Check the config register which tells the router how to boot. If memory serves me right it should be 2102, where 2142 is to boot with default settings. Follow the steps in the link below
No ideas where you're located in the world but this is a working 837 config for a UK adsl line. I've replaced any passwords with xxxx and likewise altered the ADSL user/pass details to something generic. This also has the config for a working Cisco VPN connection to the router.. as well as Windows Terminal Services and Windows PPTP VPN NAT translations to an internal server. I'm not Cisco trained, but this is what I guessed together from reading this froup and a few other intnernet sources for a friend who fiddled with his 837 box and managed to hose the config. I'm sure there's mistakes, but it's been working reliably ever since so I must have done some of it right! ;o)
! version 12.2 no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname router ! logging queue-limit 100 no logging buffered enable secret 5 xxxx ! username router password 7 xxxx username vpnuser password 7 xxxx aaa new-model ! ! aaa authentication login userauthen local aaa authorization network groupauthor local aaa session-id common ip subnet-zero ! ! ip audit notify log ip audit po max-events 100 no ftp-server write-enable ! ! ! ! crypto isakmp policy 3 encr 3des authentication pre-share group 2 ! crypto isakmp client configuration group vpngroup key 0 vpngroup dns 192.168.16.2 wins 192.168.16.2 pool vpnpool acl 106 ! ! crypto ipsec transform-set myset esp-3des esp-sha-hmac ! crypto dynamic-map dynmap 10 set transform-set myset ! ! crypto map clientmap client authentication list userauthen crypto map clientmap isakmp authorization list groupauthor crypto map clientmap client configuration address respond crypto map clientmap 10 ipsec-isakmp dynamic dynmap ! ! ! ! interface Ethernet0 ip address 192.168.16.1 255.255.255.0 ip access-group 102 in ip nat inside no ip mroute-cache crypto map clientmap hold-queue 100 out ! interface ATM0 no ip address no ip mroute-cache atm vc-per-vp 64 no atm ilmi-keepalive pvc 0/38 encapsulation aal5mux ppp dialer dialer pool-member 1 ! dsl operating-mode auto ! interface Dialer1 ip address negotiated ip access-group 101 in ip nat outside encapsulation ppp ip tcp adjust-mss 1400 dialer pool 1 dialer-group 1 ppp authentication chap pap callin ppp chap hostname adsl_username ppp chap password 7 adsl_password ppp pap sent-username adsl_username password 7 adsl_password ppp ipcp dns request ppp ipcp wins request crypto map clientmap hold-queue 224 in ! ip local pool vpnpool 192.168.17.1 192.168.17.10 ip nat inside source list 105 interface Dialer1 overload ip nat inside source static tcp 192.168.16.2 3389 interface Dialer1 3389 ip nat inside source static tcp 192.168.16.2 1723 interface Dialer1 1723 ip classless ip route 0.0.0.0 0.0.0.0 Dialer1 no ip http server no ip http secure-server ! access-list 1 remark The local LAN access-list 1 permit 192.168.16.0 0.0.0.255 access-list 2 remark Where management can be done from access-list 2 permit 192.168.16.0 0.0.0.255 access-list 2 permit 192.168.17.0 0.0.0.255 access-list 101 remark Traffic allowed to enter router from Internet access-list 101 permit ip any any access-list 101 permit ip 192.168.16.0 0.0.0.255 192.168.16.0 0.0.0.255 access-list 101 permit ip 192.168.17.0 0.0.0.255 192.168.17.0 0.0.0.255 access-list 101 permit tcp any any eq 3389 access-list 101 permit tcp any any eq 1723 access-list 101 permit tcp any any eq 10000 access-list 101 permit udp any any eq isakmp access-list 101 permit gre any any access-list 101 deny ip any any access-list 102 remark Traffic allowed to enter router from Ethernet access-list 102 permit ip any any access-list 105 remark Traffic to NAT access-list 105 deny ip 192.168.16.0 0.0.0.255 192.168.17.0 0.0.0.255 access-list 105 deny ip 192.168.17.0 0.0.0.255 192.168.16.0 0.0.0.255 access-list 105 permit ip 192.168.16.0 0.0.0.255 any access-list 105 permit ip 192.168.17.0 0.0.0.255 any access-list 106 remark User to Site VPN clients access-list 106 permit ip 192.168.16.0 0.0.0.255 any access-list 106 permit ip 192.168.17.0 0.0.0.255 any dialer-list 1 protocol ip permit ! line con 0 exec-timeout 120 0 no modem enable stopbits 1 line aux 0 stopbits 1 line vty 0 4 access-class 2 in exec-timeout 120 0 length 0 ! scheduler max-task-time 5000 ! end
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.