Mar 28

Setup a Cisco Router with POTS on Amnet ADSL

I recently posted a Cisco config on a bridge mode ADSL2+ modem.  Well as I’m a IT Consultant, I get my hands on a fair bit of hardware.  Well this weekend I’ve had a unit that needed testing, as it was failing to transfer data across it’s ADSL link.  Fortunately for me it wasn’t faulty, so I’ve managed to get a working config.

Lanchbury Cisco Layout on Temperary 800 Series Router

This is the more regular setup of a Cisco router, so if your looking for a config for a Amnet connection try the below.  Copy the below text into notepad, edit the {brackets} and then paste it into a Cisco’s Configure Terminal prompt.

no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname {router-name}
!
boot-start-marker
boot-end-marker
!
enable secret {enable-password}
!
no aaa new-model
!
!
!
!
ip cef
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
ip domain lookup source-interface Dialer0
ip domain name {local-domain-name}
ip name-server {local-dns-server or 203.161.127.1 and/or 203.153.224.42}
!
vpdn enable
!
vpdn-group pppoe
l2tp tunnel receive-window 128
!
!
!
username {username} privilege 15 secret {user-password}
!
!
archive
log config
hidekeys
!
!
!
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode adsl2+
no shutdown
!
interface ATM0.1 point-to-point
description PPPOE WAN Interface
pvc 8/35
pppoe-client dial-pool-number 1
!
!
interface FastEthernet0
description Connected to Switch
no shutdown
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
no ip address
shutdown
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
!
interface Vlan1
ip address 172.17.2.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface Dialer0
ip address negotiated
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap callin
ppp chap hostname {amnet-username}@amnet
ppp chap password {amnet-password}
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0
!
no ip http server
no ip http secure-server
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 172.17.2.{host} 80 interface Dialer0 80
ip nat inside source static tcp 172.17.2.{host} 443 interface Dialer0 443
{add in any more port forwards you want applied here with the above syntax}
!
access-list 1 permit 172.17.2.0 0.0.0.255
!
control-plane
!
banner motd ^CCC
**************************************************
* Access to authorized personnel only *
**************************************************^C
!
line con 0
exec-timeout 30 0
password {console-password}
logging synchronous
login
no modem enable
line aux 0
line vty 0 4
exec-timeout 30 0
password {remote-password}
logging synchronous
login local
transport input ssh
!
scheduler max-task-time 5000
end

Mar 08

I love my family stickers

image

I applied my family stickers on Saturday of the long weekend, don’t they look awesome!

Mar 05

Setup a Cisco Router on Amnet ADSL (Bridge Mode)

Here something I’ve been playing a lot with at the moment, I have learnt to love the Cisco iOS. I feel it’s setup better than linux (keeping in mind linux is built on hundreds of seperate programs)

At the bottom is the config I used / am using. But first I will explain what hardware I’m using.  I have got a 800 series cisco router, the thing is, it’s a work hand me down.  Therefore it doesn’t have a POTS port.  So this makes my config different but still usable for anyone with.  OK so below is a picture of what is connected to what.

As you can see the ADSL modem is between Amnet and my router.  It is configured in Pure Bridge mode, which basicly pases ethernet straight to the router.  From here the router still needs to connect by PPPOE to Amnet.  A very good reason for doing it this way.  It bypasses any firewalls on the modem and the outside IP address is applied directly to the dialer0 interface.  This gives you full control to allow the iOS to do what ever you want.

Here is my config of how I got it to work.  Keep in mind to edit the config (change the {string} lines) before pasting this into a configure terminal prompt, and remember to copy running-config startup-config when your done, working and happy.

no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname {router-name}
!
boot-start-marker
boot-end-marker
!
enable secret {enable-password}
!
no aaa new-model
!
!
dot11 syslog
ip source-route
!
!
ip cef
ip domain lookup source-interface Dialer0
ip domain name {local-domain-name}
ip name-server {local-dns-server or 203.161.127.1 and/or 203.153.224.42}
!
!
vpdn enable
!
vpdn-group pppoe
l2tp tunnel timeout no-session 15
!
!
!
username {username} privilege 15 secret (user-password}
!
!
ip ssh version 2
!
!
!
!
!
!
!
interface FastEthernet0
description Connected to Switch
no shutdown
!
interface FastEthernet1
shutdown
!
interface FastEthernet2
shutdown
!
interface FastEthernet3
shutdown
!
interface FastEthernet4
description Connected to Billon 7300A (in bridge mode)
ip address 172.17.1.2 255.255.255.252
duplex auto
speed auto
pppoe-client dial-pool-number 1
hold-queue 224 in
no shutdown
!
interface Vlan1
ip address 172.17.2.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface Dialer0
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
ppp authentication chap callin
ppp chap hostname {amnet-username}@amnet
ppp chap password {amnet-password}
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 172.17.2.{host} 80 interface Dialer0 80
ip nat inside source static tcp 172.17.2.{host} 443 interface Dialer0 443
{add in any more port forwards you want applied here with the above syntax}
ip default-network 172.17.1.1
ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 172.17.1.0 255.255.255.252 172.17.1.1
!
access-list 1 permit 172.17.2.0 0.0.0.255
access-list 1 permit 172.17.1.0 0.0.0.3
!
!
!
!
control-plane
!
banner motd ^CC
**************************************************
*      Access to authorized personnel only       *
**************************************************^C
!
line con 0
exec-timeout 30 0
password {console-password}
logging synchronous
login
no modem enable
line aux 0
line vty 0 4
exec-timeout 30 0
password {remote-password}
logging synchronous
login local
transport input ssh
!
scheduler max-task-time 5000
end

Feb 02

My new archive drives

image

How cool are these. Yes they’re old but my favorite computer store is selling them cheap at the moment. So I’ve taken the opportunity to buy a few.