-
Join the MyBroadband community
South Africa’s biggest forum. Discuss, discover, and connect with thousands of members.
-
Question of the Day: Which is the most hair-raising South African mountain pass you've driven?
Cisco 877-W Router setup with Telkom Internet
- Thread starter BruceZ
- Start date
!!DV!!
Senior Member
This will get you going
MidnightWizard
Executive Member
dns-server <Name Server 1> <Name Server 2>
------> oo0oo <-------------
ppp ipcp dns request
=========
IF I understand this correctly --on the one hand you are specifying the DNS Servers.
Then later on you are asking for their details to be supplied ?
KZNCM
!!DV!!
Senior Member
Yes, this was a configuration used where internal DNS servers was also used.
That line can be omitted from the configuration if not used.
That line can be omitted from the configuration if not used.
I cant get this damn thing to work!!! I dont have ethernet0 as an interface (877 non wireless). And I have setup vlan1 with address 192.168.4.1 the interface is showing up and i can ping it through a serial connection, however I cant ping a statically assigned device (192.168.4.11) and vice versa.
These are my interfaces:
cisco877.lan#show ip interface brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0 unassigned YES unset up up
FastEthernet1 unassigned YES unset up down
FastEthernet2 unassigned YES unset up down
FastEthernet3 unassigned YES unset up up
ATM0 unassigned YES NVRAM initializing down
Vlan1 192.168.4.1 YES NVRAM up up
NVI0 unassigned YES unset up up
Vlan10 192.168.1.40 YES NVRAM up down
Can anyone point me on the right path?
These are my interfaces:
cisco877.lan#show ip interface brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0 unassigned YES unset up up
FastEthernet1 unassigned YES unset up down
FastEthernet2 unassigned YES unset up down
FastEthernet3 unassigned YES unset up up
ATM0 unassigned YES NVRAM initializing down
Vlan1 192.168.4.1 YES NVRAM up up
NVI0 unassigned YES unset up up
Vlan10 192.168.1.40 YES NVRAM up down
Can anyone point me on the right path?
Roman4604
Executive Member
Do you want two seperate LANs, one with IPs of 192.168.1.X (Vlan10) and one with IPs of 192.168.4.X (Vlan1), or is it just a typo?
I have two seperate LAN's there is already a gateway 192.168.1.1 for network 192.168.1.0...
To answer the question though: im creating a seperate small test network of 192.168.4.0/24. So having vlan10 isnt necessary.
So I should only require vlan1 with an address of 192.168.4.1 and the fastethernet switch is by default tied to vlan 1!? The issue is that there doesnt seem to be any reachability of any hosts on the x.x.4.0/24 network.
My next step is then to create a PPPoE connection so that 192.168.4.0 can access the internet.
Roman4604
Executive Member
OK then modify the above config with (assumes your test net will plug into sw port 3) ...
Vlan10
name TEST-NET
interface FastEthernet3
switchport access vlan10
interface Vlan1
ip address 192.168.4.1 255.255.255.0
ip nat inside
interface Vlan10
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip nat inside source list 1 interface Dialer0 overload
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 1 permit 192.168.4.0 0.0.0.255
Vlan10
name TEST-NET
interface FastEthernet3
switchport access vlan10
interface Vlan1
ip address 192.168.4.1 255.255.255.0
ip nat inside
interface Vlan10
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip nat inside source list 1 interface Dialer0 overload
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 1 permit 192.168.4.0 0.0.0.255
I think I may have found the issue:
1) Cisco-01>sh vlans
No Virtual LANs configured.
Cisco-01>
So there is obviuosly no vlans configured...
However:
Cisco-01>Cisco-01>
% Unknown command or computer name, or unable to find computer address
Cisco-01>show ip interface brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0 unassigned YES unset up down
FastEthernet1 unassigned YES unset up down
FastEthernet2 unassigned YES unset up down
FastEthernet3 unassigned YES unset up up
ATM0 unassigned YES NVRAM initializing down
Vlan1 192.168.4.1 YES NVRAM up up
NVI0 unassigned YES unset up up
Vlan10 192.168.1.40 YES NVRAM up down
Cisco-01>
Shows vlan1 and vlan10 interfaces?
But i dont think my router supports vlan creation:
Cisco-01(config)#vlan 2 name sales
^
% Invalid input detected at '^' marker.
Cisco-01(config)#
I read somewhere that the router should be upgraded to support advanced ip management feautures?
Here is the switch config:
Cisco-01#show vlan-switch
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0, Fa1, Fa2, Fa3
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 1002 1003
1002 fddi 101002 1500 - - - - - 1 1003
1003 tr 101003 1500 1005 0 - - srb 1 1002
1004 fdnet 101004 1500 - - 1 ibm - 0 0
1005 trnet 101005 1500 - - 1 ibm - 0 0
Cisco-01#
And my startup-config/running-config:
Cisco-01#show startup-config
Using 1648 out of 131072 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Cisco-01
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$43/2$zZQtcgJWm70slHCuhIMlr1
enable password password
!
no aaa new-model
!
resource policy
!
ip subnet-zero
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.4.1
!
ip dhcp pool DCP_POOL
!
ip dhcp pool DHCP_POOL
import all
network 192.168.4.0 255.255.255.0
default-router 192.168.4.1
!
!
no ip domain lookup
ip domain name serviceassure.test
!
!
!
!
!
!
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
bridge-group 1
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
ip dhcp client update dns
ip address 192.168.4.1 255.255.255.0
ip access-group 100 in
ip access-group 100 out
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
no ip route-cache cef
no ip route-cache
no ip mroute-cache
bridge-group 1
!
interface Vlan10
ip address 192.168.1.40 255.255.255.0
!
router rip
redistribute connected
network 10.0.0.0
network 192.168.1.0
network 192.168.4.0
!
ip classless
!
no ip http server
no ip http secure-server
!
access-list 100 permit icmp any any
access-list 100 permit igmp any any
access-list 100 permit ip any any
access-list 100 permit udp any any
dialer-list 1 protocol ip permit
!
control-plane
!
bridge 1 protocol dec
!
line con 0
no modem enable
line aux 0
line vty 0 4
password password
login
!
scheduler max-task-time 5000
end
Cisco-01#
1) Cisco-01>sh vlans
No Virtual LANs configured.
Cisco-01>
So there is obviuosly no vlans configured...
However:
Cisco-01>Cisco-01>
% Unknown command or computer name, or unable to find computer address
Cisco-01>show ip interface brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0 unassigned YES unset up down
FastEthernet1 unassigned YES unset up down
FastEthernet2 unassigned YES unset up down
FastEthernet3 unassigned YES unset up up
ATM0 unassigned YES NVRAM initializing down
Vlan1 192.168.4.1 YES NVRAM up up
NVI0 unassigned YES unset up up
Vlan10 192.168.1.40 YES NVRAM up down
Cisco-01>
Shows vlan1 and vlan10 interfaces?
But i dont think my router supports vlan creation:
Cisco-01(config)#vlan 2 name sales
^
% Invalid input detected at '^' marker.
Cisco-01(config)#
I read somewhere that the router should be upgraded to support advanced ip management feautures?
Here is the switch config:
Cisco-01#show vlan-switch
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0, Fa1, Fa2, Fa3
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 1002 1003
1002 fddi 101002 1500 - - - - - 1 1003
1003 tr 101003 1500 1005 0 - - srb 1 1002
1004 fdnet 101004 1500 - - 1 ibm - 0 0
1005 trnet 101005 1500 - - 1 ibm - 0 0
Cisco-01#
And my startup-config/running-config:
Cisco-01#show startup-config
Using 1648 out of 131072 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Cisco-01
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$43/2$zZQtcgJWm70slHCuhIMlr1
enable password password
!
no aaa new-model
!
resource policy
!
ip subnet-zero
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.4.1
!
ip dhcp pool DCP_POOL
!
ip dhcp pool DHCP_POOL
import all
network 192.168.4.0 255.255.255.0
default-router 192.168.4.1
!
!
no ip domain lookup
ip domain name serviceassure.test
!
!
!
!
!
!
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
bridge-group 1
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
ip dhcp client update dns
ip address 192.168.4.1 255.255.255.0
ip access-group 100 in
ip access-group 100 out
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
no ip route-cache cef
no ip route-cache
no ip mroute-cache
bridge-group 1
!
interface Vlan10
ip address 192.168.1.40 255.255.255.0
!
router rip
redistribute connected
network 10.0.0.0
network 192.168.1.0
network 192.168.4.0
!
ip classless
!
no ip http server
no ip http secure-server
!
access-list 100 permit icmp any any
access-list 100 permit igmp any any
access-list 100 permit ip any any
access-list 100 permit udp any any
dialer-list 1 protocol ip permit
!
control-plane
!
bridge 1 protocol dec
!
line con 0
no modem enable
line aux 0
line vty 0 4
password password
login
!
scheduler max-task-time 5000
end
Cisco-01#
Update:
I have tested and this seems to confirm that my 877 would need a software upgrade to manage/create multiple vlans.
Cisco-01#vlan database
Cisco-01(vlan)#vlan 2 name test
Vlan can not be added. Maximum number of 1 vlan(s) in the database.
Cisco-01(vlan)#vlan 1 name test
A default VLAN may not have its name changed.
Cisco-01(vlan)#
So I have decided to go with a more simple solution i.e. stick with my current network 192.168.1.0/24 and have the router act as a gateway to the internet.
I have the router in between my pc (192.168.1.x) and the rest of the network. I can ping all of the machines on my network successfully.
I cant seem to ping the router (192.168.1.40) and ping any of the machines from my router...
So Ive cleaned up the router and this is my running config:
Cisco-01#show run
Building configuration...
Current configuration : 1492 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Cisco-01
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$43/2$zZQtcgJWm70slHCuhIMlr1
enable password password
!
no aaa new-model
!
resource policy
!
ip subnet-zero
ip cef
ip dhcp excluded-address 192.168.4.1
!
!
no ip domain lookup
ip domain name serviceassure.test
!
!
!
!
!
!
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
bridge-group 1
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
description test
ip dhcp client update dns
ip address 192.168.1.40 255.255.255.0
ip access-group 100 in
ip access-group 100 out
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
no ip route-cache cef
no ip route-cache
no ip mroute-cache
bridge-group 1
!
router rip
redistribute connected
network 10.0.0.0
network 192.168.1.0
network 192.168.4.0
!
ip classless
!
no ip http server
no ip http secure-server
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 100 permit icmp any any
access-list 100 permit igmp any any
access-list 100 permit ip any any
access-list 100 permit udp any any
dialer-list 1 protocol ip permit
!
control-plane
!
bridge 1 protocol dec
!
line con 0
no modem enable
line aux 0
line vty 0 4
password password
login
!
scheduler max-task-time 5000
end
Cisco-01#
And this is my switchport config:
Cisco-01#show vlan-switch
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0, Fa1, Fa2, Fa3
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 1002 1003
1002 fddi 101002 1500 - - - - - 1 1003
1003 tr 101003 1500 1005 0 - - srb 1 1002
1004 fdnet 101004 1500 - - 1 ibm - 0 0
1005 trnet 101005 1500 - - 1 ibm - 0 0
Cisco-01#
And last but not least my interfaces:
Cisco-01#
Cisco-01#show ip interface brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0 unassigned YES unset up up
FastEthernet1 unassigned YES unset up down
FastEthernet2 unassigned YES unset up down
FastEthernet3 unassigned YES unset up up
ATM0 unassigned YES NVRAM initializing down
Vlan1 192.168.1.40 YES NVRAM up up
NVI0 unassigned YES unset up up
Cisco-01#
I have tested and this seems to confirm that my 877 would need a software upgrade to manage/create multiple vlans.
Cisco-01#vlan database
Cisco-01(vlan)#vlan 2 name test
Vlan can not be added. Maximum number of 1 vlan(s) in the database.
Cisco-01(vlan)#vlan 1 name test
A default VLAN may not have its name changed.
Cisco-01(vlan)#
So I have decided to go with a more simple solution i.e. stick with my current network 192.168.1.0/24 and have the router act as a gateway to the internet.
I have the router in between my pc (192.168.1.x) and the rest of the network. I can ping all of the machines on my network successfully.
I cant seem to ping the router (192.168.1.40) and ping any of the machines from my router...
So Ive cleaned up the router and this is my running config:
Cisco-01#show run
Building configuration...
Current configuration : 1492 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Cisco-01
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$43/2$zZQtcgJWm70slHCuhIMlr1
enable password password
!
no aaa new-model
!
resource policy
!
ip subnet-zero
ip cef
ip dhcp excluded-address 192.168.4.1
!
!
no ip domain lookup
ip domain name serviceassure.test
!
!
!
!
!
!
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
bridge-group 1
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
description test
ip dhcp client update dns
ip address 192.168.1.40 255.255.255.0
ip access-group 100 in
ip access-group 100 out
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
no ip route-cache cef
no ip route-cache
no ip mroute-cache
bridge-group 1
!
router rip
redistribute connected
network 10.0.0.0
network 192.168.1.0
network 192.168.4.0
!
ip classless
!
no ip http server
no ip http secure-server
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 100 permit icmp any any
access-list 100 permit igmp any any
access-list 100 permit ip any any
access-list 100 permit udp any any
dialer-list 1 protocol ip permit
!
control-plane
!
bridge 1 protocol dec
!
line con 0
no modem enable
line aux 0
line vty 0 4
password password
login
!
scheduler max-task-time 5000
end
Cisco-01#
And this is my switchport config:
Cisco-01#show vlan-switch
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0, Fa1, Fa2, Fa3
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 1002 1003
1002 fddi 101002 1500 - - - - - 1 1003
1003 tr 101003 1500 1005 0 - - srb 1 1002
1004 fdnet 101004 1500 - - 1 ibm - 0 0
1005 trnet 101005 1500 - - 1 ibm - 0 0
Cisco-01#
And last but not least my interfaces:
Cisco-01#
Cisco-01#show ip interface brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0 unassigned YES unset up up
FastEthernet1 unassigned YES unset up down
FastEthernet2 unassigned YES unset up down
FastEthernet3 unassigned YES unset up up
ATM0 unassigned YES NVRAM initializing down
Vlan1 192.168.1.40 YES NVRAM up up
NVI0 unassigned YES unset up up
Cisco-01#
Update: I can now ping from the router-pc and vice versa.
All I added was the following:
Cisco-01(config)#interface vlan1
Cisco-01(config-if)#ip address 192.168.1.40 255.255.255.0
Cisco-01(config-if)#ip virtual-reassembly
Cisco-01(config-if)#ip tcp adjust-mss 1452
Cisco-01(config-if)#no shutdown
Cisco-01(config-if)#exit
Seems the tcp mss and ip virtual-reassembly were required.
Next: Can anyone help with creating a PPPoE connection using one of the fast ethernet ports? I already have a modem on the 192.168.1.0 network.
All I added was the following:
Cisco-01(config)#interface vlan1
Cisco-01(config-if)#ip address 192.168.1.40 255.255.255.0
Cisco-01(config-if)#ip virtual-reassembly
Cisco-01(config-if)#ip tcp adjust-mss 1452
Cisco-01(config-if)#no shutdown
Cisco-01(config-if)#exit
Seems the tcp mss and ip virtual-reassembly were required.
Next: Can anyone help with creating a PPPoE connection using one of the fast ethernet ports? I already have a modem on the 192.168.1.0 network.
Update: Got the PPPoE connection going and receive an ip address. But I cant ping any WAN address?
Here is my running config:
Cisco-01#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
Cisco-01#
Cisco-01#ping 165.146.57.52
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 165.146.57.52, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
Cisco-01#
Cisco-01#sh run
Building configuration...
Current configuration : 2230 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Cisco-01
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$43/2$zZQtcgJWm70slHCuhIMlr1
enable password password
!
no aaa new-model
!
resource policy
!
ip subnet-zero
ip cef
ip dhcp excluded-address 192.168.4.1
!
!
ip tcp mss 1452
no ip domain lookup
ip domain name serviceassure.test
vpdn enable
!
!
!
!
!
!
!
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
bridge-group 1
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
pppoe enable group global
pppoe-client dial-pool-number 1
spanning-tree portfast
!
interface Vlan1
ip address 192.168.1.40 255.255.255.0
ip access-group 1 in
ip access-group 1 out
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
no ip route-cache cef
no ip route-cache
ip tcp adjust-mss 1452
no ip mroute-cache
pppoe enable
pppoe-client dial-pool-number 1
!
interface Vlan2
ip address 192.168.4.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
no ip route-cache cef
no ip route-cache
ip tcp adjust-mss 1452
!
interface Dialer0
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
no ip route-cache cef
no ip route-cache
dialer pool 1
dialer-group 1
ppp pap sent-username XXXX password 0 XXXX
ppp ipcp route default
ppp ipcp address accept
!
router rip
redistribute connected
network 10.0.0.0
network 192.168.1.0
network 192.168.4.0
!
ip classless
!
no ip http server
no ip http secure-server
ip nat pool pool1 192.168.1.0 192.168.1.255 netmask 255.255.255.0
ip nat inside source list 1 interface Dialer0 overload
!
access-list 1 permit any
access-list 100 permit icmp any any
access-list 100 permit igmp any any
access-list 100 permit ip any any
access-list 100 permit udp any any
dialer-list 1 protocol ip permit
!
control-plane
!
bridge 1 protocol dec
!
line con 0
no modem enable
line aux 0
line vty 0 4
password password
login
!
scheduler max-task-time 5000
end
Cisco-01#
Any pointers?
Here is my running config:
Cisco-01#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
Cisco-01#
Cisco-01#ping 165.146.57.52
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 165.146.57.52, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
Cisco-01#
Cisco-01#sh run
Building configuration...
Current configuration : 2230 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Cisco-01
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$43/2$zZQtcgJWm70slHCuhIMlr1
enable password password
!
no aaa new-model
!
resource policy
!
ip subnet-zero
ip cef
ip dhcp excluded-address 192.168.4.1
!
!
ip tcp mss 1452
no ip domain lookup
ip domain name serviceassure.test
vpdn enable
!
!
!
!
!
!
!
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
bridge-group 1
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
pppoe enable group global
pppoe-client dial-pool-number 1
spanning-tree portfast
!
interface Vlan1
ip address 192.168.1.40 255.255.255.0
ip access-group 1 in
ip access-group 1 out
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
no ip route-cache cef
no ip route-cache
ip tcp adjust-mss 1452
no ip mroute-cache
pppoe enable
pppoe-client dial-pool-number 1
!
interface Vlan2
ip address 192.168.4.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
no ip route-cache cef
no ip route-cache
ip tcp adjust-mss 1452
!
interface Dialer0
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
no ip route-cache cef
no ip route-cache
dialer pool 1
dialer-group 1
ppp pap sent-username XXXX password 0 XXXX
ppp ipcp route default
ppp ipcp address accept
!
router rip
redistribute connected
network 10.0.0.0
network 192.168.1.0
network 192.168.4.0
!
ip classless
!
no ip http server
no ip http secure-server
ip nat pool pool1 192.168.1.0 192.168.1.255 netmask 255.255.255.0
ip nat inside source list 1 interface Dialer0 overload
!
access-list 1 permit any
access-list 100 permit icmp any any
access-list 100 permit igmp any any
access-list 100 permit ip any any
access-list 100 permit udp any any
dialer-list 1 protocol ip permit
!
control-plane
!
bridge 1 protocol dec
!
line con 0
no modem enable
line aux 0
line vty 0 4
password password
login
!
scheduler max-task-time 5000
end
Cisco-01#
Any pointers?
Roman4604
Executive Member
Nope, that wont help you, the number of switch Vlans is controlled in hardware & software;
877 running Adv IP Sevices = 4 switch Vlans
877 running Adv Security = 2 switch Vlans
857 running Adv Security = 1 switch Vlan (no other 857 software)
I believe you actually have an 857 not an 877 (they look identical).
I dont think this configuration is possible on an 857 due to the Vlan restriction. Won't work with routed Lan interface (inf Vlan1) and the PPPoE interface (on inf Fa3 but in Vlan1) being on the same switched Vlan.
Are you not using the router to connect to ADSL? If yes, why not use the built-in ADSL (inf ATM0)?
My router reports itself as being a 877:
Cisco-01#sh version
Cisco IOS Software, C870 Software (C870-ADVSECURITYK9-M), Version 12.4(4)T1, RELEASE SOFTWARE (fc4)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2005 by Cisco Systems, Inc.
Compiled Thu 22-Dec-05 03:09 by ccai
ROM: System Bootstrap, Version 12.3(8r)YI2, RELEASE SOFTWARE
Cisco-01 uptime is 1 day, 27 minutes
System returned to ROM by reload
System image file is "flash:c870-advsecurityk9-mz.124-4.T1.bin"
Last reload reason: Reload Command
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
Cisco 877 (MPC8272) processor (revision 0x200) with 118784K/12288K bytes of memory.
Processor board ID FCZ09522295
MPC8272 CPU Rev: Part Number 0xC, Mask Number 0x10
4 FastEthernet interfaces
1 ATM interface
128K bytes of non-volatile configuration memory.
24576K bytes of processor board System flash (Intel Strataflash)
Configuration register is 0x2102
Cisco-01#
And I have managed to negotiate a PPPoE connection and receive back an IP from my ISP:
Cisco-01#sh ip interface brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0 unassigned YES unset up up
FastEthernet1 unassigned YES unset up down
FastEthernet2 unassigned YES unset up down
FastEthernet3 unassigned YES unset up up
ATM0 unassigned YES NVRAM initializing down
Vlan1 192.168.1.40 YES manual up up
NVI0 unassigned YES unset up up
Virtual-Access1 unassigned YES unset up up
Dialer0 165.146.184.112 YES IPCP up up
Vlan2 192.168.4.1 YES manual up down
Cisco-01#
The reason I dont want to make use of the modem on the 877:
I already have a network 192.168.1.0/24 with a router+modem and dont want to disrupt this network. I am setting up a test network which I will use the 877 as the router.
Roman4604
Executive Member
Would seem so, but very strange, have never come across an 877 (with Adv Sec - K9) that didnt allow a 2nd Vlan. Ver 12.4(4)T1 aint that old either.
All I can think is maybe the vlan db file is a bit messed up, try removing and reloading;
rm flash:vlan.dat
Thanx... Will try that!
Any idea as to why I cant ping a WAN address(from router)?
Did a "traceroute 165.146.57.52" and I get a first hop of 165.146.184.1
and nothing thereafter...
Roman4604
Executive Member
Eureka got this fixed...
I used another ADSL account and pinged google successfully!
I couldnt ping www.google.com but could ping the address 74.125.79.147.
Guess there is some DNS issue to be resolved next.
Btw tried rm flash:vlan.dat but got told there is no such file...
Roman4604
Executive Member
Eureka got this fixed...
I used another ADSL account and pinged google successfully!
I couldnt ping www.google.com but could ping the address 74.125.79.147
Again, should be working, 'ppp ipcp dns request' should seed your router with Telkom's DNS servers?
BTW are you pinging from the router CLI or an attached PC?
Then I can only think its a bit of a dodgy image ... try upgrading to a later one.