Cisco networking guru needed :)

[Jonny1*2]

Anyone got a config I can load direct onto my 877w router to run it? Set up at the moment is virgin cable, plugged into the modem via cat5. I'm still learning with this stuff, but ccent doesn't cover wireless config. Any help would be appreciated

 

[Cliotoby]

Is there not a portable command guide for that piece of legacy s**t?

Surely its easy enough just to run a few lines through the CLI (I assume it is cli?)

 

[Jonny1*2]

CLI isn't functioning properly on my comp for some reason. Java issues

 

[Adam.]

Teratermpro + console cable?

 

[Jonny1*2]

Teratermpro + console cable?

Yeah that works via console and tcp, but it's the configuration I'm after

 

[Cliotoby]

I dont know what you want configuring?

Crack some lines of code out or find configs on google. If youre learning, it will be good for you.

PS. Do CCNA not ccent. I only worked on arionets and some shitty linksys adsl routers in ccna.

 

[182Pete]

I can build you a config and create a NAT overload to the external interface which receives your public IP address via DHCP from the cable modem.

If you have advanced IP services software then I can setup the stateful firewall aswell.

As I'm a consultant it does cost though

 

[182Pete]

Is there not a portable command guide for that piece of legacy s**t?

Surely its easy enough just to run a few lines through the CLI (I assume it is cli?)

The 877w isn't a legacy router, it's still fully support by Cisco and is part of the ISR range of products.

 

[SamP]

Give us a shout if you get stuck as I should be able to make one up when im back home.

 

[Jonny1*2]

basically guys, I bought this to setup my lab. Problem is cisco do wireless routing on a completely seperate course and i've searched google/cisco for setup configs with no luck. To be honest it's a bit over kill for my house, but it's a great bit of kit, so instead of selling it i'd like to try and use it really. Plus my netgear basic one is s**t! I'm just after a simple config which is passworded so I can get rid of the netgear router. I'm learning guys so go easy.

Thanks for the offer Pete, but if it came to paying i'd probably sell it

 

[Dafthead]

Here's one off an 877w from work, sensitive info omitted obviously!


Current configuration : 2401 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname XXXX
!
boot-start-marker
boot-end-marker
!
enable secret 5 XXXXXXXX
!
no aaa new-model
!
!
dot11 syslog
!
dot11 ssid ML
vlan 1
authentication open
guest-mode
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address XXXXXXXXXXX
!
ip dhcp pool USERS
import all
network XXXXXXXXXXX
default-router XXXXXXXXXXX
dns-server XXXXXXXXXXX
lease 2
!
!
!
!
!
!
!
archive
log config
hidekeys
!
!
bridge irb
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
dsl operating-mode auto
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
no ip address
!
encryption vlan 1 key 1 size 40bit 7 XXXXXXXXXXX transmit-key
encryption vlan 1 mode wep mandatory
!
ssid ML
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no cdp enable
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Vlan1
description USER
no ip address
bridge-group 1
bridge-group 1 spanning-disabled
!
interface Dialer1
ip address negotiated
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname XXXXXXXXXXX
ppp chap password 7 XXXXXXXXXXX
ppp pap sent-username XXXXXXXXXXX password 7 XXXXXXXXXXX
ppp ipcp dns request
ppp ipcp wins request
hold-queue 224 in
!
interface BVI1
description virtual bridge
ip address XXXXXXXXXXX secondary
ip address XXXXXXXXXXX
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1
!
ip http server
no ip http secure-server
!
dialer-list 1 protocol ip permit
no cdp run
!
!
!
control-plane
!
bridge 1 route ip
!
line con 0
exec-timeout 0 0
password 7 XXXXXXXXXXX
login
no modem enable
line aux 0
line vty 0 4
password 7 XXXXXXXXXXX
login
!
scheduler max-task-time 5000
end

 

[Dafthead]

Yes I know it's WEP, will have a word with the engineer who set it up on Monday!

 

[Longy]

Just use the CCP? It has a wireless section.

 

[KDF]

Here is a config I wrote for my work.

it transmits two SSID's - "Company" and "Company-Guest"
It is configured for our Virgin ADSL backup line
It uses wpa2
It uses RADIUS to authenticate wireless connections on "Company" but WPA2 to authenticate connections to "Crummock-Guest" (you wont be able to do this unless you have a RADIUS server)
It uses multiple VLAN's
It has two DHCP pools depending on which SSID the user connects to
All sensitive data replaced with "xxxxxxxxxxxxxxxx"

!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Company
!
boot-start-marker
boot-end-marker
!
enable secret 5 xxxxxxxxxxxxx
!
aaa new-model
!
!
aaa group server radius rad_eap
 server xxx.xxx.xxx.xxx auth-port 1645 acct-port 1646
!
aaa authentication login default local
aaa authentication login eap_methods group rad_eap
!
!
aaa session-id common
!
!
dot11 syslog
!
dot11 ssid Company
   vlan 1
   authentication open eap eap_methods
   authentication network-eap eap_methods
   authentication key-management wpa
   mbssid guest-mode
!
dot11 ssid Company-Guest
   vlan 2
   authentication open
   authentication key-management wpa
   mbssid guest-mode
   wpa-psk ascii 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.3.254
ip dhcp excluded-address 192.168.4.254
!
ip dhcp pool employee
   import all
   network 192.168.3.0 255.255.255.0
   default-router 192.168.3.254
   domain-name xxxxxxxxxxx.com
!
ip dhcp pool guest
   import all
   network 192.168.4.0 255.255.255.0
   default-router 192.168.4.254
   domain-name xxxxxxxx.com
!
!
no ip domain lookup
ip domain name xxxxxxxxxx.com
!
!
!
username admin password 7 xxxxxxxxxxxxxxxxxxx
!
!
archive
 log config
  hidekeys
!
!
!
bridge irb
!
!
interface ATM0
 no ip address
 no ip mroute-cache
 atm vc-per-vp 64
 no atm ilmi-keepalive
 pvc 0/38
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
 !
 dsl operating-mode auto
 hold-queue 224 in
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
 no ip address
 ip nat inside
 ip virtual-reassembly
 !
 encryption vlan 2 mode ciphers tkip
 !
 encryption vlan 1 mode ciphers tkip
 !
 ssid Company
 !
 ssid Company-Guest
 !
 mbssid
 speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
 station-role root
!
interface Dot11Radio0.1
 encapsulation dot1Q 1 native
 ip virtual-reassembly
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
interface Dot11Radio0.2
 encapsulation dot1Q 2
 ip address 192.168.4.254 255.255.255.0
 ip nat inside
 ip virtual-reassembly
!
interface Vlan1
 no ip address
 ip nat inside
 ip virtual-reassembly
 no ip route-cache cef
 no ip route-cache
 no ip mroute-cache
 bridge-group 1
!
interface Vlan2
 no ip address
 ip nat inside
 ip virtual-reassembly
 no ip mroute-cache
!
interface Dialer1
 ip address negotiated
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 ppp authentication chap pap callin
 ppp chap hostname xxxxxxxxxxxxx@adsl.virgin.net
 ppp chap password 7 xxxxxxxxxxxxxxxxxxxxxxx
 ppp pap sent-username xxxxxxxxxxxxxx@adsl.virgin.net password 7 xxxxxxxxxxxxxxxxxxxxx
 ppp ipcp dns request
 ppp ipcp wins request
 hold-queue 224 in
!
interface BVI1
 ip address 192.168.3.254 255.255.255.0
 ip nat inside
 ip virtual-reassembly
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1
!
no ip http server
no ip http secure-server
ip dns server
ip nat inside source list 7 interface Dialer1 overload
!
access-list 7 permit any
access-list 10 permit 192.168.3.0 0.0.0.255
dialer-list 1 protocol ip permit
!
!
radius-server host xxx.xxx.xxx.xxx auth-port 1645 acct-port 1646 key 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
!
line con 0
 password 7 xxxxxxxxxxxxxxxxxxxxxx
 no modem enable
line aux 0
 password 7 xxxxxxxxxxxxxxxxxxxxxx
line vty 0 4
 password 7 xxxxxxxxxxxxxxxxxxxxxx
 transport input telnet
!
scheduler max-task-time 5000
end

Have fun

 

[Jonny1*2]

Thanks guys, hopefully I can translate all that and work it out Presumably I can just take the DHCP setting direct from my current wireless? or would it be best to get the router to find them automatically?

 

[182Pete]

Use CCP (Cisco Configuation Professional) if you are not good with Cisco IOS

It's the replacement for Cisco SDM (Cisco Device Manager) and wil allow you to configure the router from a GUI.

 

[Jonny1*2]

I tried SDM, but constantly got java issues. Even when I restored java to an earlier version. Strange one. I tried putting it down to vista, but it does it on xp too.booo. I've also tried CCP, but could get it to work. It playing funny buggers at the moment. Just went in via SSH, it logs me in, but won't let me enable. Wierd. Somethings not right on it. I might do a full factory reset and start a fresh.

 

[Longy]

You normal have to install CCP onto the router, don't use SDM as it's a nightmare getting it to work with the right java version.

 

[182Pete]

Cisco have never been any good at developing a decent GUI manager. The Cisco ASDM manager for the FWSM and ASA Firewalls are no better...

You should also consider learning how to configure Juniper routers. They have pulled ahead of Cisco as JUNOS is much nicer to scale and configure. The hardware is more efficient than the monolithic design of Cisco IOS and NX-OS kit.

People with Juniper skills are becoming more and more sought after in the networking field and there is a shortage of skills out there.