Hi,
Can anyone offer any advice for configuring a cisco router to use a Telewest connection? I have the router plugged into the modem but when i configure the details from a normal belkin router i can not see the outside world :(
Hi,
Can anyone offer any advice for configuring a cisco router to use a Telewest connection? I have the router plugged into the modem but when i configure the details from a normal belkin router i can not see the outside world :(
The following is a slightly sanitised copy of the config I had on my
831 when I had NTL cable, hope it helps - it should hopefully point you in the right direction. There's bits of this config that probably aren't doing anything - I did a lot of playing with it & I'm not sure whether this is a fully-working copy or not.You may want to post more details of your config, like what router you are using & it's config (minus anything identifiable) if you're still stuck.
//START version 12.3
no service pad
service timestamps debug datetime
service timestamps log datetime
service password-encryption
!hostname Router
!logging buffered 16000 debugging
no logging console
enable secret 5 >snip>
!username UserA privilege 15 password
clock timezone GMT 0
clock summer-time BST recurring last Sun Mar 2:00 last Sun Oct 2:00
aaa new-model
! !aaa authentication login vpnusers local
aaa authorization exec default local
aaa authorization network vpn-remote-access local
aaa session-id common
ip subnet-zero
no ip source-route
ip tcp synwait-time 10
ip domain name mydomain.co.uk
ip name-server a.b.c.d
ip name-server a.b.c.e
! !ip cef
ip inspect alert-off
ip inspect max-incomplete low 100
ip inspect max-incomplete high 200
ip inspect one-minute low 100
ip inspect one-minute high 200
ip inspect udp idle-time 20
ip inspect tcp idle-time 1800
ip inspect tcp finwait-time 1
ip inspect tcp synwait-time 15
ip inspect tcp max-incomplete host 25 block-time 0
ip inspect name my-fw smtp
ip inspect name my-fw ftp
ip inspect name my-fw tcp
ip inspect name my-fw fragment maximum 128 timeout 1
ip inspect name my-fw icmp
ip inspect name my-fw udp timeout 10
ip inspect name my-fw http
ip audit notify log
ip audit po max-events 100
ip audit name IDS_in info action alarm
ip audit name IDS_in attack action alarm drop reset
ip audit name IDS_out info action alarm
ip audit name IDS_out attack action alarm drop reset
ip ssh time-out 60
ip ssh authentication-retries 2
!no ftp-server write-enable
!class-map match-all CM-eMule
match access-group name ACL-eMule
! ! !interface Ethernet0
description "LAN"
ip address 192.168.5.1 255.255.255.0
ip nat inside
!interface Ethernet1
description Internet LAN
ip address dhcp
ip access-group ACL-Firewall-ISP in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip inspect my-fw out
duplex auto
no cdp enable
!interface FastEthernet1
no ip address
duplex auto
speed auto
!interface FastEthernet2
no ip address
duplex auto
speed auto
!interface FastEthernet3
no ip address
duplex auto
speed auto
!interface FastEthernet4
no ip address
duplex auto
speed auto
!ip nat translation timeout 300
ip nat inside source route-map RM-InternetNAT interface Ethernet1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 dhcp
no ip http server
no ip http secure-server
ip dns server
! !ip access-list standard ACL-LAN-NAT
permit 192.168.5.0 0.0.0.255
ip access-list standard ACL-VTY
permit 192.168.5.0 0.0.0.255
deny any log
!ip access-list extended ACL-Firewall-ISP
remark Prevent Cisco Vunerability
deny 53 any any
deny 55 any any
deny 77 any any
deny pim any any
remark To allow DHCP
permit udp any eq bootps any eq bootpc
remark Block spoofing DoS attacks
deny ip 0.0.0.0 0.255.255.255 any
deny ip 10.0.0.0 0.255.255.255 any
deny ip 127.0.0.0 0.255.255.255 any
deny ip 169.254.0.0 0.0.255.255 any
deny ip 172.16.0.0 0.15.255.255 any
deny ip 192.0.2.0 0.0.0.255 any
deny ip 192.168.0.0 0.0.255.255 any
deny ip 224.0.0.0 31.255.255.255 any
deny ip host 255.255.255.255 any
remark Allow NTP
permit udp any any eq ntp remark Begin DNS Permits
permit udp any eq domain any
deny ip any any log !
ip access-list extended ACL-eMule
permit udp any any eq 4672
permit tcp any any eq 4662
permit tcp any eq 4662 any
permit udp any eq 4672 any !
route-map RM-InternetNAT permit 20
match ip address ACL-LAN-NAT
!alias exec siib show ip int brief
alias exec sir show ip route
alias exec tm term mon
alias exec tnm term no mon
alias exec sint show ip nat trans
alias exec ct conf t
alias exec sr show run
!line con 0
no modem enable
line aux 0
line vty 0 4
access-class ACL-VTY in
privilege level 15
logging synchronous
transport input telnet ssh
!scheduler max-task-time 5000
sntp server 158.43.128.33
sntp server 158.43.128.66
sntp server 158.43.192.66
!end
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.