Hi There,Thanks for your

raghavbhardwaj · ‎12-11-2014

Hi! I have to configure a new router with a static route. No routing protocol will be used. I just have to set default route on it and NAT. My senior Network Engineer has asked me to configure this router. There's an apartment where our Overseas employees stay, earlier this apartment had a broadband connection which was further divided through the APs(Cisco Wireless Access Points) and made usable to around 20 users. Now, they have bought in their own lease line and I have to configure this router. We just have to connect it with the ISP using Ethernet (not serial link). I would be so so grateful if you can just type in complete configuration for this. Thanks a ton in advance!

Zach Smith · ‎12-11-2014

This is going to take some more question/answer but this will get you started.

Your ISP for the new circuit should provide you with the IP information for the router. For example sake lets assume you are given 1.2.3.5 255.255.255.252 as your IP information. They also give you 1.2.3.6 as the gateway for your router. And assuming your LAN network is 10.10.10.0/24. And I think the 2800's are fast Ethernet and not gig..can't remember. So this part may be different.

config t

clock timezone EST -5 0

clock summer-time EDT recurring

service password-encryption

service timestamps debug datetime localtime show-timezone msec

service timestamps log datetime localtime show-timezone msec

username me priv 15 password 0 mypassword

enable secret 0 somepassword

interface fa0/0

ip address 1.2.3.5 255.255.255.252

no shut

no ip redirects

no ip unreachables

ip nat outside

!

interface fa0/1

ip address 10.10.10.1 255.255.255.0

no shut

no ip redirects

no ip unreachables

ip nat inside

!

access-list 100 remark **Internal NAT Pool**

access-list 100 permit ip 10.10.10.0 0.0.0.255 any

ip nat inside source list 100 interface fast 0/0 overload

ip route 0.0.0.0 0.0.0.0 1.2.3.6

banner login ^

##Authorized access only. Unauthorized access is prohibited. Contact 555-555-5555 for help.##^

line con0

logging synchronous

password 0 somepassword

!

ntp server yourdomaincontrollerIP

Zach Smith · ‎12-11-2014

Just a little caveat to the above. This is VERY basic config. I'd need to know more about your objectives to get something better. This will get your started though with basic connectivity.

is your router running DHCP? If so you may want to add this as well.

ip dhcp excluded-address 10.10.10.1 10.10.10.10
!
ip dhcp pool 10-LAN
network 10.10.10.0/24
default-router 10.10.10.1
domain-name yourdomain.local
dns-server yourdomaincontrollerIP
!

raghavbhardwaj · ‎12-15-2014

Hi There,

Thanks for your great help!

Below is the final template which my NE provided me:

Now I have to configure this router and then further need to connect various workstations with the same network. Please let me know what needs to be done further.

Thanks!

Configuration:::

service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
!
ip domain-name CVT.net
!
logging buffered 128000 informational
logging console errors
logging monitor notifications

!
no aaa new-model
clock timezone IST 5 30
!
!
ip cef
!
!
no ip domain lookup

!
!
!
username aptadmin secret
enable secret
!
!
crypto key generate rsa

ip ssh time-out 60
ip ssh authentication-retries 2
ip ssh version 2
!
!
!
!
service dhcp
!
ip dhcp pool LAN-POOL
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 8.8.8.8 4.2.2.2
domain-name CVT.net
lease 1
!
!
interface FastEthernet0/0
description *********Spectranet WAN*********
ip address x.x.x.x 255.255.255.252
load-interval 30
duplex full
speed 100
ntp disable
no cdp enable
!
interface FastEthernet0/1
description Connect to LAN
ip address 192.168.1.0 255.255.255.0
no ip redirects
duplex auto
speed auto
ntp disable
!
!
ip forward-protocol nd
!
no ip http server
no ip https server
!
!
!
control-plane
!
!
!
!
banner exec $
-------------------------------------------------------------------------------
Network Provided by CVT
-------------------------------------------------------------------------------

This system is restricted to authorized individuals. Unauthorized access is a
criminal violation of the law and is subject to prosecution. Please disconnect
if you are not an authorized individual. Otherwise, you will be prosecuted
to the full extent of State and Federal law.
All connections and changes are logged.

************** Warning - Warning - Warning **************
-------------------------------------------------------------------------------
$
banner login $
-----------------------------------------------------------------
Authorized Associates only! Please disconnect your connection if
you are not an authorized Associate. Otherwise, you will be
prosecuted to the full extent of State and Federal law.
-----------------------------------------------------------------
All connections and changes are logged.
-----------------------------------------------------------------
$
!
line con 0
exec-timeout 15 0
password 7
login local
line aux 0
exec-timeout 15 0
password 7 C@pt
login local
line vty 0 4
access-class 50 in
exec-timeout 5 0
login local
transport preferred ssh
transport input ssh
line vty 5 15
access-class 50 in
exec-timeout 5 0
login local
transport preferred ssh
transport input ssh
!
!
end

Please help me in configuring a Cisco 2800 series router!