On Tue, Sep 21, 2010 at 12:57, Kurt Buff <[email protected]> wrote: > All, > > Our UK office has acquired a new Cisco 857 to replace a Netgear router > for their DSL line.
All, Closing this one out. Thanks to all of you who had suggestions. Unfortunately, the UK office didn't buy SmartNet for this device, so I had to wait on that to be purchased. Ultimately, however, the support rep with the very noticeable South Asian accent proved useless, so while I was waiting for him to call me back several times, I was able to solve each problem on my own. There were several issues, and the project got sidelined by other things for a while, but I finally got this up and running. Something to note: This 857 will *not* accept an IP address on an Ethernet port. All Ethernet ports must be members of a VLAN, and the address must be assigned to the BVI. I have used the default VLAN 1, as it's a standalone and nothing other than the firewall should be plugged into it, otherwise I'd have fixed up a new VLAN and made that primary. The configuration below works. version 12.4 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname UKOffice ! boot-start-marker boot-end-marker ! logging buffered 51200 warnings ! no aaa new-model memory-size iomem 25 ! crypto pki trustpoint TP-self-signed-3636069260 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-3636069260 revocation-check none rsakeypair TP-self-signed-3636069260 ! crypto pki certificate chain TP-self-signed-3636069260 certificate self-signed 01 nvram:IOS-Self-Sig#3.cer dot11 syslog ! ip cef ip name-server 8.8.8.8 ! username Admin privilege 15 secret 5 <removed> ! archive log config hidekeys ! bridge irb ! interface ATM0 no ip address no ip mroute-cache no atm ilmi-keepalive pvc 0/38 encapsulation aal5mux ppp dialer dialer pool-member 1 ! dsl operating-mode auto hold-queue 224 in ! interface FastEthernet0 ! interface FastEthernet1 ! interface FastEthernet2 ! interface FastEthernet3 ! interface Vlan1 no ip address bridge-group 1 ! interface Dialer0 ip address negotiated ip mtu 1470 encapsulation ppp dialer pool 1 dialer-group 1 no cdp enable ppp authentication chap callin ppp chap hostname <removed> ppp chap password 0 <removed> ! interface BVI1 ip address 81.xxx.xxx.xxx 255.255.255.248 no ip mroute-cache hold-queue 224 in ! no ip forward-protocol nd ip forward-protocol spanning-tree ip route 0.0.0.0 0.0.0.0 Dialer0 ! no ip http server no ip http secure-server ip http timeout-policy idle 60 life 86400 requests 10000 ! access-list 23 permit 81.xxx.xxx.xxx 0.0.0.7 dialer-list 1 protocol ip permit no cdp run ! control-plane ! bridge 1 protocol vlan-bridge bridge 1 route ip ! line con 0 exec-timeout 60 0 login local no modem enable line aux 0 line vty 0 4 access-class 23 in privilege level 15 login local transport input telnet ssh ! scheduler max-task-time 5000 end ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
