Cisco Router 800 Series Software Configuration Guide
Have a look at the manual Cisco Router 800 Series Software Configuration Guide online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 53 Cisco manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
2-3 Cisco 800 Series Software Configuratio Guide 78-5372-06 Chapter 2 Configuring Basic Networks Connecting a Private IP Network to the Internet Step 4If setting up a connection to a corporate network, you and the network administrator of the corporate network must decide on or generate the following information for the WAN interfaces of the routers so you can both use this information: PPP authentication type: CHAP or PAP. PPP client name to access the router. PPP password to access the router. Telephone number assigned to the telephone interface of your router. Step 5If setting up IP routing, obtain the addressing scheme information for your IP network. Connecting a Private IP Network to the Internet In the network example shown in Figure 2-1 and Ta b l e 2 - 1, the Cisco 800 series router connects a private IP network to an ISP. Figure 2-1 Connecting Private IP Network to Internet 10.0.0.0 255.0.0.0 192.168.1.100 74930 26 1 7 8 9 5 4 3
Chapter 2 Configuring Basic Networks Connecting a Private IP Network to the Internet 2-4 Cisco 800 Series Software Configuratio Guide 78-5372-06 Features Used This network uses the following features on the LAN: IP routing Dynamic Host Configuration Protocol (DHCP) server (optional) When your router is acting as a DHCP server, workstations configured as DHCP clients are automatically assigned an IP address and subnet mask. This network uses the following features on the WAN: IP routing PPP Network Address Translation (NAT) overload Internet Protocol Control Protocol (IPCP) CHAP or PAP over PPP Dial-on-demand routing (DDR) Static routes Callout Number Description 1DHCP server at Site 1 2National ISDN-1 switch type, with B1 SPID 40855511110101 and B2 SPID 40855522220101 3Private IP network 4DHCP client 5PPP link 6ISDN phone number, 4085551111 7Internet service provider 8CHAP or PAP 9Domain Name System (DNS) server
2-5 Cisco 800 Series Software Configuratio Guide 78-5372-06 Chapter 2 Configuring Basic Networks Connecting a Private IP Network to the Internet With NAT overload configured, the router uses one address for multiple hosts. With IPCP configured, your router automatically negotiates its IP address from the router it is attempting to connect to. You can use either CHAP or PAP as the PPP authentication protocol. Cisco recommends using CHAP, because it is the more secure of the two protocols. In addition, the ISDN line is activated only when needed (DDR), using one route that has been manually configured (static route). DDR using static routes suits small networking environments that do not have complex routing topologies. Configuration To configure the features for this network example, perform the following steps on the PC, starting in global configuration mode. Step 1Specify a name for the router. For example, specify SanJose as the router name: router(config)# hostname SanJose Step 2Specify an encrypted password containing from 1 to 25 uppercase or lowercase alphanumeric characters. Spaces are also valid password characters. Leading spaces are ignored; trailing spaces are recognized. For example, specify abra cadabra as the password: SanJose(config)# enable secret abra cadabra Step 3Configure the router to recognize the zero subnet range as a valid range of addresses: SanJose(config)# ip subnet-zero Step 4Disable the router from translating unfamiliar words entered during a console session into IP addresses: SanJose(config)# no ip domain-lookup Step 5Optional. Configure your router as a DHCP server. Define the DHCP relay pool name. For example: router(config)# ip dhcp pool DHCPpoolLAN_0 a.Set the DHCP pool of addresses. For example: router(dhcp-config)# network 10.0.0.0 255.255.255.0
Chapter 2 Configuring Basic Networks Connecting a Private IP Network to the Internet 2-6 Cisco 800 Series Software Configuratio Guide 78-5372-06 b.Set the IP addresses of the DNS servers. For example: router(dhcp-config)# dns-server 192.168.1.100 c.Set the NetBIOS servers. For example: router(dhcp-config)# netbios-name-server 10.1.1.2 10.1.1.3 d.Set the Ethernet 0 IP address as the default gateway. For example: router(dhcp-config)# default-router 10.0.0.1 e.Exit to global configuration mode: router(dhcp-config)# exit Step 6Configure the LAN interface by performing the following steps: a.Specify parameters for the LAN interface: SanJose(config)# interface ethernet0 b.Set the IP address and subnet mask for the LAN interface. For example: SanJose(config-if)# ip address 10.0.0.1 255.0.0.0 c.Activate the LAN interface: SanJose(config-if)# no shutdown Step 7Enable NAT on your LAN. The inside network address is not directly routed to the Internet, but is subject to translation to a routable address outside the LAN. For example: SanJose(config-if)# ip nat inside Step 8Configure the WAN interface by performing the following steps: a.Change to global configuration mode: SanJose(config-if)# exit SanJose(config)# b.Specify parameters for the WAN interface: SanJose(config)# interface bri0 c.Enable PPP: SanJose(config-if)# encapsulation ppp
2-7 Cisco 800 Series Software Configuratio Guide 78-5372-06 Chapter 2 Configuring Basic Networks Connecting a Private IP Network to the Internet d.Enable multilink PPP: SanJose(config-if)# ppp multilink e.Enable the translation of the inside network to a valid Internet address: SanJose(config-if)# ip nat outside f.Create a dialer rotary group, specifying a number between 0 and 255. Dialer rotary groups are useful in environments that require multiple calling destinations. For example: SanJose(config-if)# dialer rotary-group 0 g.North America only. Associate the ISDN local directory numbers (LDNs) provided by your telephone service provider with the first and second SPIDs. You can specify the SPID number, or you can have it automatically detected by entering a 0. In the following example, the SPID number is represented by a 0, so that it will be automatically detected. The primary LDN is followed by the secondary LDN for each SPID. SanJose(config-if)# isdn spid1 0 4085551111 4085552222 SanJose(config-if)# isdn spid2 0 4085553333 4085554444 NoteFind out from your telephone service provider whether you need to specify an area code for the LDN. h.North America only. If you had manually entered the SPID number, enable the BRI0 interface. SanJose(config-if)# no shutdown i.North America only. If you configured the SPID to be automatically detected, enable the automatic detection of ISDN SPID numbers and switch type: SanJose(config-if)# isdn autodetect j.Outside of North America only. Specify the ISDN switch type. To get a listing of supported switches, enter the isdn switch-type ? command. The following example specifies the NET3 switch type: router(config-if)# isdn switch-type basic-net3
Chapter 2 Configuring Basic Networks Connecting a Private IP Network to the Internet 2-8 Cisco 800 Series Software Configuratio Guide 78-5372-06 k.Disable the Cisco Discovery Protocol (CDP): SanJose(config-if)# no cdp enable Step 9Follow these steps to specify characteristics of the dialer rotary group that were created in the previous step: a.Change to global configuration mode: SanJose(config-if)# exit SanJose(config)# b.Create a dialer interface, specifying a number between 0 to 255 to represent your dialer rotary group. For example: SanJose(config)# interface dialer 0 SanJose(config-if)# c.Specify that the IP address for this interface is obtained by using IPCP: SanJose(config-if)# ip address negotiated d.Enable PPP as the encapsulation type: SanJose(config-if)# encapsulation ppp e.Enable DDR: SanJose(config-if)# dialer in-band f.Specify the amount of time in number of seconds that the line can be idle before it is disconnected: SanJose(config-if)# dialer idle-timeout 300 g.Specify the telephone number of the interface to be called if you are calling a single site. For example: SanJose(config-if)# dialer string 14085553333 h.Set the maximum number of packets to be held in the outgoing queue to 10. If an ISDN connection does not exist yet, the hold queue holds up to 10 packets before dropping them. For example: SanJose(config-if)# dialer hold-queue 10
2-9 Cisco 800 Series Software Configuratio Guide 78-5372-06 Chapter 2 Configuring Basic Networks Connecting a Private IP Network to the Internet i.Define the load level that must be exceeded on the first ISDN B channel before the second B channel is brought up. The load-threshold variable represents a utilization percentage and is a number between 1 and 255, where 255 equals 100 percent. For example: SanJose(config-if)# dialer load-threshold 10 outbound NoteEnter outbound to calculate the load using outbound data only, inbound to calculate the load using inbound data only, and either to set the maximum calculated load as the larger of the outbound and inbound loads. j.Assign this interface to dialer access group 1: SanJose(config-if)# dialer-group 1 k.Configure CHAP, then specify a CHAP host name and password. To configure PAP, skip this step and go to the next step. This command enables CHAP and specifies authentication on incoming calls only. Unidirectional authentication is used because non-Cisco routers that do not support bidirectional authentication are potentially in use at the ISP. In these cases, when the SanJose router calls the ISP, SanJose does not authenticate. However, the ISP authenticates SanJose before allowing the connection. SanJose(config-if)# ppp authentication chap callin router(config-if)# ppp chap hostname SanJose router(config-if)# ppp chap password gocisco1 l.Configure PAP. To configure CHAP, skip this step and follow the previous step. The following command enables PAP and specifies authentication on incoming calls only. Unidirectional authentication is used because routers that do not support bidirectional authentication are potentially in use at the ISP. In these cases, when the SanJose router calls the ISP, SanJose does not authenticate. However, the ISP authenticates SanJose before allowing the connection. SanJose(config-if)# ppp authentication pap callin
Chapter 2 Configuring Basic Networks Connecting a Private IP Network to the Internet 2-10 Cisco 800 Series Software Configuratio Guide 78-5372-06 m.Enable remote PAP support for an interface. The username and password are sent in the PAP authentication request packet. The password must contain from 1 to 25 upper- and lowercase alphanumeric characters; it cannot contain spaces nor underscores. SanJose(config-if)# ppp pap sent-username SanJose password gocisco n.Enable multilink PPP: SanJose(config-if)# ppp multilink Step 10Follow these steps to configure how the IP routing protocol learns routes: a.Change to global configuration mode: SanJose(config-if)# exit SanJose(config)# b.Set up all IP addresses to be treated as classless: SanJose(config)# ip classless c.Enable IP routing and set up a static route. Typically, the ISP does not provide IP addresses and subnet masks of their networks, but they do provide the IP address of the ISDN router interface to which your router is connected. The following example specifies that you need to use dialer 0 on your router to reach the ISP router. Dialer 0 had been previously configured using the interface dialer command. SanJose(config)# ip routing SanJose(config)# ip route 0.0.0.0 0.0.0.0 192.168.1.1 SanJOse(config)# ip route 192.168.1.1 255.255.255.255 dialer0 Step 11Specify that dialer-list 1 permits dialing by the IP routing protocol: SanJose(config)# dialer-list 1 protocol ip permit Step 12Perform this step only if ISDN calls at 64 kbps are not supported. Specify characteristics of the outgoing calls from an ISDN interface by using the following steps: a.Define a class of shared configuration parameters for outgoing calls from an ISDN interface: SanJose(config)# map-class dialer 56k The unique identifier that identifies the class is 56k.
2-11 Cisco 800 Series Software Configuratio Guide 78-5372-06 Chapter 2 Configuring Basic Networks Connecting a Private IP Network to the Internet b.Specify 56 kbps as the B channel speed: SanJose(config-map-class)# dialer isdn speed 56 Step 13If you have a Cisco 800 series router that is connected to a telephone, fax machine, or modem, configure the telephone interfaces by performing the following steps: a.Change to global configuration mode: SanJose(config-map-class)# exit SanJose(config)# b.Specify the country where your router is located: SanJose(config)# pots country us Enter the pots country ? command to get a list of supported countries and codes. This command determines the physical characteristics of the telephone interfaces. By specifying a country, you are configuring your telephone to use country-specific default settings for each of the physical characteristics. c.Create dial peers to determine how incoming calls are routed to the telephone ports. In the following example, the dial-peer tag is 1, the ISDN local directory number LDN is 5551111, the telephone port is 1, and call waiting is disabled: SanJose(config)# dial-peer voice 1 pots SanJose(config-dial-peer)# destination-pattern 5551111 SanJose(config-dial-peer)# port 1 SanJose(config-dial-peer)# no call-waiting SanJose(config-dial-peer)# exit SanJose(config)# NoteEnter a number between 1 and 6 for the dial-peer tag variable. Find out from your telephone service provider whether or not you need to specify an area code for the LDN. d.Specify parameters for the WAN interface: SanJose(config)# interface bri0
Chapter 2 Configuring Basic Networks Connecting a Public IP Network to the Internet 2-12 Cisco 800 Series Software Configuratio Guide 78-5372-06 e.Specify that incoming voice calls shall be forwarded to the devices connected to the telephone ports: SanJose(config-if)# isdn incoming-voice modem Step 14Exit the interface configuration mode. SanJose(config-if)# exit SanJose#(config)# Step 15In global configuration mode, set global NAT commands. In the following example, all inside network addresses assigned to interface BRI0 are configured for translation, and the access list that contains the inside network addresses is defined. SanJose(config)# ip nat inside source list 1 interface bri0 overload SanJose(config)# access-list 1 permit 10.0.0.0 255.0.0.0 Step 16Change to user mode and save your configuration: SanJose(config)# exit SanJose# copy running-config startup-config Connecting a Public IP Network to the Internet In the network example shown in Figure 2-2 and Ta b l e 2 - 2, the Cisco 800 series router connects a public IP network to an ISP. The ISP has assigned a range of registered (public) IP addresses for the LAN devices that require Internet access.