05-24-2024 10:10 PM
Hello Team,
I currently have the following setup:
An ISP router configured in bridge mode that provides internet to my Cisco router via LAN 4. Cisco router is configured with a DHCP server for IP addressing.
I'd like to modify this configuration in order to:
To achieve this, I guess I need to remove the configured username and password from my Cisco router, right? How can I proceed with these changes to allow the Cisco router to accept the internet connection directly from the ISP router? Or any other source of internet? And what effects does this change have? Will it affect speeds and from a security standpoint?
Thank you for your assistance.
05-24-2024 10:36 PM
Hello @Antonnifo ,
can you provide the configuration of your Cisco router in order to understand how we can help.
05-25-2024 04:11 AM
Hello, what do you mean, or what commands do I need to run and share output?
05-25-2024 04:16 AM
show running-config
05-27-2024 06:04 AM
Building configuration...
Current configuration : 3449 bytes
!
! No configuration change since last restart
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname {placeholder for name}
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 $1$4izI$GSWITAjOWlYc4SBGhPemz.
!
no aaa new-model
memory-size iomem 10
clock timezone EAT 3 0
crypto pki token default removal timeout 0
!
!
no ip source-route
!
!
!
!
!
ip domain name name.local
ip name-server 8.8.8.8
ip name-server 1.1.1.1
ip cef
login block-for 120 attempts 5 within 60
login quiet-mode access-class 101
login on-failure log
login on-success log
ipv6 unicast-routing
ipv6 cef
!
!
license udi pid CISCO881-K9 sn FCZ1549C1XQ
license accept end user agreement
license boot module c880-data level advsecurity
!
!
username router privilege 15 password 7 15200419102325236813
!
!
!
!
!
ip ssh version 2
!
!
!
!
!
!
!
!
!
interface FastEthernet0
no ip address
!
interface FastEthernet1
no ip address
!
interface FastEthernet2
no ip address
!
interface FastEthernet3
no ip address
!
interface FastEthernet4
description DSL interface
no ip address
load-interval 30
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
!
interface Vlan1
description CORPORATE LAN
ip address 192.168.123.254 255.255.255.0
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1452
ipv6 enable
!
interface Dialer1
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1492
ip nat outside
ip virtual-reassembly in
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
ppp authentication chap pap callin
ppp chap hostname 1179302@gpon
ppp chap password 7 123E15471C341B0C2128222D616470382326262C7D
ppp pap sent-username 1179302@gpon password 7 052C165F2F73590112061117595D5601 0F140D1E1E
no cdp enable
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
ip nat inside source list 102 interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer1
!
!
access-list 101 permit ip 192.168.123.0 0.0.0.255 any
access-list 102 permit ip 192.168.123.0 0.0.0.255 any
05-27-2024 07:30 AM
What you meaning bridge ?
Can you more elaborate
MHM
05-27-2024 08:00 AM
If meaning pppoe is bridge not it not bridge.
Anyway if you want to disable pppoe then do
interface FastEthernet4
description DSL interface
no ip address<- this need to be ip add dhcp
Ip nat outside
load-interval 30
duplex auto
speed auto
pppoe enable group global <- this must remove
pppoe-client dial-pool-number 1 <- this must remove
!
ip nat inside source list 102 interface fa4 overload
ip route 0.0.0.0 0.0.0.0 fa4 <- this not need if ISP send defualt gw route' check show ip route to confirm that
That all waht you need
Note:- if your router not get IP from ISP contact them ask the client-id format they need
MHM
05-27-2024 07:50 AM
Hello,
if the ISP router is in routed mode, you will need to remove all the authentication stuff as well as the dialer interface. The config would be like this:
Building configuration...
Current configuration : 3449 bytes
!
! No configuration change since last restart
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname {placeholder for name}
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 $1$4izI$GSWITAjOWlYc4SBGhPemz.
!
no aaa new-model
memory-size iomem 10
clock timezone EAT 3 0
crypto pki token default removal timeout 0
!
!
no ip source-route
!
!
!
!
!
ip domain name name.local
ip cef
login block-for 120 attempts 5 within 60
login quiet-mode access-class 101
login on-failure log
login on-success log
ipv6 unicast-routing
ipv6 cef
!
license udi pid CISCO881-K9 sn FCZ1549C1XQ
license accept end user agreement
license boot module c880-data level advsecurity
!
username router privilege 15 password 7 15200419102325236813
!
ip ssh version 2
!
interface FastEthernet0
no ip address
!
interface FastEthernet1
no ip address
!
interface FastEthernet2
no ip address
!
interface FastEthernet3
no ip address
!
interface FastEthernet4
description DSL interface
ip address dhcp
ip nat outside
load-interval 30
duplex auto
speed auto
!
interface Vlan1
description CORPORATE LAN
ip address 192.168.123.254 255.255.255.0
ip nat inside
no ip unreachables
no ip proxy-arp
ip virtual-reassembly in
ip tcp adjust-mss 1452
ipv6 enable
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 FastEthernet4
!
ip nat inside source list 101 interface FastEthernet4 overload
!
access-list 101 permit ip 192.168.123.0 0.0.0.255 any
05-27-2024 08:18 AM
Converting the ISP router back to routed mode means that it will terminate the PPPoE connection - you will have to configure the username/password combination used on your Cisco 881 router.
The ISP router will most probably do NAT for the LAN subnet - the one you will use to connect to the Cisco 881 router in interface FastEthernet4. This is important because you can remove the NAT configuration from your Cisco 881 router.
Hope this helps.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide