Cisco 877W router and external ADSL modem

Cisco 877W router and external ADSL modem
In order to support ADSL2+ on a pre ADSL2+ router and in preparation for a later migration to BT infinity I am trying to configure the Router using an external adsl2+ modem appropriately.
The original configuration had 3 ports configured as one (internal lan) vlan and bridge group together with one wireless sub-interface, the remaining port configured a second vlan and bridge group with a second wireless sub- interface. The Dialer was a member of the second bridge group. This way the second wireless interface and associated bridge group provided a kind of DMZ for outbound access.
The configuration I am attempting is similar the lan ports remain the same, but port 0 as a member of the vlan and bridge group (now a pppoe client) associated with one of the wireless sub interfaces as per above. The ATM interface is downed. This nearly works except that if the wireless subinterface on this bridge group is configured the dialer no longer dials giving a 'no dialer string' error. If I do not configure that wireless sub interface all works well.
If anyone is interested to look I would appreciate any comments. I enclose a sanitised config in which you will note the 'commented out' wireless subnet interface (in red).
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
hostname xxxxxxxxxxxxxxxxxxxxx
boot-start-marker
boot-end-marker
logging buffered 4096 warnings
enable secret 5 xxxxxxxxxxxxxxxxxxxxxxxxxxxx
aaa new-model
aaa group server radius sdm-vpn-server-group-2
aaa group server radius rad_eap
 server 192.168.253.1 auth-port 1812 acct-port 1813
 server 192.168.253.1 auth-port 1645 acct-port 1646
aaa group server radius rad_mac
aaa group server radius rad_acct
aaa group server radius rad_admin
aaa group server tacacs+ tac_admin
aaa group server radius rad_pmip
aaa group server radius dummy
aaa authentication login default local
aaa authentication login sdm_vpn_xauth_ml_2 group sdm-vpn-server-group-2
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization exec default local
aaa authorization ipmobile default group rad_pmip
aaa authorization network sdm_vpn_group_ml_2 local
aaa accounting network acct_methods start-stop group rad_acct
aaa session-id common
clock timezone PCTime 0
clock summer-time PCTime date Mar 30 2003 1:00 Oct 26 2003 2:00
crypto pki trustpoint TP-self-signed-2834265337
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-2834265337
 revocation-check none
 rsakeypair TP-self-signed-2834265337
crypto pki certificate chain TP-self-signed-2834265337
 certificate self-signed 01 nvram:IOS-Self-Sig#2F.cer
dot11 syslog
dot11 ssid GuestAP
   vlan 101
   authentication open
   authentication key-management wpa
   mbssid guest-mode
   wpa-psk ascii 7 113B162712001F4A2D2B25
dot11 ssid LanAP
   vlan 100
   authentication open eap eap_methods
   authentication network-eap eap_methods
   authentication key-management wpa
   mbssid guest-mode
no ip source-route
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 192.168.252.1 192.168.252.8
ip dhcp excluded-address 192.168.252.15 192.168.252.254
ip dhcp pool sdm-pool1
   import all
   network 192.168.252.0 255.255.255.0
   domain-name XXX.Local
   dns-server xxx.xxx.xxx.xxx
   default-router 192.168.252.254
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
no ip bootp server
no ip domain lookup
ip domain name XXX.Local
ip name-server xxx.xxx.xxx.xxx
ip name-server xxx.xxx.xxx.xxx
ip reflexive-list timeout 120
vpdn enable
vpdn-group 1
 request-dialin
  protocol pppoe
username administrator privilege 15 secret 5 £££££££££££££££££££££
class-map type inspect match-any IN_to_OUT_CLASS
 match protocol tcp
 match protocol udp
 match protocol icmp
class-map type inspect match-any OUT_to_IN_CLASS
 match protocol https
 match protocol smtp extended
class-map type inspect match-any DMZ_to_IN_CLASS
 match protocol http
 match protocol https
 match protocol smtp extended
policy-map type inspect DMZ_to_IN_POL
 class type inspect DMZ_to_IN_CLASS
  inspect
 class class-default
  drop log
policy-map type inspect IN_to_OUT_POL
 class type inspect IN_to_OUT_CLASS
  inspect
 class class-default
  drop log
policy-map type inspect OUT_to_IN_POL
 class type inspect OUT_to_IN_CLASS
  inspect
 class class-default
  drop log
zone security INSIDE
zone security OUTSIDE
zone security DMZ
zone-pair security OUT_TO_IN source OUTSIDE destination INSIDE
 service-policy type inspect OUT_to_IN_POL
zone-pair security IN_TO_OUT source INSIDE destination OUTSIDE
 service-policy type inspect IN_to_OUT_POL
zone-pair security DMZ_TO_OUT source DMZ destination OUTSIDE
 service-policy type inspect IN_to_OUT_POL
zone-pair security DMZ_TO_IN source DMZ destination INSIDE
 service-policy type inspect DMZ_to_IN_POL
bridge irb
interface Loopback0
 no ip address
interface Null0
 no ip unreachables
interface ATM0
 no ip address
 shutdown
 no atm ilmi-keepalive
 dsl operating-mode auto
interface FastEthernet0
 description Outside Interface (PPPoE)
interface FastEthernet1
 description Inside Interface
 switchport access vlan 10
interface FastEthernet2
 description Inside Interface
 switchport access vlan 10
 spanning-tree portfast
interface FastEthernet3
 description Inside Interface
 switchport access vlan 10
 spanning-tree portfast
interface Dot11Radio0
 no ip address
 no ip route-cache cef
 no ip route-cache
 encryption vlan 100 mode ciphers aes-ccm tkip
 encryption vlan 101 mode ciphers aes-ccm tkip
 ssid GuestAP
 ssid LanAP
 mbssid
 speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
 channel 2437
 station-role root
interface Dot11Radio0.100
 description LanAP
 encapsulation dot1Q 100
 no ip route-cache
 no cdp enable
 bridge-group 10
 bridge-group 10 subscriber-loop-control
 bridge-group 10 spanning-disabled
 bridge-group 10 block-unknown-source
 no bridge-group 10 source-learning
 no bridge-group 10 unicast-flooding
!interface Dot11Radio0.101
! description GuestAP
! encapsulation dot1Q 101
! no ip route-cache
! no cdp enable
! bridge-group 1
! bridge-group 1 subscriber-loop-control
! bridge-group 1 spanning-disabled
! bridge-group 1 block-unknown-source
! no bridge-group 1 source-learning
! no bridge-group 1 unicast-flooding
interface Vlan1
 description $ES_LAN$
 no ip address
 ip virtual-reassembly
 pppoe enable group global
 pppoe-client dial-pool-number 1
 bridge-group 1
interface Vlan10
 no ip address
 ip virtual-reassembly
 bridge-group 10
interface Dialer1
 description $FW_OUTSIDE$
 ip address negotiated
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip mtu 1452
 ip nat outside
 ip virtual-reassembly
 zone-member security OUTSIDE
 encapsulation ppp
 ip route-cache flow
 dialer pool 1
 dialer-group 1
 ppp authentication chap pap callin
 ppp chap hostname XXXXXXX
 ppp chap password 7 xxxxxxxxxxxxxxxxxxx
 ppp pap sent-username xxxxxxxxxxxxxxxxxx password 7 xxxxxxxxxxxxxxxxxxxxx
 ppp ipcp dns request
 ppp ipcp wins request
 hold-queue 224 in
interface Dialer0
 no ip address
interface BVI10
 description Inside Interface
 ip address 192.168.253.254 255.255.255.0
 ip access-group 101 in
 ip helper-address 192.168.253.1
 ip nat inside
 ip virtual-reassembly
 zone-member security INSIDE
interface BVI1
 description DMZ Interface
 ip address 192.168.252.254 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 zone-member security DMZ
ip local pool SDM_POOL_1 192.168.20.9 192.168.20.14
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1
ip http server
ip http access-class 1
ip http authentication local
ip http secure-server
ip http timeout-policy idle 600 life 86400 requests 10000
ip nat inside source list Inside_Clients_NAT interface Dialer1 overload
ip nat inside source static 192.168.253.10 xxx.xxx.xxx.xxx
ip access-list extended DMZ_to_IN_POL
 remark SDM_ACL Category=128
 permit ip any any
ip access-list extended Inside_Clients_NAT
 remark SDM_ACL Category=2
 permit ip 192.168.253.0 0.0.0.255 any
logging 192.168.253.10
access-list 1 remark Auto generated by SDM Management Access feature
access-list 1 remark SDM_ACL Category=1
access-list 1 permit 192.168.253.0 0.0.0.255
access-list 100 remark VTY Access-class list
access-list 100 remark SDM_ACL Category=1
access-list 100 permit ip 192.168.253.0 0.0.0.255 any
access-list 100 deny   ip any any
access-list 101 remark Auto generated by SDM Management Access feature
access-list 101 remark SDM_ACL Category=1
access-list 101 remark Auto generated by SDM for NTP (123) xxx.xxx.xxx.xxx
access-list 101 permit udp host xxx.xxx.xxx.xxx eq ntp host 192.168.253.254 eq ntp
access-list 101 permit tcp 192.168.253.0 0.0.0.255 host 192.168.253.254 eq telnet
access-list 101 permit tcp 192.168.253.0 0.0.0.255 host 192.168.253.254 eq 22
access-list 101 permit tcp 192.168.253.0 0.0.0.255 host 192.168.253.254 eq www
access-list 101 permit tcp 192.168.253.0 0.0.0.255 host 192.168.253.254 eq 443
access-list 101 permit tcp 192.168.253.0 0.0.0.255 host 192.168.253.254 eq cmd
access-list 101 deny   tcp any host 192.168.253.254 eq telnet
access-list 101 deny   tcp any host 192.168.253.254 eq 22
access-list 101 deny   tcp any host 192.168.253.254 eq www
access-list 101 deny   tcp any host 192.168.253.254 eq 443
access-list 101 deny   tcp any host 192.168.253.254 eq cmd
access-list 101 deny   udp any host 192.168.253.254 eq snmp
access-list 101 permit ip any any
access-list 199 permit ip any host 10.1.1.1
dialer-list 1 protocol ip permit
no cdp run
radius-server attribute 32 include-in-access-req format %h
radius-server host 192.168.253.1 auth-port 1812 acct-port 1813 key 7 XXXXXXXXXXXXXXXXXX
radius-server host 192.168.253.1 auth-port 1645 acct-port 1646 key 7 XXXXXXXXXXXXXXXXXX
radius-server vsa send accounting
control-plane
bridge 1 protocol ieee
bridge 1 route ip
bridge 10 protocol ieee
bridge 10 route ip
banner login C Border Router
line con 0
 no modem enable
 transport output telnet
line aux 0
 transport output telnet
line vty 0 4
 access-class 100 in
 privilege level 15
 length 0
 transport input telnet ssh
scheduler max-task-time 5000
scheduler interval 500
ntp server xxx.xxx.xxx.xxx source Dialer0 prefer
ntp server xxx.xxx.xxx.xxx source Dialer0 prefer
sntp server xxx.xxx.xxx.xxx
end

Hi Jody,
Apologies delay in replying. I have done the following:
Made two of the FE ports vlan1,BVI1 (for LAN traffic)
Left one port as VLAN10 as the pppoe client conected to the externalmodem
Made the last port VLAN10 as well and gave it an IP addess as for a DMZ client.
I have DHCP configured to serve the DMZ  addresses.
This all works for LAN clients and also works for a client attachedto that physical DMZ port.
When I added a dot11radio sub interface into VLAN 10 the wireless client did not get an IP lease. Everything else continued to work.
I had never thought about this before, but if a dot11radio interface is on the same vlan (but not being part ofa bridge group) why are DHCP broadcasts not propogating to all the vlan members as I would have expected. I recognise that this isa limit in my understanding.
If I then made VLAN10 a member of a new Bridge Group, I lost WAN connectivity as per original posting.
I cannot add another VLAN due to the 2 vlan limit in this image.
Finally regarding your comment about giving it what it wants, what exactly did you have in mind. The dialer already has a dial string parameters configured.
Think I am about to give upon this.
Regards,

Similar Messages

  • Cisco 2811 Router with 3 ADSL card and load balancing

    Dear All,
    I have few queries:
    1. Does Cisco 2811 Router support 3 ADSL card?
    2. We are the ISP. I want to do load balancing with 3 dsl
    line on Cisco 2811 Router.
    Please send me the linke for this configuration.
    Thanks/Regards
    Atul

    hi
    In 2811 you have 4 HWIC and 1 NME you can install 1-port ADSL WAN Interface Cardon the HWIC slots.
    Also just enable 3 default (equal cost) routes towards the interfaces which will take care of the load balancing.
    if you need more info and inputs do post out with ur requirements along with network topology in place at present..
    regds

  • Still trying to configure a Cisco 877W router

    Hi,
    I am still unable to configure my Cisco 877W router for use on a B.T. ADSL phone line.
    I can log in to the router which starts up the SDM Express. I then select the wizard and get as far as filling in the DHCP server configuration.
    When I then press next it does not go to the next step, it just stays on the DHCP config screen. I am now using a Windows XP machine to configure the router  as someone suggested, but it continues to halt at the same place.
    Can anyone help please,
    Thanks.
    Dave.

    Hi. You may check out the topics in this link instead.

  • Cant "see" external ADSL modem [D-link model DSL-500B]

    Hi guys!
    Im here in poor Brazil, and I just bought a new DSL-500B external ADSL modem, and I can make this machine turn to router, to stop login every time I turn on the computer.
    The manual says that the IP is 192.168.254.254, but Firefox and Safari cant "see"... I ping, and cant find... I tracerout to a google site and the modem dont appear, its invisible!
    Im properly conected on web... But I have this little problem...
    I dont know what to do...
    Please good people, help me!
    Thanks,
    Daniel
    Brazil
    iMac   Mac OS X (10.3.9)  

    Nothing, mate...
    Firefox can't establish a connection to the server at 192.168.1.1.
    * The site could be temporarily unavailable or too busy. Try again in a few moments.
    * If you are unable to load any pages, check your computer's network connection.
    * If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web.

  • Has anyone enabled time machine using a linksys router and external hard drive? And if so how?

    Has anyone enabled time machine using a link sys router and external hard drive? And if so how?  I have a Linksys E4200 wireless router with a usb port on it.  I also have a Western Digital Elements 1TB external hard drive.  I would like to be able to use this hard drive with time machine.  Has anyone done so and if so how can I do so?

    You might get some responses, but we don't see many Linksys users on an Apple forum so it may be awhile before you see an answer.
    It might be useful to point out that Apple does not even support Time Machine backups to the USB port on their own AirPort Extreme wireless router, so we may be heading down a very slippery slope here.
    I've tried Time Machine backups on an AirPort Extreme router a number of times in the past. It's just not reliable. Works for awhile, then has corruption problems. Or has corruption issues immediately. I once went a month or so and thought I had it nailed, then got smacked with a corrupted set of backups again.
    But, I guess you never know. It might work on the Linksys. If you decide to try this, I would suggest that you have another backup plan in place for your important data.
    Hope that some Linksys users will respond so we can all learn.

  • Can I format the CF in a cisco 1800 router and then use it on the ASA 5520?

    Can I format Compact Flash in a cisco 1800 router and then use it on the ASA 5520?

    You don't have to format the card in the router. You can do that on your PC. Just format the CF-card as FAT32 and plug it into the ASA.
    BUT: If you just want to "upgrade" the old card with a different one, then first attach the original card from the ASA to your PC and copy all files (including the hidden ones) to your PC and then copy them back to the new card. That way you also move your licenses to the new card which are stored in hidden files and your private data like keys.

  • Configuring wireless on cisco 877w router

    Hi all
    I have a Cisco 877W wireless/ADSL router and having great difficulty with configuring wireless on this router. Here is a quick summary.
    1. The ADSL is configured to obtain public IP from the ISP
    2. Default interface vlan 1 is configured with an IP address
    3. I went into vlan database, tried to configure multi vlans and the router prompted me that it can only have max 2 vlans. Hence what's the use of up to 16 different SSID using wireless?
    4. I've setup DHCP scope on the router to give out IP address to clients (both wireless and wired)
    5. I'm able to configure WPA-PSK on the router and was able to connect wirelessly to the router but I won't be able to obtain an IP address from the router
    6. There are two scenarios that I'd like to do:
    A. Setup wireless to connect to the same subnet as what's on vlan1
    B. Setup wireless to connect to a different subnet to vlan1
    For the life of me, I could not find docs on Cisco web site that shows me how to exactly this. I found some documents that use interface F0 as a trunk port and treat the interface Dot11Radio0 with sub-interfaces. I don't connect this router to a switch (standalone router) so how can I do this? Please point me to some docs.
    Thanks in advance for your help.

    My configuration works for wireless no authentication, but failed for WPA-PSK:
    ip dhcp excluded-address 172.16.250.1
    ip dhcp pool TEST
    import all
    network 172.16.250.0 255.255.255.0
    default-router 172.16.250.1
    bridge irb
    interface FastEthernet4
    description $ES_WAN$
    ip address dhcp client-id FastEthernet4
    ip nat outside
    ip virtual-reassembly
    duplex auto
    speed auto
    interface Dot11Radio0
    no ip address
    ssid 111
    vlan 1
    authentication open
    authentication key-management wpa
    wpa-psk ascii 0 Cisco1234
    speed basic-1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
    station-role root
    interface Dot11Radio0.1
    encapsulation dot1Q 1 native
    no cdp enable
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 spanning-disabled
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    interface Vlan1
    no ip address
    bridge-group 1
    bridge-group 1 spanning-disabled
    interface BVI1
    ip address 172.16.250.1 255.255.255.0
    ip nat inside
    ip virtual-reassembly
    After I configured the same wpa-psk key on the XP computer using windows zero configuration and tried to connect to the wireless work, I got the following errors on the router:
    *Mar 1 03:00:51.623: *** Not encrypted dot1x packet from 000c.f123.25cf has been discarded
    *Mar 1 03:00:52.623: %DOT11-7-AUTH_FAILED: Station 000c.f123.25cf Authentication failed
    What could be wrong? Thanks!

  • I am unable to browse internet from my cisco 881 router and configuration is below could any one help me in this regard

    HOME#sho run
    Building configuration...
    Current configuration : 5657 bytes
    ! Last configuration change at 10:51:11 UTC Fri May 17 2013 by admin
    version 15.0
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    hostname HOME
    boot-start-marker
    boot-end-marker
    logging buffered 51200 warnings
    enable secret 5 $1$bgx9$VrtQW3Wg182VyYhKAHLbN.
    no aaa new-model
    memory-size iomem 10
    crypto pki trustpoint TP-self-signed-1190003239
    enrollment selfsigned
    subject-name cn=IOS-Self-Signed-Certificate-1190003239
    revocation-check none
    rsakeypair TP-self-signed-1190003239
    crypto pki certificate chain TP-self-signed-1190003239
    certificate self-signed 01
      3082024A 308201B3 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
      31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
      69666963 6174652D 31313930 30303332 3339301E 170D3133 30353137 31303333
      35315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
      4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 31393030
      30333233 3930819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
      8100C002 80BBF151 E095E469 AA7DBB18 2A9E3CC2 4AC223F6 ABE0AF49 876C1203
      65D0E246 786F174D E5B7897A 44C5755A 2571E58A 184A6C62 DD992A2A D8A24878
      25A8D3C3 03F5D3C2 522EC8BB 302B0CCD 2945087A 7AF01418 D0056679 6F64DB4A
      BE2D5DA1 106CD03A 83B422A2 3CCBAE88 F2413123 12269390 6949DFE0 411118E7
      8F210203 010001A3 72307030 0F060355 1D130101 FF040530 030101FF 301D0603
      551D1104 16301482 12484F4D 452E7777 772E7961 686F6F2E 636F6D30 1F060355
      1D230418 30168014 3D2D854D 1203F50D 77F4ABC5 B61CEAF6 C922F4DF 301D0603
      551D0E04 1604143D 2D854D12 03F50D77 F4ABC5B6 1CEAF6C9 22F4DF30 0D06092A
      864886F7 0D010104 05000381 8100B24C 48BACACE 87ADEA03 386F2045 CC89624A
      4EB1AD09 062EB2A4 CF4C96CA 0B2CF001 BD2C3804 8DC47FED 6A5B5F0D 3965AC6E
      4FC4682F 707E4132 8F27C083 C7FAE1BD 21D055E6 C79D5DAD 051B6321 D35DB4F2
      044E6BBD DAD08B6A 6ED87C7E 08F4F7E1 4EFDFB6F 867AF6FA 84165CFC D219D56F
      A82EABD4 AD9CFA24 A5088145 E571
            quit
    ip source-route
    ip routing protocol purge interface
    ip dhcp excluded-address 10.10.10.1
    ip dhcp pool ccp-pool
       import all
       network 10.10.10.0 255.255.255.248
       default-router 10.10.10.1
       domain-name www.google.com
       dns-server 192.168.1.1
       lease 0 2
    ip cef
    ip domain name www.yahoo.com
    ip name-server 84.235.6.55
    ip name-server 84.235.57.230
    no ipv6 cef
    multilink bundle-name authenticated
    license udi pid CISCO881-SEC-K9 sn FCZ1516933C
    username admin privilege 15 password 0 cisco
    interface FastEthernet0
    interface FastEthernet1
    interface FastEthernet2
    interface FastEthernet3
    interface FastEthernet4
    ip address dhcp
    ip access-group 101 in
    ip nat outside
    ip virtual-reassembly
    duplex auto
    speed auto
    interface Vlan1
    description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
    ip address 10.10.10.1 255.255.255.0
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    ip nat inside
    ip nat enable
    ip virtual-reassembly
    ip tcp adjust-mss 1452
    interface Vlan2
    no ip address
    ip nat inside
    ip virtual-reassembly
    ip default-gateway 192.168.1.1
    ip forward-protocol nd
    ip http server
    ip http access-class 23
    ip http authentication local
    ip http secure-server
    ip http timeout-policy idle 60 life 86400 requests 10000
    ip nat inside source list 101 interface FastEthernet4 overload
    ip route 0.0.0.0 0.0.0.0 FastEthernet4
    access-list 23 permit 10.10.10.0 0.0.0.7
    access-list 101 permit ip any any
    dialer-list 1 protocol ip permit
    no cdp run
    control-plane
    banner exec ^C
    % Password expiration warning.
    Cisco Configuration Professional (Cisco CP) is installed on this device
    and it provides the default username "cisco" for  one-time use. If you have
    already used the username "cisco" to login to the router and your IOS image
    supports the "one-time" user option, then this username has already expired.
    You will not be able to login to the router with this username after you exit
    this session.
    It is strongly suggested that you create a new username with a privilege level
    of 15 using the following command.
    username <myuser> privilege 15 secret 0 <mypassword>
    Replace <myuser> and <mypassword> with the username and password you
    want to use.
    ^C
    banner login ^C
    Cisco Configuration Professional (Cisco CP) is installed on this device.
    This feature requires the one-time use of the username "cisco" with the
    password "cisco". These default credentials have a privilege level of 15.
    YOU MUST USE CISCO CP or the CISCO IOS CLI TO CHANGE THESE
    PUBLICLY-KNOWN CREDENTIALS
    Here are the Cisco IOS commands.
    username <myuser>  privilege 15 secret 0 <mypassword>
    no username cisco
    Replace <myuser> and <mypassword> with the username and password you want
    to use.
    IF YOU DO NOT CHANGE THE PUBLICLY-KNOWN CREDENTIALS, YOU WILL
    NOT BE ABLE TO LOG INTO THE DEVICE AGAIN AFTER YOU HAVE LOGGED OFF.
    For more information about Cisco CP please follow the instructions in the
    QUICK START GUIDE for your router or go to http://www.cisco.com/go/ciscocp
    ^C
    banner motd ^Cuthorized ^C
    line con 0
    login local
    no modem enable
    line aux 0
    line vty 0 4
    access-class 23 in
    privilege level 15
    password cisco
    logging synchronous
    login local
    transport input telnet ssh
    scheduler max-task-time 5000
    end

    HOME#ping 4.2.2.2
    Type escape sequence to abort.
    Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:
    Success rate is 0 percent (0/5)
    HOME#sh ip int br
    Interface                  IP-Address      OK? Method Status                Protocol
    FastEthernet0              unassigned      YES unset  down                  down
    FastEthernet1              unassigned      YES unset  down                  down
    FastEthernet2              unassigned      YES unset  down                  down
    FastEthernet3              unassigned      YES unset  down                  down
    FastEthernet4              192.168.1.120   YES DHCP   up                    up 
    NVI0                       10.10.10.1      YES unset  up                    up 
    Vlan1                      10.10.10.1      YES NVRAM  down                  down
    Vlan2                      unassigned      YES NVRAM  down                  down
    HOME#
    fast ethernet is connected to my internet connection

  • Problem with Cisco 861W router and outgoing VPN

    We have a Cisco 861W router that is blocking an outgoing PPTP on the internal access point only. The outgoing VPN works when the traffic is through a wired connection or the connection is on another access point. We fail to make a connection only when connection to the 861W's internal Access Point.
    Here is the Access Point Configuration:
    Current configuration : 2100 bytes
    version 12.4
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    hostname obap
    enable secret 5 $1$.1RF$go1D7WITXUn3s8TUaw3tC.
    no aaa new-model
    dot11 syslog
    dot11 ssid OLIVER
       authentication open
       authentication key-management wpa
       guest-mode
       wpa-psk ascii 0 XXXXXXXXXXX
    username XXXXXX privilege 15 secret 5 $1$Wc0K$OzcQDDQfjHP6La31eXMoG/
    bridge irb
    interface Dot11Radio0
    no ip address
    no ip route-cache
    encryption mode ciphers aes-ccm tkip
    ssid OLIVER
    antenna gain 0
    station-role root
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    bridge-group 1 spanning-disabled
    interface GigabitEthernet0
    description the embedded AP GigabitEthernet 0 is an internal interface connecti
    ng AP with the host router
    no ip address
    no ip route-cache
    bridge-group 1
    no bridge-group 1 source-learning
    bridge-group 1 spanning-disabled
    interface BVI1
    ip address 192.168.0.2 255.255.255.0
    no ip route-cache
    ip http server
    no ip http secure-server
    ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
    bridge 1 route ip
    banner login ^CC
    % Password change notice.
    Default username/password setup on AP is cisco/cisco with priv¾ilege level 15.
    It is strongly suggested that you create a new username with privilege level
    15 using the following command for console security.
    username <myuser> privilege 15 secret 0 <mypassword>
    no username cisco
    Replace <myuser> and <mypassword> with the username and password you want to
    use. After you change your username/password you can turn off this message
    by configuring  "no banner login" and "no banner exec" in privileged mode.
    ^C
    line con 0
    privilege level 15
    login local
    no activation-character
    line vty 0 4
    login local
    cns dhcp
    end
    obap#
    Here is the Router's Configuration:
    Current configuration : 5908 bytes
    ! No configuration change since last restart
    version 15.0
    no service pad
    service tcp-keepalives-in
    service tcp-keepalives-out
    service timestamps debug datetime msec localtime show-timezone
    service timestamps log datetime msec localtime show-timezone
    service password-encryption
    service sequence-numbers
    hostname obrouter
    boot-start-marker
    boot-end-marker
    logging buffered 51200
    logging console critical
    enable secret 5 $1$i9XE$DjxFVAEC9nC4/r6EQKCd6/
    no aaa new-model
    memory-size iomem 10
    clock timezone PCTime -5
    clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
    crypto pki trustpoint TP-self-signed-1856757619
    enrollment selfsigned
    subject-name cn=IOS-Self-Signed-Certificate-1856757619
    revocation-check none
    rsakeypair TP-self-signed-1856757619
    crypto pki certificate chain TP-self-signed-1856757619
    certificate self-signed 01
      3082024D 308201B6 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
      31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
      69666963 6174652D 31383536 37353736 3139301E 170D3036 30313032 31323030
      34345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
      4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 38353637
      35373631 3930819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
      8100B1A4 FB786547 3D582260 03DB768D 116BDE9A 309FBA04 B53F77B0 BFE32344
      7C3439B3 97192B36 760A9411 1D5C7549 8D86F532 ABA44F53 0D08B7F4 A9A747D5
      071330C3 65BF25A8 927F3596 29BB5A80 90C8D169 22268476 3B8DDE1E FDB7170D
      B4820D03 5580A849 A92C7E76 9AC10867 505A2FEE 64360741 7F9DBDBF 3D79982C
      F81D0203 010001A3 75307330 0F060355 1D130101 FF040530 030101FF 30200603
      551D1104 19301782 156F6272 6F757465 722E6272 75736868 6F672E63 6F6D301F
      0603551D 23041830 168014D8 5BC2FFB2 967A4C7B 11B44122 5C8D31F7 749B9230
      1D060355 1D0E0416 0414D85B C2FFB296 7A4C7B11 B441225C 8D31F774 9B92300D
      06092A86 4886F70D 01010405 00038181 005901F1 C239074B B8213567 CF7B65BF
      DAFE4557 69B2A3B1 5F2593C7 A54B9598 23FD5E7A 563AA6E0 AFB25801 FA0061E8
      F9545372 DB600B3A BE68AE65 1EDA593E 6A0C96B8 5A4136AF 393F9AAC 651E1C36
      B8B7C6C0 47936C24 D2ECE9A5 9446EE32 FC7461FA AD8CF1CE A7FBF341 07E9C3C6
      505AB88D 0E7FCAFC 5792298A E5E4D1FE CC
            quit
    no ip source-route
    ip dhcp excluded-address 192.168.0.1 192.168.0.99
    ip dhcp pool ccp-pool1
       import all
       network 192.168.0.0 255.255.255.0
       dns-server 216.49.160.10 216.49.160.66
       default-router 192.168.0.1
    ip cef
    no ip bootp server
    ip domain name brushhog.com
    ip name-server 216.49.160.10
    ip name-server 216.49.160.66
    license udi pid CISCO861W-GN-A-K9 sn FTX155281FY
    username tech38 privilege 15 secret 5 $1$d/4Z$n/23EsXbzfHF5XfJ8Nv.y0
    ip tcp synwait-time 10
    ip ssh time-out 60
    ip ssh authentication-retries 2
    interface FastEthernet0
    interface FastEthernet1
    interface FastEthernet2
    interface FastEthernet3
    interface FastEthernet4
    description $ES_WAN$$FW_OUTSIDE$
    no ip address
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    ip flow ingress
    duplex auto
    speed auto
    pppoe-client dial-pool-number 1
    interface wlan-ap0
    description Service module interface to manage the embedded AP
    ip unnumbered Vlan1
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    ip flow ingress
    arp timeout 0
    interface Wlan-GigabitEthernet0
    description Internal switch interface connecting to the embedded AP
    interface Vlan1
    description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
    ip address 192.168.0.1 255.255.255.0
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    ip flow ingress
    ip nat inside
    ip virtual-reassembly
    ip tcp adjust-mss 1412
    interface Dialer0
    ip address negotiated
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    ip mtu 1452
    ip flow ingress
    ip nat outside
    ip virtual-reassembly
    encapsulation ppp
    dialer pool 1
    dialer-group 1
    ppp authentication chap pap callin
    ppp chap hostname XXXXXXXXXXXXX
    ppp chap password 7 XXXXXXXXXXXXXXXX
    ppp pap sent-username XXXXXXXXXXXXXX password 7 XXXXXXXXXXX
    no cdp enable
    ip forward-protocol nd
    ip http server
    ip http authentication local
    ip http secure-server
    ip http timeout-policy idle 60 life 86400 requests 10000
    ip nat inside source static tcp 192.168.0.25 80 interface Dialer0 80
    ip nat inside source list 1 interface Dialer0 overload
    ip route 0.0.0.0 0.0.0.0 Dialer0
    logging trap debugging
    access-list 1 remark INSIDE_IF=Vlan1
    access-list 1 remark CCP_ACL Category=2
    access-list 1 permit 192.168.0.0 0.0.0.255
    dialer-list 1 protocol ip permit
    no cdp run
    control-plane
    banner exec ^C
    % Password expiration warning.
    Cisco Configuration Professional (Cisco CP) is installed on this device
    and it provides the default username "cisco" for  one-time use. If you have
    already used the username "cisco" to login to the router and your IOS image
    supports the "one-time" user option, then this username has already expired.
    You will not be able to login to the router with this username after you exit
    this session.
    It is strongly suggested that you create a new username with a privilege level
    of 15 using the following command.
    username <myuser> privilege 15 secret 0 <mypassword>
    Replace <myuser> and <mypassword> with the username and password you
    want to use.
    ^C
    banner login ^CAuthorized access only!
    Disconnect IMMEDIATELY if you are not an authorized user!^C
    line con 0
    login local
    no modem enable
    transport output telnet
    line aux 0
    login local
    transport output telnet
    line 2
    no activation-character
    no exec
    transport preferred none
    transport input all
    line vty 0 4
    privilege level 15
    login local
    transport input telnet ssh
    scheduler max-task-time 5000
    scheduler allocate 4000 1000
    scheduler interval 500
    end
    Any help would be appreciated

    Hello,
    i have the same problem with router CISCO861W-GN-E-K9. Version 12.4(22r)YB5, RELEASE SOFTWARE (fc1)
    Can someone help?
    Thank you.
    Here is my config for internal AP and router.

  • Cisco-Linksys Router and no PPPOA Option for Conne...

    Hi all! 
    New here and just hoping to get some here!
    We are using a BT Business hub Router and it is having a few issues with wireless connectivity, so I would like to use another router to see if it is our equipment or if it is the router itself.
    I have a Cisco Linksys E1000 Router and after looking at the BT router I can see that the connection type is set to PPPOA with a username and password. I do know the username and password so that isnt an issue, however on the Cisco router there is no option for PPPOA, the only options are:
    Static IP, DHCP, PPPoE, PPTP, L2TP, and BigPond
    There is a connection in the back of the cisco router for the ADSL cable, I was just wondering if there is a way to work around this?
    Thanks very much!!

    I am sure you will get help there when someone has time.
    You can always find the latest postings on the Business Forum using this link.
    http://business.forums.bt.com/t5/forums/recentpostspage/post-type/message
    There are some useful help pages here, for BT Broadband customers only, on my personal website.
    BT Broadband customers - help with broadband, WiFi, networking, e-mail and phones.

  • WRT54GS2 and Siemens ADSL modem - dropping Internet connection

    I am having an internet connection issue. I have a Win98 Desktop directly connected to an ADSL modem - SIEMENS Speetstream 4100. That connection works well.
    I had a WRT54G (old school, blue and black) wireless router connected to it which allowed me to use my WinXP laptop in the house. I then upgraded the router to  a WRT54GS2, and now I lose the connection to the internet every minute or so while connected through that. The connection between the modem and the router goes down, not the connection to either the desktop (wireless) or the laptop. And if I switch to direct connection through the modem, I get a solid, reliable connection to the Internet.
    Is there some problem with the SIEMENS ADSL modem and the Linksys router not playing nice together?
    I have tried ipconfig /release and /renew on both my laptop and the desktop, I have turned off all computers, modem, and router, and powered back up in the correct order: Modem, router, desktop and laptop. 
    Here's the output of ipconfig /all when my laptop is connected directly through the ADSL modem:
    Windows IP Configuration
            Host Name . . . . . . . . . . . . : ALIENUS_AES
            Primary Dns Suffix  . . . . . . . :
            Node Type . . . . . . . . . . . . : Broadcast
            IP Routing Enabled. . . . . . . . : No
            WINS Proxy Enabled. . . . . . . . : No
    Ethernet adapter Local Area Connection:
            Connection-specific DNS Suffix  . :
            Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Eth
    ernet NIC
            Physical Address. . . . . . . . . : 00-0F-B0-74-0F-FB
            Dhcp Enabled. . . . . . . . . . . : Yes
            Autoconfiguration Enabled . . . . : Yes
            IP Address. . . . . . . . . . . . : 70.234.142.61
            Subnet Mask . . . . . . . . . . . : 255.255.255.0
            Default Gateway . . . . . . . . . : 70.234.142.62
            DHCP Server . . . . . . . . . . . : 192.168.0.1
            DNS Servers . . . . . . . . . . . : 192.168.0.1
                                                192.168.0.1
            Lease Obtained. . . . . . . . . . : Friday, November 20, 2009 1:23:03 PM
            Lease Expires . . . . . . . . . . : Friday, November 20, 2009 1:33:03 PM
    Ethernet adapter Wireless Network Connection 2:
            Connection-specific DNS Suffix  . :
            Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN
            Physical Address. . . . . . . . . : 00-90-4B-F3-5E-D6
            Dhcp Enabled. . . . . . . . . . . : Yes
            Autoconfiguration Enabled . . . . : Yes
            IP Address. . . . . . . . . . . . : 192.168.10.100
            Subnet Mask . . . . . . . . . . . : 255.255.255.0
            Default Gateway . . . . . . . . . : 192.168.10.1
            DHCP Server . . . . . . . . . . . : 192.168.10.1
            DNS Servers . . . . . . . . . . . : 192.168.0.1
            Lease Obtained. . . . . . . . . . : Friday, November 20, 2009 1:03:43 PM
            Lease Expires . . . . . . . . . . : Saturday, November 21, 2009 1:03:43
    PM
    Why does the new WRT54GS2 lose internet connectivity when a direct connection through the modem does not lose connectivity and the old one was reliable?
    Thanks in advance.
    Solved!
    Go to Solution.

    Your ADSL modem is in half-bridge mode. It does the PPPoE connection and then passes the IP addresses, etc. through DHCP to the device connected. Several people seem to have problems with different routers and these modems.
    I would suggest you reconfigure the ADSL modem into full bridge mode (i.e. the modem works really like a simple modem and does not connect to the internet itself). In full bridge mode you should be able to configure your router with PPPoE and connect to the internet directly. That should work better.
    If the ADSL modem is intelligent enough it may automatically switch to full-bridge mode if you configure the router for PPPoE.
    You should see the difference in the DNS servers which the router got. In half-bridge mode the ADSL modem seems to assign its own IP address 192.168.0.1 as DNS server. If you connect directly to your ISP you should see the IP addresses of your ISP's DNS servers.

  • Routing and Externally Process and Purchase requisition

    Dear Experts
    I try to set routing with External processing.
    I have 2 questions.
    I would really appreciate you, if you could answer my questions.
    I still have not understood the relationship between "Control key" and "Purchase Order"
    The routing is like below
    10 self manufacturing
    20 External Processing with the control key is pp02
    30 self manufacturing
    In case I set "+"  (Externally processed operation)   for "External Processing" in "pp02", the Purchase Requisition will be created.
    However in case I set "X"  (Internally processed operation / Externally processed operation)  for "External Processing" in "pp02", the Purchase Requisition will not be created.
    My question is in case I set "X" for "External Processing" for Control key, how can I create Purchase Requisition?
    Should I create Purchase Requisition manually?
    In case I set task 20 as External Processing.
    What kind of Work center should I regist for task20?
    Is it dummy work center or is empty OK?
    Best Regards

    Dear,
    When you maintain external processing in your control key PP02 and the system will create a purchase requisition when you release the production order. For that particular external processing operation you need to maintain the purchasing group and info record details in the external processing tab in routing.
    Please refer my reply from this link,
    Re: Control key for external process operation & internal.
    Regards,
    R.Brahmankar

  • Problem on Cisco AP 1240AG and External Antenna

    Hi all :
    I am setting and configure the Cisco AP 1240AG with 5GHz External Antenna extension. The whole product is called iWap. The problem now is that the wireless signal amplitude only can reach 3 bars instaed of ful 5 bars.
    Please help below few questions I have for this setup and configuration :
    1. What is the default or original frequency of antenna of Cisco AP1240AG? Can a 5GHz antenna work with the AP 1240AG whereby it is run with 802.11a and 802.11g?
    2. If 5GHz antenna can work with 802.11a or 802.11g, what is the setting or configuration needed to be done at the Cisco 1240AG? Or, no setting or configuration needed because it will automatically work by default?
    Many Thanks in advance and best regards,
    tangsuan

    1240 is the product "line," 1242 is the specific model.  The come in both G and AG variants. The link below is a picture of an AG variant (with both an 2.4 Ghz "A" radio and a 5 Ghz "G" radio).  The two antenna ports on the top in the blow image are for the 5 Ghz radio, and there should be some blue text indicating as much.
    http://www.cisco.com/en/US/prod/wireless/ps5678/ps6521/prod_large_photo0900aecd8031d92d.jpg
    If you don't have the two antenna ports on top, and just have two near the ethernet and console ports, then you have a "G" model, which only have a 2.4 Ghz radio.  See my pic below.  G model on the left, AG on the right.

  • How does Time MACHINE work with the Verizon Fios Router and External Harddrive??

    Hello,
    I just got a laptop MBP for my daughter who has got Verizon FIOS as her carrier. The Router has wireless capability and ethernet capable connections.
    I want to set her up with an external hard drive for Time Machine Backups and to make it easier, I was wondering if I can somehow connect the external hard drive to the router so she can use her laptop anywhere in the house and have it backed up.
    I clearly recognize that I can hook it up direct to the laptop but I thought if someone had an idea, this approach might be easier for her.
    I haven't gotten the external hard drive yet so I thought I would ask before I do.
    Thanks for any help anyone can provide me,
    Skip

    You can restore from the larger disk since Time Machine makes a complete copy of the Mac on the first backup on any new disk.
    So, the first time your Mac backed up to the larger disk, the entire contents of your Mac's hard drive (minus any files that you excluded) were copied over. Then, Time Machine began to back up the incremental changes on all subsequent backups.

  • Replacing the router (and maybe the modem)

    I've had loads of problems with my infinity. Essentially it is incredibly variable, going from the full 75MB/s DL to 0.37 MB/s DL which gets very annoying. A lot of my devices also tend to lose the wireless despite being in the same room as the modem/router. I know the problem doesn't lie with the devices as they work everywhere else, therefore I am looking to change the modem/router.
    I purchased this one a while back it's the Netgear N300 Dual Band Modem-Router. I am just wondering if it is able to completely replace the modem and the router, or even just the router? I.e. will it work with infinity?
    If it won't work, can anyone suggest an alternative router for me?
    Many thanks

    chayes030 wrote:
    So we've spent a long time living with these problems and I got fed up and tried to get one of my friends to play about with the netgear modem-router i got, to get it working. unfortunately he couldn't link it up to actually get the internet, and he thought it was because the router wasn't actually recognising the modem and therefore picking up the internet.
    I'm just wondering on the routers set-up bit, there's an area where it asks if my internet connection requires a password, is that where I put in the Homehub login details?
    If i'm spouting rubbish point me in the direction of a step-by-step guide on what to do (i've tried searching myself but i don't think i know what i'm actually looking for!!) and i'll follow that to the letter and see if it works!!
    Hi there,
    First off, make sure that you're connecting the ethernet cable that's coming from the OpenReach modem to the port marked WAN on the back of your router. If you connect it to any of the other ports, it won't see the connection.
    Another thing you need to do is in the username/password fields for your connection the login would be [email protected] and the password is anything you like, but most people just use "bt" - Just don't leave it blank, or it won't connect.
    See below for a screenie (A picture tells a thousand words and all that)
    I hope this info helps

Maybe you are looking for

  • Passing struts-tag value to java / javascript variable in JSP

    Hello all, Im trying to pass the value got from the struts-tag to the java variable in the Jsp. However Im not able to get the o/p. Can u guys help me on this pls... <logic:notEmpty name="TreeBean" property="list">     <logic:iterate id="Type" name="

  • Can't boot into safe mode or prompt login window, need help.

    Hello all, This is cross-posted from the installations and set-up list. Can anyone suggest a remedy for what's ailing this powerbook. its a g4 powerbook, i don't have much more info other than that. all indications are that it is running 10.2.6, alth

  • IWeb and faulty code

    Hey, I'm a filmmaker trying to put my website out via iWeb '08. I am thinking it produces faulty code because know matter what I try the formatting always gets messed up and I'm having to start over again. Any ideas or clues? I think I am going to be

  • I am receiving error 1004 message when trying to update imovie in app store. how do i fix this?

    I have attempted a multitude of times to update iMovie in the App Store, but whenever i click update I immediately receive an Error 1004 mesage. What can I do to fix this?

  • Non printing cartridges

    Hi Folks: Printer will not print magenta & light magenta cartridges. Get no error messages for either one. Twice checked supply levels - magenta=100% / lt. magenta=85%. Ran both levels 1 & 2 of head cleaning routine. Followed "community" suggestion o