
!
interface FastEthernet0
switchport access vlan 10
spanning-tree portfast
!
interface FastEthernet1
switchport access vlan 10
spanning-tree portfast
!
interface FastEthernet2
switchport access vlan 10
spanning-tree portfast
!
interface FastEthernet3
switchport access vlan 10
!
interface FastEthernet4
description WAN interface
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
duplex auto
speed auto
pppoe-client dial-pool-number 1
no cdp enable
!
interface Vlan1
no ip address
!
interface Vlan10
description Internal Network
ip address 192.168.145.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
ip nat inside
ip virtual-reassembly
!
interface Dialer1
description DSL PPPOE Dialier
ip address xxx.xxx.xxx.xxx 255.255.255.248
no ip unreachables
ip mtu 1492
ip nbar protocol-discovery
ip flow egress
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
dialer-group 1
ppp authentication pap callin
ppp pap sent-username xxxxxxxxxxxxxxx password 7 xxxxxxxxxxxxxx
ppp ipcp dns request accept
ppp ipcp address accept
no cdp enable
crypto map ChiOffice
!
no ip forward-protocol nd
no ip http server
no ip http secure-server
ip flow-export source Vlan10
ip flow-export version 5
ip flow-export destination 192.168.5.10 9996
!
ip nat inside source list 110 interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx
Thanks in advance for any help, I surely do appreciate EE and all the experts!!!!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Predrag,
The FA4 interface on the 800 series routers is a routed interface, it does not need switchport/vlan/etc.
The FA4 interface on the 800 series routers is a routed interface, it does not need switchport/vlan/etc.
Sorry, my mistake.
:)
I thought that Fa 4 belongs to switch, not to router.
:)
I thought that Fa 4 belongs to switch, not to router.
ASKER
Thanks!!! I've adjusted the config in a file and when the install is completed on Tuesday next week I'll let you know the results!!!!
#no switchport
or in case that command is not supported and port can't be converted to routed interface, IP address need to be added to interface VLAN 1, Eth4 belongs to switching module.
To avoid over sized packets under Eth4 should be
ip mtu 1492
ip tcp adjust-mss 1452
ip nbar protocol-discovery (is optional)