Cisco routing configuration: Cisco routing configuration via fixed IP or dial-up internet

Source: Internet
Author: User
Tags get ip

The fixed IP Internet configuration is introduced first:


Existing customers need to use Cisco's 2811 router to surf the internet, the user for 10M fiber, the application of 16 fixed IP,

The IP is 58.240.160.2-58.240.160.14, and the default gateway is 58.240.160.1. Intranet IP Segment 192.168.1.0,

Customers to achieve 192.168.1.10-192.168.1.20 between the IP can be online, the rest of the cannot.

Router e1/0 interface for WAN Extranet interface, E1/1 for LAN intranet interface

The topology diagram is as follows:

650) this.width=650; "src=" https://s4.51cto.com/oss/201711/03/6a4ce3d785eb80b17ae9cfb41210e3b9.jpg "title=" 1.jpg " alt= "6a4ce3d785eb80b17ae9cfb41210e3b9.jpg"/>

Cisco2811#configure Terminal

Cisco2811 (config) #interface Ethernet 1/0 into the Ethernet 1/0 interface (the port is connected directly to the Internet)

Cisco2811 (config-if) #ip address 58.240.160.2 255.255.255.240 set Port IP

Here you can use any one of the 58.240.160.2-14 addresses, where you use 2

Cisco2811 (config-if) #ip Nat outside sets the external interface for which the port is a NAT address map

Cisco2811 (config-if) #full-duplex Set port duplex mode to full duplex

Cisco2811 (config-if) #no shutdown enable port

Cisco2811 (config-if) #interface Ethernet 1/1 into the Ethernet 1/1 interface (the port is internal network)

Cisco2811 (config-if) #ip address 192.168.1.1 255.255.255.0 set Port IP

Cisco2811 (config-if) #ip nat inside sets the internal interface for which the port is a NAT address map

Cisco2811 (config-if) #full-duplex Set port duplex mode to full duplex

Cisco2811 (config-if) #no shutdown enable port

Cisco2811 (config-if) #exit

//Set the release IP address below to access the extranet list

Cisco2811 (config) #no access-list 1 First remove the access control list from the factory State 1

Cisco2811 (config) #access-list 1 Permit host 192.168.1.10 allow a single host to access

Cisco2811 (config) #access-list 1 Permit host 192.168.1.11

Cisco2811 (config) #access-list 1 Permit host 192.168.1.12

Cisco2811 (config) #access-list 1 Permit host 192.168.1.13

Cisco2811 (config) #access-list 1 Permit host 192.168.1.14

Cisco2811 (config) #access-list 1 Permit host 192.168.1.15

Cisco2811 (config) #access-list 1 Permit host 192.168.1.16

Cisco2811 (config) #access-list 1 Permit host 192.168.1.17

Cisco2811 (config) #access-list 1 Permit host 192.168.1.18

Cisco2811 (config) #access-list 1 Permit host 192.168.1.18

Cisco2811 (config) #access-list 1 Permit host 192.168.1.19

Cisco2811 (config) #access-list 1 Permit host 192.168.1.20

If you need to allow a network segment Access command: Access-list 1 permit 192.168.1.0 0.0.0.255

Allow 192.168.1.0/24 Network segment access

Cisco2811 (config) # ip nat Pool intoout 58.240.160.2 58.240.160.14 netmask 255.255.255.240

Defines the IP address of the public network from the ISP provider, where a NAT address pool is defined, named "Natout", and the IP address (58.240.160.2 to 58.240.160.14) defined in the address pool will be selected by the user of the intranet. available extranet IP for Internet access. If the ISP has given only one IP address (such as 58.240.160.2), then this can be written as "IP nat pool natout 58.240.160.2 58.240.160.2 netmask 255.255.255.240"

Cisco2811 (config) #ip nat inside source list 1 pool intoout overload

Bind the Access Control List 1 to the address pool ' intoout '. This means that all the hosts in the "192.168.1.10-192.168.20" will be converted to "58.240.160.2-58.240.160.14" when they surf the internet.

Any one of the external network addresses. The following "overload" means that if there are more addresses defined in the address pool (such as the original 10 users of the Internet, their respective network address is 58.240.160.2, 58.240.160.3, 58.240.160.4, 58.240.160.5, 58.240.160.6, 58.240.160.7, 58.240.160.8, 58.240.160.9, 58.240.160.10, 58.240.160.11). If now suddenly there are more than 30 users online, which is to follow the above command to perform a task, that is, to allow multiple intranet users to use the same extranet address, if there are many users need Sisu network must add overload command, otherwise it will only allow the number of public IP address users to surf the Internet.

Cisco2811 (config) #ip Route 0.0.0.0 0.0.0.0 58.240.160.1

Set the default gateway, that is, the gateway address for the extranet IP address is the next-hop address. This configuration will allow the Internet, but the client must set a fixed IP, configure DNS, if not configured, because the DHCP service is not turned on, so you must set a fixed IP.

This configuration is required when DHCP is turned on:

Cisco2811 (config) #ip DHCP pool dhcp-test define a DHCP address pool name

Cisco2811 (dhcp-config) #network 192.168.1.0 defines the network address range for the DHCP address pool

Cisco2811 (dhcp-config) #default-router 192.168.1.1 Set default route (i.e. Gateway)

Cisco2811 (dhcp-config) #dns-server 221.6.4.66 Set the DNS address (here is the mobile DNS address)

Cisco2811 (dhcp-config) #ip DHCP excluded-address 192.168.1.1 DHCP dynamic address pool needs to remove the address of the gateway, otherwise the gateway address will also be dynamically allocated, resulting in a conflict.

* If there is no IP limit, that is, the entire subnet is simple to surf the internet, delete the Access-list 1 permit host 192.168.1.10 to Access-list 1 permit host 192.168.1.20

Add access-list 1 Permit 192.168.1.0 0.0.0.255 on the go.


PPPoE dial-up Internet configuration:

To set up PPPoE Internet, the configuration of the Ethernet interface LAN is not changed, and the configuration and access control list of the external network Port WAN needs to be changed .

Increase the configuration of the VPDN. Assuming the username is admin, password 123456, the configuration process is as follows:

This case is XX Telecom ADSL PPPoE access, need to use a common ADSL modem and a Cisco 2600 router (dual Ethernet port), IOS 12.2 (), can realize LAN sharing Internet.


  This case configuration is divided into 7 steps:


 First Step: Configure VPDN

VPDN enable (Virtual private dial-up network with router enabled--VPND)

Vpdn-group Office (establish a VPDN group, named Office)

Request-dialin (Initializes a VPND tunnel, establishes a VPDN subgroup that requests dial-in,)

Protocol PPPoE (VPDN sub-group uses PPPoE to establish a session tunnel)


Step Two: Configure the interface of the router to connect to the ADSL modem (that is, the port connecting the ISP vendor device)

Interface ethernet1/0 (External network interface)

No IP address

PPPoE enable allows Ethernet interface to run PPPoE

Pppoe-client Dial-pool-number 1 joins a PPPoE dial-up client for an Ethernet interface to a dial-up pool 1


  Step Three: Configure the logical dial-up interface:

Interface Dialer1

IP address negotiated previous auto-negotiate to get IP addresses (or IP addresses dynamically negotiated from the ADSL service provider )

IP NAT outside enable NAT for this interface

Encapsulation PPP encapsulates PPP protocol for this interface

Dialer Pool 1 This interface dials with dialing pool number 1th

Dialer-group 1 This interface dials with the number 1th dial-up pool group, corresponding to the number of the dial pool

PPP authentication PAP callin enable PPP pap authentication name is Callin

PPP pap sent-username admin password 0 123456 use the username and password that you have requested (0 for the secret

Encryption level of code is 0, that is, no password encryption, a total of 0-7 levels)


 Fourth Step: Configure the Internal network interface

Interface Ethernet 1/1 (Internal network interface)

IP address 192.168.1.1 255.255.255.0

IP nat inside enable NAT for this interface


  Fifth Step: Configure the router to provide DHCP services for internal network hosts

IP dhcp excluded-address 192.168.1.1 The IP is not assigned by DHCP

IP DHCP pool dhcp-test Configure DHCP address pool

Import all (importing DNS and WINS server)

Network 192.168.1.0 255.255.255.0 IP address range for the DHCP address pool

Default-router 192.168.1.1 Set default route (that is, Gateway)


  Sixth step: Configure NAT:

Access-list 1 Permit 10.1.1.0 0.0.0.255 Setting the range of IP addresses allowed to access the extranet

IP nat inside source List 1 interface Dialer 1 overload set NAT address translation from IP

and egress port, List 1 is defined by ACL list for source allowed IP Access, Interface dialer 1 for intranet access

The egress port of the external network. Overload that the public network IP can be reused to ensure that all intranet IP can access the public network.


Seventh Step: Configure the default route

IP Route 0.0.0.0 0.0.0.0 Dialer1



This article is from the "Learn Linux history" blog, please be sure to keep this source http://woyaoxuelinux.blog.51cto.com/5663865/1978944

Cisco routing configuration: Cisco routing configuration via fixed IP or dial-up internet

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.