Home > Cisco Systems > Router > Cisco Systems Router 1800 Series User Manual

Cisco Systems Router 1800 Series User Manual

Download as PDF Print this page Share this page

Have a look at the manual Cisco Systems Router 1800 Series User Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 3 Cisco Systems manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

View all the pages

Add page 41 to Favourites

image text

Enable zoom

							CH A P T E R
 
2-1
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
2
Sample Network Deployments
This part of the software configuration guide presents a variety of possible Ethernet- and Digital 
Subscriber Line (DSL)-based network configurations using Cisco
 1800 series routers. Each scenario is 
described with a network topology, a step-by-step procedure that is used to implement the network 
configuration, and a configuration example that shows the results of the configuration. The Cisco
 1811 
and Cisco
 1812 router models can be used in the Ethernet-based scenarios and the Cisco 1801, 
Cisco
 1802, and Cisco 1803 router models can be used in the DSL-based scenarios.
The first network scenario provides a simple network configuration: point-to-point protocol (PPP) over 
the WAN interface with Network Address Translation (NAT). Each successive scenario builds on the 
previous scenario by configuring another key feature.
The scenarios do not address all of the possible network needs; instead, they provide models on which 
you can pattern your network. You can choose not to use features presented in the examples, or you can 
add or substitute features that better suit your needs. 
To verify that a specific feature is compatible with your router, you can use the Software Advisor tool. 
You can access this tool at www.cisco.com > Technical Support & Documentation > Tools & 
Resources with your Cisco username and password.
For Ethernet-Based Network Deployments
Use the following configuration examples to assist you in configuring your router for Ethernet-based 
networks.
 Chapter 3, “Configuring PPP over Ethernet with NAT”
 Chapter 5, “Configuring a LAN with DHCP and VLANs”
 Chapter 6, “Configuring a VPN Using Easy VPN and an IPSec Tunnel”
 Chapter 7, “Configuring VPNs Using an IPSec Tunnel and Generic Routing Encapsulation”
 Chapter 8, “Configuring a Simple Firewall”
For DSL-Based Network Deployments
Use the following configuration examples to assist you in configuring your router for DSL-based 
networks.
 Chapter 4, “Configuring PPP over ATM with NAT”
 Chapter 5, “Configuring a LAN with DHCP and VLANs”
 Chapter 6, “Configuring a VPN Using Easy VPN and an IPSec Tunnel”
 Chapter 7, “Configuring VPNs Using an IPSec Tunnel and Generic Routing Encapsulation”
 Chapter 8, “Configuring a Simple Firewall”

Add page 42 to Favourites

image text

Enable zoom

							 
2-2
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 2      Sample Network Deployments

Add page 43 to Favourites

image text

Enable zoom

							
CH A P T E R
 
3-1
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
3
Configuring PPP over Ethernet with NAT
The Cisco 1811 and Cisco 1812 integrated services fixed-configuration routers support Point-to-Point 
Protocol over Ethernet (PPPoE) clients  and network address translation (NAT). 
Multiple PCs can be connected to the LAN behind the  router. Before the traffic from these PCs is sent 
to the PPPoE session, it can be en crypted, filtered, and so forth. 
Figure 3-1 shows a typical deployment 
scenario with a PPPoE client and NA T configured on the Cisco router. 
Figure 3-1 PPP over Ethernet with NAT
121753
2
3
5
6
1
7
4
Internet
1Multiple networked devices—desktops, laptop PCs, switches
2Fast Ethernet LAN interface (inside interface for NAT)
3PPPoE client—Cisco 1811 or Cisco 1812 integrated services router
4Point at which NAT occurs
5Fast Ethernet WAN interface (outside interface for NAT)
6Cable modem or other server (for example, a Cisco 6400 server) that is connected to the Internet
7PPPoE session between the  client and a PPPoE server

Add page 44 to Favourites

image text

Enable zoom

3-2
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 3 Configuring PPP over Ethernet with NAT
Configure the Virtual Private Dialup Network Group Number
PPPoE
The PPPoE Client feature on the router provides PPPoE client support on Ethernet interfaces. A dialer
interface must be used for cloning virtual access. Multiple PPPoE client sessions can be configured on
an Ethernet interface, but each session must use a separate dialer interface and a separate dialer pool.
A PPPoE session is initiated on the client side by the Cisco 1800 series router. An established PPPoE
client session can be terminated in one of two ways:
By entering the clear vpdn tunnel pppoe command. The PPPoE client session terminates, and the
PPPoE client immediately tries to reestablish the session. This also occurs if the session has a
timeout.
By entering the no pppoe-client dial-pool number command to clear the session. The PPPoE client
does not attempt to reestablish the session.
NAT
NAT (represented as the dashed line at the edge of the Cisco router) signifies two addressing domains
and the inside source address. The source list defines how the packet travels through the network.
Configuration Tasks
Perform the following tasks to configure this network scenario:
Configure the Virtual Private Dialup Network Group Number
Configure the Fast Ethernet WAN Interfaces
Configure the Dialer Interface
Configure Network Address Translation
An example showing the results of these configuration tasks is shown in the section “Configuration
Example.”
Configure the Virtual Private Dialup Network Group Number
Configuring a virtual private dialup network (VPDN) enables multiple clients to communicate through
the router by way of a single IP address.
Complete the following steps to configure a VPDN, starting from the global configuration mode. See the
“Configure Global Parameters” section on page 1-6 for details about entering this mode.
Command or ActionPurpose
Step 1vpdn enable
Example:
Router(config)# vpdn enable
Router(config-vpdn)#
Enables VPDN on the router.
Step 2vpdn group name
Example:
Router(config-vpdn)# vpdn group 1
Router(config-vpdn-grp)#
Creates and associates a VPDN group with a
customer or VPDN profile.

Add page 45 to Favourites

image text

Enable zoom

							 
3-3
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 3      Configuring PPP over Ethernet with NAT
  Configure the Fast Ethernet WAN Interfaces
Configure the Fast Ethernet WAN Interfaces
In this scenario, the PPPoE client (your Cisco router) communicates over a 10/100-Mbps Ethernet 
interface on both the inside and the outside. 
NoteThe Cisco 1800 series integrated services fixed-configuration routers have a hardware limitation on the 
Fast Ethernet ports FE0 and FE1. In half-duplex mode, when traffic reaches or exceeds 100% capacity 
(equal to or greater than 5 Mbps in each direction), the interface experiences excessive collisions and 
resets every second. To avoid this problem, you must limit the traffic capacity to less than 100%.
Step 3request-dialin
Example:
Router(config-vpdn-grp)# request-dialinRouter(config-vpdn-grp)# 
Creates a request-dialin VPDN subgroup, 
indicating the dialing direction, and initiates the 
tunnel.
Step 4initiate to ip ip-address
Example:
Router(config-vpdn-grp)# initiate to 
192.168.1.1
Router(config-vpdn-grp)# 
Specifies the address to which requests are 
tunneled.
For details about this command and additional 
parameters that can be set, see the 
Cisco IOS Dial 
Technologies Command Reference.
Step 5protocol {l2f | l2tp | pppoe | any}
Example:
Router(config-vpdn-grp)# protocol pppoe
Router(config-vpdn-grp)# 
Specifies the type of sessions the VPDN subgroup 
can establish.
Step 6exit
Example:
Router(config-vpdn-grp)# exitRouter(config-vpdn)# 
Exits VPDN group configuration.
Step 7exit
Example:
Router(config-vpdn)# exit
Router(config)# 
Exits VPDN configuration, returning to global 
configuration mode.
Command or Action Purpose

Add page 46 to Favourites

image text

Enable zoom

							
 
3-4
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 3      Configuring PPP over Ethernet with NAT
  Configure the Fast Ethernet WAN Interfaces
Perform these steps to configure the Fast Ethernet  WAN interfaces, starting in global configuration 
mode: 
CommandPurpose
Step 1interface  type number
Example:
Router(config)# interface fastethernet 0
Router(config-if)# 
Enters interface configuration mode for a 
Fast
 Ethernet WAN interface.
The Cisco 1800 integrated services routers have 
two Fast Ethernet WAN interfaces. You can use 
these steps to configure one or both of them.
Step 2pppoe-client dial-pool-number  number
Example:
Router(config-if)# pppoe-client 
dial-pool-number 1
Router(config-if)# 
Configures the PPPoE client and specifies the 
dialer interface to use for cloning. 
Step 3no shutdown
Example:
Router(config-if)#  no shutdownRouter(config-if)# 
Enables the Fast Ethernet interface and the 
configuration changes just made to it.
Step 4exit
Example:
Router(config-if)# exit
Router(config)# 
Exits configuration mode for the Fast Ethernet 
interface and returns to global configuration 
mode.

Add page 47 to Favourites

image text

Enable zoom

							 
3-5
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 3      Configuring PPP over Ethernet with NAT
  Configure the Dialer Interface
Configure the Dialer Interface
The dialer interface indicates how to handle traffic from the clients, including, for example, default 
routing information, the encapsulation protocol, and the dialer pool to use. The dialer interface is also 
used for cloning virtual access. Multiple PPPoE client sessions can be configured on a Fast Ethernet 
interface, but each session must use a separate dialer interface and a separate dialer pool.
Complete the following steps to configure a dialer interface for one of the Fast Ethernet LAN interfaces 
on the router, starting in global configuration mode. 
CommandPurpose
Step 1interface dialer dialer-rotary-group-number
Example:
Router(config)# interface dialer 0
Router(config-if)# 
Creates a dialer interface (numbered 0–255), and 
enters interface configuration mode.
Step 2ip address negotiated
Example:
Router(config-if)# ip address negotiatedRouter(config-if)# 
Specifies that the IP address for the interface is 
obtained through PPP/IPCP (IP Control Protocol) 
address negotiation.
Step 3ip mtu bytes
Example:
Router(config-if)# ip mtu 1492
Router(config-if)# 
Sets the size of the IP maximum transmission unit 
(MTU). The default minimum is 128
 bytes. The 
maximum for Ethernet is 1492
 bytes.
Step 4encapsulation encapsulation-type
Example:
Router(config-if)# encapsulation ppp
Router(config-if)# 
Sets the encapsulation type to PPP for the data 
packets being transmitted and received.
Step 5ppp authentication {protocol1 [protocol2...]}
Example:
Router(config-if)# ppp authentication chapRouter(config-if)# 
Sets the PPP authentication method to Challenge 
Handshake Authentication Protocol (CHAP).
For details about this command and additional 
parameters that can be set, see the 
Cisco IOS 
Security Command Reference.
Step 6dialer pool number
Example:
Router(config-if)# dialer pool 1
Router(config-if)# 
Specifies the dialer pool to use to connect to a 
specific destination subnetwork.

Add page 48 to Favourites

image text

Enable zoom

							 
3-6
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 3      Configuring PPP over Ethernet with NAT
  Configure the Dialer Interface
Step 7dialer-group group-number
Example:
Router(config-if)# dialer group 1Router(config-if)# 
Assigns the dialer interface to a dialer group 
(1–10).
TipUsing a dialer group controls access to 
your router.
Step 8exit
Example:
Router(config-if)# exit
Router(config)# 
Exits the dialer 0 interface configuration.
Step 9dialer-list dialer-group protocol protocol-name 
{permit | deny | list access-list-number | 
access-group} 
Example:
Router(config)# dialer-list 1 protocol ip 
permit
Router(config)# 
Creates a dialer list and associates a dial group 
with it. Packets are then forwarded through the 
specified interface dialer group. 
For details about this command and additional 
parameters that can be set, see the 
Cisco IOS Dial 
Technologies Command Reference.
Step 10ip route prefix mask {interface-type 
interface-number}
Example:
Router(config)# ip route 10.10.25.2 
0.255.255.255 dialer 0
Router(config)# 
Sets the IP route for the default gateway for the 
dialer 0 interface.
For details about this command and additional 
parameters that can be set, see the 
Cisco IOS IP 
Command Reference, Volume 2; Routing 
Protocols. 
Command Purpose

Add page 49 to Favourites

image text

Enable zoom

							 
3-7
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 3      Configuring PPP over Ethernet with NAT
  Configure Network Address Translation
Configure Network Address Translation
Network Address Translation (NAT) translates packets from addresses that match a standard access list, 
using global addresses allocated by the dialer interface. Packets that enter the router through the inside 
interface, packets sourced from the router, or both are checked against the access list for possible address 
translation. You can configure NAT for either static or dynamic address translations.
Perform these steps to configure the outside Fast Ethernet WAN interface with dynamic NAT, beginning 
in global configuration mode:
CommandPurpose
Step 1ip nat pool name start-ip end-ip {netmask 
netmask | prefix-length prefix-length}
Example:
Router(config)# ip nat pool pool1 
192.168.1.0 192.168.2.0 netmask 0.0.0.255
Router(config)# 
Creates pool of global IP addresses for NAT. 
Step 2ip nat inside source {list access-list-number} 
{interface type number | pool name} [overload]
Example 1:
Router(config)# ip nat inside source list 1 
interface dialer 0 overload
or
Example 2:
Router(config)# ip nat inside source list 
acl1 pool pool1
Enables dynamic translation of addresses on the 
inside interface.
The first example shows the addresses permitted 
by the access list 1 to be translated to one of the 
addresses specified in the dialer interface 0.
The second example shows the addresses 
permitted by access list acl1 to be translated to one 
of the addresses specified in the NAT pool pool1.
For details about this command and additional 
parameters that can be set, as well as information 
about enabling static translation, see the 
Cisco IOS IP Command Reference, Volume 1 of 4: 
Addressing and Services.
Step 3interface type number
Example:
Router(config)# interface vlan 1
Router(config-if)# 
Enters configuration mode for the VLAN (on 
which the Fast Ethernet LAN interfaces reside) to 
be the inside interface for NAT.
Step 4ip nat {inside | outside}
Example:
Router(config-if)# ip nat insideRouter(config-if)# 
Identifies the specified VLAN interface as the 
NAT inside interface.
For details about this command and additional 
parameters that can be set, as well as information 
about enabling static translation, see the 
Cisco IOS IP Command Reference, Volume 1 of 4: 
Addressing and Services.

Add page 50 to Favourites

image text

Enable zoom

							 
3-8
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 3      Configuring PPP over Ethernet with NAT
  Configure Network Address Translation
NoteIf you want to use NAT with a virtual-template interface, you must configure a loopback interface. See 
Chapter 1, “Basic Router Configuration,” for information on configuring a loopback interface.
Step 5no shutdown
Example:
Router(config-if)# no shutdownRouter(config-if)# 
Enables the configuration changes just made to the 
Ethernet interface.
Step 6exit
Example:
Router(config-if)# exit
Router(config)# 
Exits configuration mode for the Fast Ethernet 
interface.
Step 7interface type number
Example:
Router(config)#interface fastethernet 0
Router(config-if)# 
Enters configuration mode for the Fast Ethernet 
WAN interface (FE0 or FE1) to be the outside 
interface for NAT.
Step 8ip nat {inside | outside}
Example:
Router(config-if)# ip nat outside
Router(config-if)# 
Identifies the specified WAN interface as the NAT 
outside interface.
For details about this command and additional 
parameters that can be set, as well as information 
about enabling static translation, see the 
Cisco IOS IP Command Reference, Volume 1 of 4: 
Addressing and Services.
Step 9no shutdown
Example:
Router(config-if)# no shutdown
Router(config-if)# 
Enables the configuration changes just made to the 
Ethernet interface.
Step 10exit
Example:
Router(config-if)# exitRouter(config)# 
Exits configuration mode for the Fast Ethernet 
interface.
Step 11access-list access-list-number {deny | permit} 
source [source-wildcard]
Example:
Router(config)# access-list 1 permit 
192.168.1.0 0.0.0.255
Defines a standard access list indicating which 
addresses need translation.
NoteAll other addresses are implicitly denied.
Command Purpose

All Cisco Systems manuals Comments (0)