Configure ATM on cisco router 1841 for PPPoE

Hi Geeks,
I have searched the net with answers but still no success to achieving what I needed.
My scenario, I 'am replacing  my Netcom with a cisco 1841 router. Now, I need advise or better guided steps on how to configure my ATM interface for PPPoE to connect to my ISP network. With the netcom its easy since its uses GUI  and connection picks up automatically as long username and password are correct to connect to ISP.
Appreciate any help here?
Thank you.

from the sounds of it you purchased a '4 port WAN Interface Card' to be put into your router.
(the HWIC4 cannot be used to create a 'DMZ' as you require; you will need additional Ethernet interfaces, not WAN interfaces)
a few things first...
1) yes you have increased the routers ability to serve more than one network. with an HWIC4, you can configure upto 4 more WAN segments that the router can route for.
2) if you had a 4 port Ethernet Card, then you could configure each interface to act like a DMZ, but without proper security in place, it will not be much more than a 'hop' from one network to another.
NOTE: you need to build very detailed, granular access lists to filter traffic if you wish to have any chance of provding the slightest amount of security to your inside users & hosts.
(a firewall will provide you better security control and DMZ definition and is a recommended best practice for the solution you're looking for)
your DMZ definition says it all, "...subnet between a trusted network and an untrusted network..."
firewalls inherently provide a 'trusted' interface, an 'untrusted' interface and one or more 'less than trusted' or DMZ interfaces.
routers do not inherently provide this type of security segregation. you should be using a firewall to provide your solution and security in this case.

Similar Messages

  • Cisco Router 1841,2911

    Does Cisco router 1841 or 2911 or any other model routers has default IP or not

    If I understand your question correctly; no, there are no IPs configured by default.

  • Send configuration file to Cisco router

    Where can I find a C programm that send configuration file to Cisco router from linux workstation?

    I wonder what kind of config changes you are making and whether that may have an impact on SSH. For example if you change the host name or change the domain name then the keys need to be regenerated.
    HTH
    Rick

  • Cisco Router 1841 is it support CME ?

    I have cisco router 1841 is it support CME? I tried to put this command    myrouter(config)# telephony-services       but is not recognized ?

    1841 supports VWIC card perfectly. it works great in WAN data.
    Here is VWIC card in my 1841 in "show diag",
            WIC/HWIC Slot 1:
            VWIC2-2MFT-T1/E1 - 2-Port RJ-48 Multiflex Trunk - T1/E1
            Hardware Revision        : 0.0
            Top Assy. Part Number    : 800-22629-05
            Board Revision           : C0
            Deviation Number         : 0
            Fab Version              : 04
            PCB Serial Number        : FOCxxxxxxx
            RMA Test History         : 00
            RMA Number               : 0-0-0-0
            RMA History              : 00
            Product (FRU) Number     : VWIC2-2MFT-T1/E1
            Version Identifier       : V01
            EEPROM format version 4
            EEPROM contents (hex):
              0x00: 04 FF 40 03 FC 41 00 00 C0 46 03 20 00 58 65 05
              0x10: 42 43 30 88 00 00 00 00 02 04 C1 8B 46 4F 43 31
              0x20: 33 30 34 33 57 42 53 03 00 81 00 00 00 00 04 00
              0x30: CB 90 56 57 49 43 32 2D 32 4D 46 54 2D 54 31 2F
              0x40: 45 31 89 56 30 31 20 D9 02 40 C1 FF FF FF FF FF
              0x50: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
              0x60: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
              0x70: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF

  • Configure cisco router 2901 as pppoe modem

    hi, i used web based interface to configure ppoe on the router 2901, but it does not seems to be enabled.
    i want to use this router to connect to my ISP and dial automatically like the normal dlink and other  routers do.
    i want to share the internet to clients connected through switch.

    conf t
    interface dialer 1
    ip address negotiated
    encapsulation ppp
    ppp authentication pap callin
    ppp pap sent-username ISPUsername password ISPPassword
    ppp ipcp route default
    dialer pool 10
    no shutdown
    ip nat outside
    exit
    interface gigabit 0/0
    no ip address
    pppoe enable
    pppoe-client dial-pool-number 10
    no shutdown
    exit
    exit
    interface gigabit 0/1
    ip address 192.168.0.254 255.255.255.0
    no shutdown
    ip nat inside
    exit
    ip access-list standard NAT_ADDRESSES
    permit 192.168.0.0 0.0.0.255
    exit
    ip nat inside source list NAT_ADDRESSES interface dialer 1

  • Require to configure CUCM and Gateway router PRI for 200 users

    Hi all,
    My current scenario is like this:
    We have two CUCM servers(7.1) in reduandancy. One is publisher and other is subscriber. We have a gateway router 2921 with a single PRI card. We have 200 IP Phone users. Currently the problem is we have only 30 telephone lines. So with the help of DID configuration. We assign thirty ports to thirty users. Now these thirty users are able to to make an outbound call and recieve an Inbound call. Now I also want to create a pattern in which we dedicate 10 channaels for other 120 users to make an outbound call. And restrict 50 users to not make an outbound call. So we require such a scenario.
    Total 200 Users:
    1. First 30 users. Able to make an outbound call and also able to recieve an inbound call.
    2.  Next 120 Users. Able to make an outbound call. But not able to recieve an inbound call because of PRI restriction. Because we only have a thirty numbers. Dedicate 10 channels for them.
    3. Last 50 users. Not able to make an outbound call. And also not able to recieve an Inbound call.
    So I need a configurations of Gateway router and PRI. And also of CUCM in which we could define such a pattern.
    Regards,
    Ali Raza

    Ali,
    The outbound call restrictions can be implemented using the CUCM Calling Search Space configurations.  A basic example to illustrate:
    Partition 1:  internal_pt   (only internal patterns)
    Partition 2: phones_pt (ip phones on your network)
    Partition 3: pstn_pt (off net patterns/external)
    CSS1: Offnet_css
    internal_pt
    phones_pt
    pstn_pt
    CSS2: Onnet_css
    internal_pt
    phones_pt
    You place all patterns that can reach off net in "pstn_pt". Phones that are using CSS2 cannot reach off net.  The above example is leveraging the device CSS for all call routing decisions.Using this approach, you would assign "onnet_css" to phones that can only dial internally. NOTE: I am just using a basic example here and not suggesting you use this PT/CSS config "as is".
    There is another approach where you "allow" all patterns on a device and "restrict" on the line. For example:
    Partition 1:  internal_pt   (only internal patterns)
    Partition 2: phones_pt (ip phones on your network)
    Partition 3: pstn_pt (off net patterns/external)
    Partition 4: block-pstn_pt (blocking patterns for pstn)
    CSS1: AllPhones_css
    internal_pt
    phones_pt
    pstn_pt
    CSS2: restrict-pstn_css
    block-pstn_pt
    Again, pstn_pt contains all pstn patterns.  The block-pstn_pt would also contain off net patterns. The difference is that in the block-pstn_pt all patterns would have the "Block this pattern" flag enabled. All phones would have a Device Level CSS of AllPhones_css.  Phone lines where you wanted to restrict off net dialing would have a Line Level CSS of restrict-pstn_css.
    Just a quick refresher, when a phone LINE goes off hook to dial the CUCM is using the "Line Level CSS" + "Device Level CSS" to make the routing decision.  So, assume Line 1 on Phone A has restrict-pstn_css and the phone Device Level CSS is AllPhones_CSS. The Effective Search Space is:
    1. block-pstn_pt
    2. internal_pt
    3. phones_pt
    4. pstn_pt
    So, if we assume that block-pstn_pt contains patterns that override patterns in pstn_pt then you can effectively block off net access to Phone A, Line 1.
    Why would this be a good approach?  Well, what if you had a need to restrict Line 1 on Phone A but allow Line 2 on Phone A.  Using line level restrictions is much more flexible. Especially if you have more than 2 options you need to consider.
    As far as inbound restrictions. If a phone line doesn't have a DID then you have achieved your objective.
    The part I can't answer is reserving 10 specific channels for one group of users. I do not believe this is possible.
    HTH.
    Regards,
    Bill

  • Configure a Cisco router with Username and Password.

    Hello Guys,
    Am quite new in cisco and i need to configure an 891 cisco router,can someone please show me step by step configuration commands for configuring Username and Secret Password.I would like the router to ask for "Username"and " Password" anytime i want to login the router through telnet.I also want to know if i have to erase the default configurations on the router first, before i start the configuration,and how it should be done in other not to loose the router whiles working on it.Thanks for your usual quick responds.
    Regards,
    Eben.

    Hello Eben,
    Peter has suggested to use SSH because of the fact that telnet data is sent in clear text, so someone with the right tools could easily find your password and your device could/would be compromised. It is security best practice. SSH is encrypted.
    Technically speaking you do not need to change the hostname / domain name. But majority of Cisco documentation follow this method.
    In case you are interested on how to do this without change... see below.
    Router(config)#
    Router(config)#crypto key generate rsa modulus 1024
    % Please define a hostname other than Router.
    Router(config)#crypto key generate rsa modulus 1024 label CISCO
    The name for the keys will be: CISCO
    % The key modulus size is 1024 bits
    % Generating 1024 bit RSA keys, keys will be non-exportable...[OK]
    Router(config)#
    *Jul 11 13:27:51.431: %SSH-5-ENABLED: SSH 1.99 has been enabled
    Router(config)#
    The normal cases just as shown in Cisco documentation, the parser (without a label on the crypto key) would force us to change the hostname, create a domain name. I think the domain name is there to put a label on the keys.
    Router(config)#crypto key generate rsa general-keys modulus 1024
    % Please define a hostname other than Router.
    Router(config)#crypto key generate rsa
    % Please define a hostname other than Router.
    Router(config)#hos
    Router(config)#hostname ISR
    lexnetISR(config)#crypto key generate rsa general-keys modulus 1024
    % Please define a domain-name first.
    ISR(config)#ip domain name net.com
    ISR(config)#exit
    ISR(config)#crypto key generate rsa general-keys modulus 1024
    The name for the keys will be: ISR.net.com
    % The key modulus size is 1024 bits
    % Generating 1024 bit RSA keys, keys will be non-exportable...[OK]

  • Configure a Cisco router with telnet Username and Password.

    Hello Guys,
    Am quite new in cisco and i need to configure an 891 cisco router,can someone please show me step by step configuration commands for configuring Username and Secret Password.I would like the router to ask for "Username"and " Password" anytime i want to login the router through telnet.I also want to know if i have to erase the default configurations on the router first, before i start the configuration,and how it should be done in other not to loose the router whiles working on it.Thanks for your usual quick responds.
    Regards,
    Eben.

    From this forum description:
    Note: If your questions pertain to specific Cisco technology or solution, please post them in the proper community by leveraging the Community Directory so that folks who have expertise within those areas can engage and collaborate to it.
    You should consider to delete your question here and recreate in in more appropriate forum. You can wish for quick response then ...
    Edit: Thread has been moved by moderator, the notice no longer apply.

  • Dynamic bandwidth selection for PPPoE over Ethernet/VLAN

    Hello all, hope you are doing great.
    I'm planning to deploy PPPoE Server (Cisco Router 7609) for a ISP. This ISP will provide Internet connection for customer over Ethernet.
    I have to provide a solution to assign bandwidth to each customer by RADIUS and I find some clues that Dynamic Bandwidth Selection (DBS) should be the answer. Unfortunately, DBS only support PPPoA or PPPoE over ATM.
    If you have any experience with equivalent function, please help me. Thank you very much.
    Regards,
    Hiep Nguyen.

    Hiep,
    I think I have figured this out.  Here is the test config on my PPPoE server:
    int lo1
      ip address 172.25.25.25 255.255.255.255
    ip radius source-interface Loopback1
    aaa new-model
    radius-server host 172.16.1.55 auth-port 1812 acct-port 1813 key cisco$$$
    aaa group server radius RADIUS-ACT
     server 172.16.1.55 auth-port 1812 acct-port 1813  
    aaa authentication login default group RADIUS-ACT local
    aaa authorization exec default group RADIUS-ACT local
    aaa accounting exec default start-stop group RADIUS-ACT
    aaa accounting delay-start
    aaa authentication ppp default if-needed group RADIUS-ACT local
    aaa authorization network default group RADIUS-ACT local
    aaa accounting network default start-stop group RADIUS-ACT
    aaa accounting update periodic 5
    bba-group pppoe global
     virtual-template 1
    interface fa0/1
     pppoe enable group global
     ip address 172.30.0.1 255.255.0.0
     no shut
    interface Virtual-Template1
     mtu 1492
     ip unnumbered FastEthernet0/1
     peer default ip address pool GLOBALPOOL
     ppp authentication chap
    ip local pool GLOBALPOOL 172.30.0.2 172.30.127.255
    policy-map POLICE-128K
     class class-default
        police 128000
    policy-map POLICE-512K
     class class-default
        police 512000
    Here are the attributes on the radius server, for a group the PPPoE customer belonged to:
    Service-Type = Framed
    Framed-Protocol = PPP
    cisco-avpair="ip:sub-policy-In=POLICE-128K"
    cisco-avpair+="ip:sub-policy-Out=POLICE-512K"
    Here is the show policy-map on the virtual-access interface the client connected on:
    sho policy-map int virtual-a 3
     Virtual-Access3
      Service-policy input: POLICE-128K
        Class-map: class-default (match-any)
          1000 packets, 1402000 bytes
          5 minute offered rate 0 bps, drop rate 0 bps
          Match: any
          police:
              cir 128000 bps, bc 4000 bytes
            conformed 799 packets, 1120198 bytes; actions:
              transmit
            exceeded 201 packets, 281802 bytes; actions:
              drop
            conformed 0 bps, exceed 0 bps
      Service-policy output: POLICE-512K
        Class-map: class-default (match-any)
          911 packets, 1137746 bytes
          5 minute offered rate 0 bps, drop rate 0 bps
          Match: any
          police:
              cir 512000 bps, bc 16000 bytes
            conformed 799 packets, 1136178 bytes; actions:
              transmit
            exceeded 0 packets, 0 bytes; actions:
              drop
            conformed 0 bps, exceed 0 bps
    I was able to generate enough traffic with ping to meet the exceed action in and have it drop packets.

  • Vlan routing with cisco router and linksys switch

    I have a linksys switch width vlan configured, connected to a Cisco router (1841), but I cant route between vlan’s.
    Please help me!!
    It Works with a Cisco switch perfectly(with the same ip and vlan).

    Yes. the linksys switch (SRW2024 24-Port 10/100/1000 Gigabit Switch) supports trunking.
    If you want you can visit the link and see that the switch supports vlan, dot1q and trunking.
    http://www.linksys.com/servlet/Satellite?childpagename=US%2FLayout&packedargs=c%3DL_Product_C2%26cid%3D1123638180432&pagename=Linksys%2FCommon%2FVisitorWrapper

  • How to configure one dsl connection and one public ip in cisco router and map to one interface for using exchange server

    how to configure one dsl connection and one public ip in cisco router and map to one interface for using exchange server

    Hi ,
     Have you got any additional public IP Address from your service provider , If yes on router you can have static route for those additional IP Address pointing to your ASA  outside interface . 
    Accordingly you can configure NAT 
    HTH
    Sandy . 

  • Cisco-Linksys Router and no PPPOA Option for Conne...

    Hi all! 
    New here and just hoping to get some here!
    We are using a BT Business hub Router and it is having a few issues with wireless connectivity, so I would like to use another router to see if it is our equipment or if it is the router itself.
    I have a Cisco Linksys E1000 Router and after looking at the BT router I can see that the connection type is set to PPPOA with a username and password. I do know the username and password so that isnt an issue, however on the Cisco router there is no option for PPPOA, the only options are:
    Static IP, DHCP, PPPoE, PPTP, L2TP, and BigPond
    There is a connection in the back of the cisco router for the ADSL cable, I was just wondering if there is a way to work around this?
    Thanks very much!!

    I am sure you will get help there when someone has time.
    You can always find the latest postings on the Business Forum using this link.
    http://business.forums.bt.com/t5/forums/recentpostspage/post-type/message
    There are some useful help pages here, for BT Broadband customers only, on my personal website.
    BT Broadband customers - help with broadband, WiFi, networking, e-mail and phones.

  • Configuring Cisco Router for use with Syslog Server

    Configuring Cisco Router for use with Syslog Server:
    Does anyone know of a good doc for this?
    -Ashley

    Start with that one: http://security-planet.de/wp-content/uploads/2008/12/logging-ios.pdf
    And if you need more informations, just ask what you want to achieve.
    Don't stop after you've improved your network! Improve the world by lending money to the working poor:
    http://www.kiva.org/invitedby/karsteni

  • Setting PPPoE clients speed Via Cisco router

    Hi i have a 7200 cisco router working as NAS (network access server) for PPPoE sessions , the clients connected DSLAMS and the Cisco connected to an AAA external Raduis server.
    i want to set the user speed Via cisco router in a way which can be controlled in the Radius server , and not through the actual speed of the DSLAMS ports
    Thanks alot

    Hello Mohamed,
    there is a feature called controlled subscriber bandwidth that may fit your needs:
    see
    http://www.cisco.com/en/US/docs/ios/bbdsl/configuration/guide/bba_con_sub_bdwth_ps6441_TSD_Products_Configuration_Guide_Chapter.html
    it manipulates the ATM traffic parameters on a per user basis
    these settings can be done on radius AV:
    example:
    The following example shows how to configure RADIUS attributes for a user profile for DBS:
    [email protected] Password = "userpassword1", Service-Type = Outbound
         Service-Type = Outbound,
         Cisco-Avpair = "vpdn:tunnel-id=tunnel33",
         Cisco-Avpair = "vpdn:tunnel-type=l2tp",
         Cisco-Avpair = "vpdn:l2tp-tunnel-password=password2",
         Cisco-Avpair = "vpdn:ip-addresses=172.16.0.0",
         Cisco-Avpair = "atm:peak-cell-rate=155000",
         Cisco-Avpair = "atm:sustainable-cell-rate=155000"
    Hope to help
    Giuseppe

  • How to create custom GUI interface for Cisco router?

                       Hello,
    I am working on a Cisco solution and I have my router configured for the solution I need. However, if a non-cisco person needs to use my solution then I think he will need a GUI interface which will have few "buttons" which when clicked will run some Cisco commands on Cisco router to make it work. Is there a way to design such GUI interface which is compatible with Cisco routers? I know Cisco has SDM, but that is too involved and detailed, which is useful only for people who know atleast a little bit about Cisco. Here I am looking at crowd who will have 0 knowledge of Cisco.
    Please let me know if something like this can be done. If yes, how and how easily?
    Thank you.

    There are lots of ways to do this - you can use SNMP or even HTTP to push or pull commands from Cisco devices. How easy it is to create a GUI depends on your programming skills. I would guess a simple web page triggering backend scripts would be the easiest way to do this.

Maybe you are looking for

  • How to clone Boot Camp partition when Winclone does not work

    The hard drive in my MacBook Pro is failing. It has 2 partions, one for Apple and the other is a Bootcamp with Windows 7. I tried repairing it with Disk Utility, which did not work. I also ran DiskWarrior, which resulted in the error message: "Direct

  • Imp command and some warnings....

    C:\temp>imp userid=system file=FIERROSXY.DMP log=imp.log fromuser=UFIERROS touser=UFIERROS Connected to: Oracle Database 10g Express Edition Release 10.2.0.1.0 - Production Export file created by EXPORT:V10.01.00 via conventional path Warning: the ob

  • BDC for F4 needs to be done

    hi  ,          can u help me recording the BDC  with a F4 help.i am recording   OKZ3 trans. here if u want to change the default rule of a line item then  the procedure is   select the line item  ,  then  press f4  for the default rule  select  the 

  • Performance Management - Appraisal Catalog - Status Flow Tab

    Good afternoon experts, So I am configuring a performance template (object type VA) and I noticed on the tab, "status flow" that there is a section at the bottom called "Status Change: Description" Has anyone used this field before, so for example, i

  • YouTube embed in web content overlay crashes InDesign when previewing

    I created an HTML file with this code: <!DOCTYPE html> <html> <body> <iframe width="560" height="315" src="http://www.youtube.com/embed/xxxxxxx" frameborder="0" allowfullscreen></iframe> </body> </html> I then created a box in InDesign and used the W