cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
624
Views
25
Helpful
7
Replies

Editing Cisco Config to match new ISP?

SynthesisIT
Beginner
Beginner

We currently have two Cisco 1841 routers in two different locations, connected via site-to-site vpn. In one of our locations we just changed ISP, however how do I go about updating the running configs? My thoughts are to edit the config of the location we switched ISP via notepad, updating the wan interface to match the new static IP and then change the vpn configuration tunnel's "source" info to match with the new ISP static IP. Update any IP line associated with the old ISP to match the new ISP. Once I make the necessary changes in the notepad, just copy it over to the Cisco router and then copy/write it into the flash. And of course update the vpn destination config in the other location. Make any DNS changes. That should get everything up and running? Sorry, I am new to Cisco equipment. Any help will be appreciated! 

7 Replies 7

balaji.bandi
VIP Community Legend VIP Community Legend
VIP Community Legend

If you are changing the ISP, you need to change the respective interface config to reflect with NEW ISP addres, suggest to change access the device with local access. also change VPN Peer address other side to connect to new IP, change any NAT involved with OLD IP to new IP address and routing.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Okay thank you. And just to make sure, once I have done the necessary changes to the config file in the site that we changed the ISP, just copy the new config to the Cisco router via the terminal window (ssh). Is there any specific command I need to type to initiate this?

you can to SSH using Lan side not from VPN Interface, since you changing that IP address.

 

you only chaning the ISP new IP address - make sure yu take the configuration out of the box for reference .

 

its IP change based on the what configured, so its standard config change.

 

if you like us to asists that, please provide full config and new IP addresds we can able to help.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

I attached the current config file 

Thanks for sharing the config. If you are changing the configuration located from Lan side you will be fine and change the configuration.

if you are changing the config WAN side bit tricky. please confirm how your intention to change.

 

i believe you looking to change :

 

interface FastEthernet0/0
description WAN
bandwidth 2500
ip address 207.239.50.23 255.255.255.252

 

Also observed you have NAT and static routes here, require clarification which one your 

 

ip route 0.0.0.0 0.0.0.0 207.239.116.129
ip route 0.0.0.0 0.0.0.0 207.239.49.22

 

you also required some bit groundwork on some IP address was natted static? is this from ISP IP address?

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Thanks, those are old static routes. I don't think we need those anymore. I was able to change the wan interface and the tunnel0, which is the vpn. I changed the source ip and the destination IP. I made the change to the other router as well. But the vpn tunnel is down. It says tunnel is up, but line protocol is down.  Do I have to add static ip routes to reflect the new WAN address, on both ends? 

MrJake
Beginner
Beginner

The problem is you can not change the ip and default route at the same time in one shot. The way I go around changing ip of a wan interface without getting locked out is having 2 sources to come from. You can add a static route to destination B which is your second ip you can come from and then once that route points to the new gateway you change the ip of your wan interface and you will lose ssh connection. then you reconnect from source B and change the default route for new gateway and you should be able to reconnect from source A. then you make all the changes you need to do and you should be fine. Just a note on that, be sure that both source A and B ip address are in your access-list protecting the router for ssh connections.

 

Hope this helps

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: