Monday, April 21, 2008

SOHO router configuration - Ciscopedia

SOHO router configuration - Ciscopedia (wiki.ioshints.info)
... sample SOHO router configuration

Logging and timezones
Global IP routing, DHCP and other services
Content-based Access Control
Global PPPoE commands
Interfaces (eth, vlan, dialer)
DNS server
Network Address Translation
Access lists and route maps
NTP configuration
Line configuration


version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname SOHO-firewall
!
logging buffered 128000
logging persistent url flash:/
no logging console
enable secret *****
!
clock timezone CET 1
clock summer-time CDT recurring last Sun Mar 2:00 last Sun Oct 3:00
!
no ip source-route
!
ip cef
!
ip dhcp pool DHCP
   network 192.168.200.192 255.255.255.240
   default-router 192.168.200.193
   dns-server 192.168.200.193
!
ip domain timeout 2
ip domain name mydomain.com
!
ip inspect name FW ftp
ip inspect name FW fragment maximum 256 timeout 1
ip inspect name FW icmp router-traffic
ip inspect name FW udp router-traffic
ip inspect name FW tcp router-traffic
!
multilink bundle-name authenticated
vpdn enable
!
vpdn-group 1
 request-dialin
  protocol pppoe
 l2tp tunnel receive-window 256
!
ip ftp source-interface Vlan1
!
bba-group pppoe global
!
interface FastEthernet0
 description outside LAN
 no ip address
 ip virtual-reassembly
 duplex auto
 speed auto
 pppoe enable group global
 pppoe-client dial-pool-number 3
!
interface Vlan1
 ip address 192.168.200.193 255.255.255.240
 ip nat inside
 ip virtual-reassembly
 load-interval 30
!
interface Dialer3
 description ADSL Uplink
 ip address negotiated
 ip access-group FW in
 ip mtu 1492
 ip nat outside
 ip inspect FW out
 ip virtual-reassembly
 encapsulation ppp
 ip tcp adjust-mss 1400
 dialer pool 3
 dialer-group 1
 no cdp enable
 ppp authentication chap callin
 ppp chap hostname *****
 ppp chap password *****
 ppp ipcp dns request accept
!
ip route 0.0.0.0 0.0.0.0 Dialer3
!
ip dns view default
 domain timeout 2
 domain resolver source-interface Vlan1
 dns forwarder 208.67.220.220
 dns forwarder 208.67.222.222
 dns forwarding source-interface Vlan1
ip dns server
!
ip nat inside source route-map Dialer3 interface Dialer3 overload
!
ip access-list extended FW
 permit icmp any any
 permit udp host 129.132.97.15 eq ntp any
 deny   ip any any log
!
access-list 199 permit ip any any
dialer-list 1 protocol ip list 199
!
route-map Dialer3 permit 10
 match interface Dialer3
!
ntp logging
ntp server 129.132.97.15 prefer
!
line con 0
 login
 password *****
line vty 0 4
 password ****
 login
 access-class 90 in
 transport input telnet ssh
!
end
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)