Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

"HELP!!!! PROGRAMMING CISCO 2600 FOR INTERNET ACCESS 1

Status
Not open for further replies.

loveroots

Technical User
Joined
Jul 16, 2002
Messages
115
Location
US
I need help with programming a cisco 2600 for internet access
version 12.3
service timestamps debug datetime msec localtime
service timestamps log datetime msec localtime
service password-encryption
!
hostname
!
boot-start-marker
boot system flash c2600-ik9o3s3-mz.123-17a.bin
boot-end-marker
!
logging buffered 16384 informational
no logging console
enable secret 5 $1$9qjF$mg1UEt3gqV0n6IFrKj3nN1
!
clock timezone AR -3
no aaa new-model
ip subnet-zero
no ip gratuitous-arps
ip cef
!
!

!
no ip bootp server
ip inspect audit-trail
ip inspect udp idle-time 120
ip inspect dns-timeout 10
ip inspect name USER-CBAC http java-list 99 timeout 600
ip inspect name USER-CBAC smtp timeout 600
ip inspect name USER-CBAC udp timeout 600
ip inspect name USER-CBAC tcp timeout 900
ip inspect name USER-CBAC sqlnet timeout 3600
ip inspect name USER-CBAC ftp timeout 900
ip audit attack action alarm drop reset
ip audit po max-events 25
ip audit name ATAK info action alarm
!
!
!
!
!
!
!
!
!
!
!
!
username admin privilege 15 password 7 110A1016141D
!
!
controller E1 0/0
framing NO-CRC4
channel-group 0 timeslots 1-4
!
!
!
!
!
interface Loopback0
no ip address
no ip redirects
no ip proxy-arp
!
interface Null0
no ip unreachables
!
interface FastEthernet0/0
description == LAN DEL CLIENTE/2226960 ==
ip address 200.x.x.x 255.255.255.240
no ip proxy-arp
ip nat outside
ip route-cache same-interface
duplex auto
speed auto
no cdp enable
!
interface Serial0/0:0
description ==
bandwidth 256
no ip address
encapsulation frame-relay IETF
frame-relay lmi-type q933a
!
interface Serial0/0:0.1 point-to-point
description ==
ip address 10.x.x.x 255.255.255.252
frame-relay interface-dlci 32 IETF
!
no ip http server


no ip http server
no ip http secure-server
ip classless
ip route 0.0.0.0 0.0.0.0 10.x.x.x
!
!
!raming router for internet access
 
Need to see rest of config...also with the default route i see so far you are trying to send all outbound traffic over the point to ponit.....is this correct?
 
The programming that I paste is whats in the router now I jus wanted to change programming so that I can get to the Internet then I will reprogram tthis is the last part of the programming on that router

snmp-server community
snmp-server community T34M505X RO 98
snmp-server location
snmp-server contact
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps tty
snmp-server enable traps xgcp
snmp-server enable traps isdn call-information
snmp-server enable traps isdn layer2
snmp-server enable traps isdn chan-not-avail
snmp-server enable traps isdn ietf
snmp-server enable traps hsrp
snmp-server enable traps config
snmp-server enable traps entity
snmp-server enable traps config-copy
snmp-server enable traps envmon
snmp-server enable traps bgp
snmp-server enable traps pim neighbor-change rp-mapping-change invalid-pim-messa
ge
snmp-server enable traps ipmulticast
snmp-server enable traps msdp
snmp-server enable traps rsvp
snmp-server enable traps frame-relay
snmp-server enable traps frame-relay subif
snmp-server enable traps rtr
snmp-server enable traps syslog
snmp-server enable traps stun
snmp-server enable traps dlsw
snmp-server enable traps bstun
snmp-server enable traps dial
snmp-server enable traps dsp card-status
snmp-server enable traps atm subif
snmp-server enable traps pppoe
snmp-server enable traps ipmobile
snmp-server enable traps isakmp policy add
snmp-server enable traps isakmp policy delete
snmp-server enable traps isakmp tunnel start
snmp-server enable traps isakmp tunnel stop
snmp-server enable traps ipsec cryptomap add
snmp-server enable traps ipsec cryptomap delete
snmp-server enable traps ipsec cryptomap attach
snmp-server enable traps ipsec cryptomap detach
snmp-server enable traps ipsec tunnel start
snmp-server enable traps ipsec tunnel stop
snmp-server enable traps ipsec too-many-sas
snmp-server enable traps voice poor-qov
snmp-server enable traps dnis
!
!
!
!
banner login ^C


^C
!
line con 0
exec-timeout 15 0
login local
line aux 0
line vty 0 4
access-class 99 in
exec-timeout 15 0
login local
transport input telnet
!
ntp clock-period 17180031
ntp server 200.x.x.x
ntp server 200.x.x.x
!
end


 
Taking a rather simplistic point of view, there are 2 things you need to get right to get an Internet gateway up and running:

1. You need to setup the routing appropriately. It is usually sufficient to include a a default static route (0.0.0.0 0.0.0.0) via your ISP's next hop address. You seem to have this in place already.

2. You also need to decide if NAT'ing will be required. I see you have deployed 200.x.x.x/28 as an internal (LAN) address space. If you actually own that address space and you don't have more than 14 hosts on that LAN, you don't need to NAT.

If you don't own that address space or you have more than 14 hosts that require Internet access, then you will need to NAT to provide the scalability you are looking for.

One of the most basic NAT configurations that is suitable for most small/medium deployments is to NAT overload on the outgoing interface as follows:

interface FastEthernet0/0
ip nat inside
interface Serial0/0:0.1
ip nat outside

ip nat inside source list 1 interface Serial0/0:0.1 overload

access-list 1 permit ip 200.x.x.x 0.0.0.15 any

 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top