Add to collection(s) Add to saved
  1. Science
  2. Biology
  3. Virology

The Secure Router is directly connected to the ADSL interface

advertisement 
The Secure Router is directly connected to the ADSL interface without any ADSL modem.
Note that multiple layers are implied:
- Layer 1 (Physical) is ADSL (int ADSL 1/1)
- Layer 2 (Link Layer) is ATM (int ATM 1). We bind it to ADSL 1
- Layer 2-1 On top of ATM, the adaptation layer (AAL5MUX or AAL5SNAP)
define how frames are converted into ATM cells.
In ATM, data is sent on a Permanent Virtual Circuit (PVC) defined with
its VPI / VCI. The PVC is bound to the Point to point ATM sub-interface named ATM 1.1.
- Layer 2-2 is the PPP Layer defined in the logical interface PPP 1 that used PPPOA
- Layer 3 is IP
Note: once an IP address and a password have been setup, most of this configuration can easily
be created using the Web interface and its Firewall wizard. To beginners it will ease configuration,
to experts it will speed the configuration process.
hostname "ADSL-Router"
ip routing
A) ADSL – PPPoA configuration
B)
Enable Firewall
! Enable Firewall – Requires defining Access Policy
! Access Policy defines NAT and Filters
ip firewall
DHCP Server for LAN
! Define DHCP service for the LAN in the 192.168.1.0 range
ip dhcp-server pool "pool-for-lan"
network 192.168.1.0 255.255.255.0
! Following given by the provider
domain-name "wanadoo.fr"
dns-server 193.252.19.4 193.252.19.3
netbios-node-type h-node
default-router 192.168.1.1
lease 1
The LAN Interface.
interface eth 0/1
ip address 192.168.1.1 255.255.255.0
! Inbound traffic is NATed as defined in the Access-policy FROM-LAN
access-policy FROM-LAN
no shutdown
interface eth 0/2
no ip address
shutdown
The WAN physical interface = ADSL
interface adsl 1/1
! ADSL interface auto detects ADSL mode: G.dmt, G-LITE, T1.413…
training-mode multi-mode
no shutdown
ATM is the encapsulation of the ADSL interface
! Traffic is sent in cells
interface atm 1 point-to-point
no shutdown
! We bind ATM interface (logical) to ADSL interface (physical)
! Note that encapsulation is aal5mux by default. The other choice is aal5snap
! Provider provides the info
bind 1 adsl 1/1 atm 1
ATM PVC (Permanent Virtual Circuit)
! This PVC is bound to a point to point ATM interface
interface atm 1.1 point-to-point
no shutdown
! Provider tells you what VPI/VCI (id of the PVC) to use.
! You can’t guess but you can find on Internet other examples of config
pvc 8/35
no ip address
PPP interface
interface ppp 1
! ip address is negotiated via PPP with provider’s router
ip address negotiated
no fair-queue
! Authentication: credentials are sent using PAP or CHAP
! For PAP, use ppp pap sent-username… command
! If you don’t know what protocol to use, chose either PAP or CHAP and start
! “debug ppp authentication” to check what is required by ISP
ppp chap hostname id-given-by-isp
ppp chap password pw-given-by-isp
no shutdown
! We bind the ppp interface to the ATM 1.1
bind 2 atm 1.1 ppp 1
ACL selects the traffic to be NATed
ip access-list extended lan-acl
remark used for Nat
permit ip any any
Policy-class
! It translates the Private IP source addresses (NAT) of the traffic
! of the LAN into the Public IP address of the PPP interface
ip policy-class FROM-LAN
nat source list lan-acl interface ppp 1 overload
(skip)
end
The Secure Router is directly connected to the ADSL interface without any ADSL modem.
Note that multiple layers are implied:
- Layer 1 (Physical) is ADSL (int ADSL 1/1)
- Layer 2 (Link Layer) is ATM (int ATM 1). We bind it to ADSL 1
- Layer 2-1 On top of ATM, the adaptation layer (AAL5MUX or AAL5SNAP)
define how frames are converted into ATM cells.
In ATM, data is sent on a Permanent Virtual Circuit (PVC) defined with
its VPI / VCI. The PVC is bound to the Point to point ATM sub-interface named ATM 1.1.
RFC 1483 or Routed IP over ATM mode is used
- Layer 3 is IP and is defined in the ATM 1.1 subinterface
Note: once an IP address and a password have been setup, most of this configuration can easily
be created using the Web interface and its Firewall wizard. To beginners it will ease configuration,
to experts it will speed the configuration process.
A) ADSL – IPoA configuration
hostname "Secure-Router"
ip routing
Enable Firewall
! Enable Firewall – Requires defining Access Policy
! Access Policy defines NAT and Filters
ip firewall
DNS, DHCP service and pool
! Define DHCP service for the LAN in the 192.168.1.0 range
! Router is defines as the Default-gateway and DNS-server
ip dhcp-server pool "pool-for-lan"
network 192.168.1.0 255.255.255.0
dns-server 193.252.19.4 193.252.19.3
netbios-node-type h-node
default-router 192.168.1.1
lease 1
The LAN Interface
interface eth 0/1
ip address 192.168.1.1 255.255.255.0
! Inbound traffic is NATed as defined in the Access-policy FROM-LAN
access-policy FROM-LAN
no shutdown
interface eth 0/2
no ip address
shutdown
The WAN physical interface = ADSL
interface adsl 1/1
! Auto detects ADSL mode: G.dmt, G-LITE, T1.413…
training-mode multi-mode
no shutdown
ATM is the encapsulation of the ADSL interface
! Traffic is sent in cells
interface atm 1 point-to-point
no shutdown
! We bind ATM interface (logical) to ADSL interface (physical)
! Provider provides the info
bind 1 adsl 1/1 atm 1
ATM PVC (Permanent Virtual Circuit)
! This PVC is bound to a point to point ATM interface
interface atm 1.1 point-to-point
no shutdown
! Provider defines what VPI/VCI (id of the PVC) to use.
pvc 8/36
! Following command defines Adaptation Layer and Routed IP over ATM option
encapsulation aal5mux ip
! IP address is typically obtained via DHCP.
! Note that your ISP may provide a permanent address via DHCP
ip address dhcp
ACL to define IP range from which the Secure Router can be managed
ip access-list standard manage-rtr
permit 192.168.1.0 0.0.0.255
ACL to define the traffic to be NATed
ip access-list extended lan-acl
remark used for Nat
permit ip any any
The Access Policy applied to the LAN Interface:
- first lets ip packets destined to internal IP stack to manage the router
- second “NATs” packets destined to the Internet using the IP of the WAN interface
ip policy-class FROM-LAN
allow list manage-rtr self
nat source list lan-acl interface atm 1.1 overload
(skip)
End
B) Check the connection
First check the status of your interface ADSL and ATM is UP
Secure-Router#show interface adsl 1/1
adsl 1/1 is UP, line protocol is UP
Link Status
Up G.DMT
Line Type
Interleave
Line Length
9480 ft
Line Rate
Current margin
Attenuation
Power
Prev Rate
Actual Delay
Loss of Framing Seconds
Loss of Signal Seconds
Loss of Power Seconds
Errored Seconds
Line Inits
Rx Blocks
Tx Blocks
Corrected Blocks
UncorrectedBlocks
Last Failure
Last Failure Time
DMT Bits
000: 0 0
010: 9 8
020: 0 0
Per
0 0
8 8
0 0
Downstream
6656 kbps
9.0 dB
38.0 dB
19 dBm
0 kbps
4 msecs
0
0
0
15
1
30881
30881
11069
27
NONE
N/A
Bin
0 0 0 8 9 9 9 9 9 9 9 9
8 8 8 8 7 7 7 6 6 6 0 0
0 0 8 A B B C B C C C C
Upstream
576 kbps
10.0 dB
31.5 dB
11 dBm
0 kbps
4 msecs
0
0
0
2
N/A
30881
30881
0
5
030:
040:
050:
060:
070:
080:
090:
0A0:
0B0:
0C0:
0D0:
0E0:
0F0:
C
0
B
B
A
9
9
9
6
8
8
7
6
B
C
B
B
A
9
9
8
7
8
8
7
5
9
C
B
B
B
A
A
4
7
8
8
7
5
C
C
B
B
B
A
8
7
9
8
8
7
5
D
C
B
B
A
A
7
9
9
9
7
5
5
D
C
B
9
B
A
9
9
9
8
8
7
5
C
C
B
9
A
5
A
9
9
8
8
7
5
D
C
B
B
A
A
9
9
8
9
8
6
2
D
B
A
B
8
A
7
9
9
9
7
6
5
B
9
B
A
A
9
9
8
9
8
7
6
3
C
8
B
7
A
8
9
9
7
8
7
7
4
C
A
B
B
A
7
9
9
8
5
5
6
2
C
7
A
B
A
2
9
9
8
8
7
6
2
C
9
B
B
A
7
9
8
8
8
6
6
4
C
9
B
A
9
9
9
9
5
8
7
6
4
B
B
B
9
5
9
9
9
6
8
7
6
4
Secure-Router#show int atm 1
atm 1 is UP, line protocol is UP
BW 576 Kbit/s
16 maximum active VCCs, 16 VCCs per VP, 1 current VCCs
Queueing strategy: Per VC Queueing
5 minute input rate 3328 bits/sec, 0 packets/sec
5 minute output rate 800 bits/sec, 0 packets/sec
484 packets input, 127924 bytes
0 pkts discarded, 0 error pkts, 0 unknown protocol pkts
3018 cells received, 0 OAM cells received
751 packets output, 53038 bytes
3 tx pkts discarded, 0 tx error pkts
1606 cells sent, 0 OAM cells sent
Then check your WAN interface has an IP address.
Secure-Router#show int atm 1.1
atm 1.1 is Active
Internet address is 82.67.71.47, mask is 255.255.255.0 (via DHCP)
MTU is 1500 bytes
Encapsulation is AAL5
Encapsulation method is IP
VC tx ring limit: 2
Output Queue: 0/4/200/0 (size/highest/max total/drops)
487 packets input, 145152 bytes
754 packets output, 77232 bytes
3024 cells input, 1609 cells output
0 OAM cells input, 0 OAM cells output
AAL5 CRC errors : 0
AAL5 SAR Timeouts : 0
AAL5 Oversized SDUs : 0
AAL5 length violations : 0
Make sure all ip interfaces are UP.
Secure-Router#show ip int brief
Interface
atm 1.1
eth 0/1
IP Address
82.67.71.47
192.168.1.1
Status
UP
UP
Protocol
UP
UP
Check your routing table. Note that a default route has been generated.
Secure-Router#show ip route
Codes: C - connected, S - static, R - RIP, O - OSPF, B - BGP
IA - OSPF inter area, N1 - OSPF NSSA external type 1
N2 - OSPF NSSA external type 2, E1 - OSPF external type 1
E2 – OSPF external type 2
Gateway of last resort is 82.67.71.254 to network 0.0.0.0
S 0.0.0.0/0 [1/0] via 82.67.71.254, atm 1.1
C 82.67.71.0/24 is directly connected, atm 1.1
C 192.168.1.0/24 is directly connected, eth 0/1
Verify your Secure Router serves IP addresses to PC clients on LAN
Secure-Router#show ip dhcp-server binding
IP Address
Client Id
Lease Expiration
Client Name
192.168.1.2
01:00:0a:95:ab:bf:b0
Apr 07 2005 1:30 PM
JM
Verify that connections to the Internet from PC generate sessions on
the stateful Firewall of your Secure Router
Secure-Router#show ip policy-sessions
Protocol (TTL)
Src IP Address Src Port Dest IP Address
--------------- -------- --------------Policy class "FROM-LAN":
tcp (600)
192.168.1.2
59869
192.168.1.1
udp (4)
192.168.1.2
54940
212.27.39.2
udp (4)
192.168.1.2
54941
212.27.39.2
Dst Port NAT IP Address
NAT Port
-------- ----------------- -------23
53
s 82.67.71.47
1391
53
s 82.67.71.47
1392
Policy class "self":
Policy class "default":
tcp (6)
82.67.93.31
1082
82.67.71.47
445
Secure-Router#sh ip policy-stats
Global 14 current sessions (83200 max)
Policy-class "FROM-LAN":
14 current sessions (27700 max)
Entry 1 - allow list manage-rtr self
13979 in bytes, 206692 out bytes, 17 hits
Entry 2 - nat source list lan-acl interface atm 1.1 overload
29263 in bytes, 110943 out bytes, 274 hits
The Secure Router is directly connected to the ADSL interface
Note that multiple layers are implied:
- Layer 1 (Physical) is ADSL (int ADSL 1/1)
- Layer 2 (Link Layer) is ATM (int ATM 1). We bind it to ADSL 1
- Layer 2-1 On top of ATM, the adaptation layer (AAL5MUX or AAL5SNAP)
define how frames are converted into ATM cells.
In ATM, data is sent on a Permanent Virtual Circuit (PVC) defined with its VPI / VCI. The PVC is
bound to the Point to point ATM sub-interface named ATM 1.1
- Layer 2-2 is the PPP Layer, defined in logical interface PPP 1 that used PPPOE mode.
We bind the PPP 1 interface to the ATM 1.1
- Layer 3 is IP
Note: once an IP address and a password have been setup, most of this configuration can
easilybe created using the Web interface and its Firewall wizard. To beginners it will ease
configuration,to experts it will speed the configuration process.
A- ADSL-PPPoE configuration
hostname "ADSL-Router"
ip routing
Enable Firewall
! Enable Firewall – Requires defining Access Policy
! Access Policy defines NAT and Filters
ip firewall
DNS proxy
! On a LAN with no DNS servers, we can define the router as a proxy DNS. It acts
! as a DNS server for the DHCP clients. It gets the DNS servers definition from
! the ISP during PPP negotiation.
ip domain-proxy
ip domain-name "yourprovider.com"
DHCP Server for LAN
! Define DHCP service for the LAN in the 192.168.1.0 range
ip dhcp-server pool "pool-for-lan"
network 192.168.1.0 255.255.255.0
! The provider gives following info
domain-name "wanadoo.fr"
dns-server 192.168.1.1
netbios-node-type h-node
default-router 192.168.1.1
lease 1
The LAN Interface.
interface eth 0/1
ip address 192.168.1.1 255.255.255.0
! Inbound traffic from the LAN is NATed as defined in the Access-policy FROM-LAN
access-policy FROM-LAN
no shutdown
interface eth 0/2
no ip address
shutdown
The WAN physical interface = ADSL
interface adsl 1/1
! ADSL interface auto detects the ADSL mode: G.dmt, G-LITE, T1.413…
training-mode multi-mode
no shutdown
ATM is the encapsulation of the ADSL interface
! Traffic is sent in cells
interface atm 1 point-to-point
no shutdown
! We bind ATM interface (logical) to ADSL interface (physical)
! Note that encapsulation is aal5snap by default. The other choice is aal5mux
! Your provider must provide this info
bind 1 adsl 1/1 atm 1
ATM PVC (Permanent Virtual Circuit)
! ATM cells are transmitted over a PVC.
! The PVC is defined in a point to point ATM sub-interface
interface atm 1.1 point-to-point
no shutdown
! Provider tells you what VPI/VCI (id of the PVC) to use.
! You can’t guess but you can find on Internet other examples of config
pvc 8/35
no ip address
PPP interface
interface ppp 1
! The ip address is negotiated via PPP with provider’s router
! As on a PC connection, router gets DNS servers info and IP of concentrator
ip address negotiated
no fair-queue
! Authentication: credentials are sent using PAP or CHAP
! For PAP, use ppp pap sent-username… command
! If you don’t know what protocol to use, chose either PAP or CHAP and start
! “debug ppp authentication” to check what is required by ISP
ppp chap hostname id-given-by-isp
ppp chap password pw-given-by-isp
no shutdown
! We bind the ppp interface to the ATM 1.1 specifying we’re in PPPoE mode
bind 2 atm 1.1 ppp 1 pppoe-client
ACL defines the traffic to be NATed
ip access-list extended lan-acl
remark used for Nat
permit ip 192.168.1.0 0.0.0.255 any
Policy-class
! It translates the Private IP source addresses (NAT) of the traffic
! of the LAN into the Public IP address of the PPP interface
ip policy-class FROM-LAN
nat source list lan-acl interface ppp 1 overload
(skip)
end
B- Check the status of the configuration
! Note the ADSL interface is UP and the ADSL type is G.DMT.
! Note the downstream and upstream rates of the ADSL interface
ADSL-Router#show int adsl 1/1
adsl 1/1 is UP, line protocol is UP
Link Status
Up G.DMT
Line Type
Interleave
Line Length
10218 ft
Downstream
Line Rate
608 kbps
Current margin
31.0 dB
Attenuation
38.0 dB
Power
17 dBm
Prev Rate
0 kbps
Actual Delay
4 msecs
Loss of Framing Seconds
0
Loss of Signal Seconds
0
Loss of Power Seconds
0
Errored Seconds
0
Line Inits
1
Rx Blocks
3630763
Tx Blocks
3630763
Corrected Blocks
4
UncorrectedBlocks
0
Last Failure
NONE
Last Failure Time
N/A
DMT Bits Per Bin
000: 0 0 0 0 0 0 0 0 2 2 2 3 4 4 4 4
010: 4 4 4 4 4 4 4 4 3 3 2 2 2 2 0 0
020: 0 0 0 0 0 0 2 2 2 2 2 2 2 2 2 2
030: 2 2 2 3 3 3 3 3 3 2 2 2 2 2 2 2
040: 0 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2
050: 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2
060: 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2
070: 2 2 2 2 2 2 0 2 2 3 3 3 2 2 2 2
080: 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2
090: 2 2 2 0 0 2 2 2 2 2 0 0 0 2 2 0
0A0: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
Upstream
160 kbps
31.0 dB
24.0 dB
11 dBm
0 kbps
4 msecs
0
0
0
1
N/A
3630763
3630763
7619536
4
0B0:
0C0:
0D0:
0E0:
0F0:
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
! Note ATM interface is UP and one VCC (virtual circuit) is active
ADSL-Router#show int atm 1
atm 1 is UP, line protocol is UP
BW 160 Kbit/s
16 maximum active VCCs, 16 VCCs per VP, 1 current VCCs
Queueing strategy: Per VC Queueing
5 minute input rate 33512 bits/sec, 0 packets/sec
5 minute output rate 3040 bits/sec, 0 packets/sec
69444 packets input, 62104316 bytes
0 pkts discarded, 0 error pkts, 0 unknown protocol pkts
1326184 cells received, 0 OAM cells received
51607 packets output, 5003320 bytes
0 tx pkts discarded, 0 tx error pkts
128792 cells sent, 0 OAM cells sent
! Note ATM 1.1 sub-interface is Active, encapsulation Is AAL5 SNAP
! Note packets and celll input and output on interface
ADSL-Router#show int atm 1.1
atm 1.1 is Active
ATM Routed Bridge Encapsulation: None
Encapsulation is AAL5
Encapsulation method is SNAP
VC tx ring limit: 2
Output Queue: 0/14/200/0 (size/highest/max total/drops)
69452 packets input, 63665904 bytes
51613 packets output, 6182592 bytes
1326373 cells input, 128804 cells output
0 OAM cells input, 0 OAM cells output
AAL5 CRC errors : 0
AAL5 SAR Timeouts : 0
AAL5 Oversized SDUs : 0
AAL5 length violations : 0
! Note the ATM PVC is Active
ADSL-Router#show atm pvc
Name
atm 1.1
VPI
8
VCI
35
Encap
Type
SNAP
SC
N/A
Peak
Kbps
0
Avg/Min
Kbps
0
Burst
Cells
0
Status
Active
! Note the ppp interface is UP meaning that PPP Negotiation including the
! authentication has succeeded.
! In case of trouble, start a “debug ppp authentication”
! Note the IP info learnt by the PPP interface:
! IP address, “Peer address” (router of ISP), DNS servers…
ADSL-Router#show int ppp 1
ppp 1 is UP
Configuration:
Keep-alive is set (10 sec.)
No multilink
MTU = 1500
Peer authenticates with CHAP
IP is configured
IP address negotiated
Link thru atm 1.1 is UP; LCP state is OPENED, negotiated MTU is 1492
receive: bytes=60384371, pkts=76385, errors=0
Transmit: bytes=3555522, pkts=58391, errors=0
5 minute input rate 25720 bits/sec, 4 packets/sec
5 minute output rate 3064 bits/sec, 3 packets/sec
Bundle information
Queueing method: fifo
HDLC tx ring limit: 0
Output queue: 0/1/200/0 (size/highest/max total/drops)
IP is UP, IPCP state is OPENED
Negotiated Address=82.122.147.180 Mask=255.255.255.255
Peer address=193.253.160.3
DNS: Primary=80.10.246.130, Secondary=80.10.246.3
IP MTU=1492, Bandwidth=160 Kbps
LLDPCP State is STOPPED
! Lists the IP interfaces. They should be up.
! Note the IP address learnt on ppp 1
ADSL-Router#show ip int brief
Interface
IP Address
Status
Protocol
eth 0/1
192.168.1.1
UP
UP
ppp 1
82.122.147.180 UP
UP
! Lists the IP Route. Default route 0.0.0.0/0 results from PPP negotiation
ADSL-Router#show ip route
Codes:
C - connected, S - static, R - RIP, O - OSPF, B - BGP
IA - OSPF inter area, N1 - OSPF NSSA external type 1
N2 - OSPF NSSA external type 2, E1 - OSPF external type 1
E2 - OSPF external type 2
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
S
C
C
C
0.0.0.0/0 [1/0] via 0.0.0.0, ppp 1
82.122.147.180/32 is directly connected, ppp 1
192.168.1.0/24 is directly connected, eth 0/1
193.253.160.3/32 is directly connected, ppp 1
! After your start communications with the Internet, view the NATed sessions
ADSL-Router#show ip policy-sessions
Protocol (TTL)
Src IP Address Src Port
--------------- -------Policy class "FROM-LAN":
tcp (600)
192.168.1.3
3646
tcp (600)
192.168.1.4
59227
udp (53)
192.168.1.4
54832
udp (53)
192.168.1.4
54833
udp (53)
192.168.1.4
54834
Dest IP Address Dst Port NAT IP Address
NAT Port
--------------- -------- ----------------- -------66.28.8.50
80
s 82.122.147.180
3729
192.168.1.1
22
193.252.19.4
53
s 82.122.147.180
6088
193.252.19.4
53
s 82.122.147.180
6089
193.252.19.4
53
s 82.122.147.180
6090
!------------------------------------------------------------! Configuration of 7xxx dl Procurve Router
! ADSL connection using PPPOE
! Router connects to the ADSL modem via an Ethernet connection
!-------------------------------------------------------------! What info do you need from your ISP?
!
Username or ID and password for your connection
!
Make sure PPPOE is used by provider.
! Other choice could be RFC 1483 Routed. Not yet supported but coming
!-------------------------------------------------------------hostname "ADSL-Router"
!
ip routing
!
! Enable Firewall – Required to define Access Policy
! Access Policy is required to define NAT and Filters
ip firewall
!
!
!
!
! Define DHCP service for the LAN in the 192.168.1.0 range
ip dhcp-server excluded-address 192.168.1.1
!
ip dhcp-server pool "pool-for-lan"
network 192.168.1.0 255.255.255.0
! Following given by the provider
domain-name "wanadoo.fr"
dns-server 193.252.19.4 193.252.19.3
netbios-node-type h-node
default-router 192.168.1.1
lease 1
!
! Note you could also define your router as DNS Proxy
! You have to 1) Define router as DNS Server for DHCP Clients
! 2) Define the DNS Servers for the router with
! ip name-server 193.252.19.4 193.252.19.3”
! 3) Define router as proxy with
! ip domain-proxy
!
! The LAN Interface
interface eth 0/1
ip address 192.168.1.1 255.255.255.0
! Inbound traffic is NATed as stated in the Access-policy called FROMLAN
access-policy FROM-LAN
no shutdown
!
! The LAN Interface connected to ADSL Modem.
interface eth 0/2
no ip address
! Interface is shut by default
no shutdown
! Don’t send LLDP (Link Layer Discovery Protocol) frames to provider
no lldp send-and-receive
!
! On top of Ethernet we build a PPP interface used by IP as layer 2
interface ppp 1
! ip address is negotiated via PPP with provider’s router
ip address negotiated
no fair-queue
! Credentials sent by router to provider. CHAP is the authentication
! In case it’s PAP, use ppp pap sent-username… command
! If you don’t know what protcol is used, use either PAP or CHAP and
start
! “debug ppp authentication” to check what is requested by other side
ppp chap hostname id-given-by-isp
ppp chap password pw-given-by-isp
! Don’t send LLDP (Link Layer Discovery Protocol) frames to provider
no lldp send-and-receive
no shutdown
! We bind the ppp interface to the Ethernet interface
! Note that we default to PPPOE
bind 1 eth 0/2 ppp 1
!
!
!
!
! ACL selects the traffic to be NATed
ip access-list extended OUR-LAN
remark used for Nat
permit ip any any
!
! To NAT (and possibly filter) traffic we apply Policy-class to the LAN
Interface
ip policy-class FROM-LAN
nat source list OUR-LAN interface ppp 1 overload
!
!
(skip)
!
end
Related documents
www.tutor-homework.com
www.tutor-homework.com
Phase Diagram Worksheet 2
Phase Diagram Worksheet 2
key
key
Tutorial 1
Tutorial 1
detail
detail
P1 x V1 = P2 x V2
P1 x V1 = P2 x V2
Boyle's, Charles's & Gay-Lussac's laws Worksheet
Boyle's, Charles's & Gay-Lussac's laws Worksheet
1st law of Thermodynamics Worksheet
1st law of Thermodynamics Worksheet
worksheet GAY
worksheet GAY
Tutorial 2
Tutorial 2
Download
advertisement