CHAPTER 4

Configuring Small Office to ISP

Networks
This chapter describes how to configure three small-office-to-Internet service provider
(ISP) networks, which Table 4-1 presents.

Table 4-1 Sample Networks

WAN WAN Routed Configuration

No. Options Encapsulation Protocols Other Features Options
1 Synchronous PPP IP Static IP route • Cisco 805 Fast
leased line Step software
• CLI
2 Asynchronous PPP IP • Static IP route • Cisco 805 Fast
dial-up line • Easy IP (Phase 1) – Network Step software
Address Translation (NAT) and (template option)
Point-to-Point Protocol/IP Control • CLI
Protocol (PPP/IPCP)
• Firewall
3 Frame Relay Frame Relay IP • Static IP route • Cisco 805 Fast
• NAT overload Step software

• Firewall • CLI

Note Cisco Systems strongly recommends that inexperienced network administrators use
the Cisco 805 Fast Step software to configure sample networks 1 and 3. The Cisco 805 Fast
Step software might configure the sample networks differently than is described in this
guide.

Configuring Small Office to ISP Networks 4-1

Before Configuring Networks

The Cisco 805 Fast Step software is a Windows 95, Windows NT, and Windows 98 based
configuration tool included with the Cisco 805 router. For more information, refer to the
Cisco 805 Fast Step CD-ROM.
For more information on configuring your router using the CLI, continue reading this
chapter.

Before Configuring Networks

Refer to Table 4-2 to determine what you need to do before configuring each network.

Table 4-2 Before Configuring Networks

Number WAN Options What You Must Do

1 Leased line, PPP • Set up IP address scheme.
• Buy a range of registered IP addresses for your router Ethernet interface and
your LAN devices that require Internet access from the ISP. (If you plan to
configure this sample network using the Cisco 805 Fast Step software, you
must also buy a registered IP address for your router serial interface.)
• Order leased line from your WAN service provider.
2 Dial-up line, PPP • Set up IP address scheme.
• Ask your ISP to provide the following information:
— PPP client name that the ISP assigns as your login name.
— PPP password to access your ISP account.
— ISP telephone number to dial when you want to establish Internet
connection.
— PPP authentication protocol used by ISP. (Challenge Handshake
Authentication Protocol [CHAP] or Password Authentication Protocol
[PAP]1.)
• Buy one registered IP address for router dialer interface.
• Order dial-up line from WAN service provider.

4-2 Cisco 805 Router Software Configuration Guide

 Network 1: Leased Line, PPP

Table 4-2 Before Configuring Networks (continued)

Number WAN Options What You Must Do

3 Frame Relay • Set up IP address scheme.
• Do the following with the ISP:
— Buy one registered IP address for router serial interface.
— Ask ISP to provide IP address and subnet mask of ISP serial interface.
• Do the following with the WAN service provider:
— Order one PVC.
— Ask WAN service provider to provide LMI type.
1 For more information on CHAP and PAP, refer to Appendix C, “Concepts.”

Network 1: Leased Line, PPP

Figure 4-1 shows a sample small office network connected to an ISP with a synchronous
leased line. This sample network uses IP as the only routed protocol. Instead of using a
dynamic routing protocol such as RIP to learn the route to the ISP, this network uses a static
IP route, which is a user-defined route to the ISP.
This network uses registered IP addresses on the router Ethernet interface and on the LAN
devices that require Internet access. (You can buy a range of registered IP addresses from
your ISP.) To save the cost of buying a registered IP address for the router serial interface,
this interface uses the IP address assigned to the Ethernet interface. (If you configure this
sample network using the Cisco 805 Fast Step software, you must buy a registered IP
address for the router serial interface.)

Configuring Small Office to ISP Networks 4-3

Network 1: Leased Line, PPP

Figure 4-1 Network 1

Network address:
IP: 192.168.0.0

Cisco 805
Leased line, PPP
Internet service
provider

18131
192.168.1.1
199.87.7.1

Configuring the Cisco 805 Router

To configure the features for this sample network, perform the tasks described in the
following sections on a PC. A sample configuration file that illustrates how to configure the
network is presented after the tasks.
After your router boots, the following prompt displays. Enter no.
Would you like to enter the initial configuration dialog [yes]: no

For complete information on how to access global configuration mode, refer to the
“Entering Global Configuration Mode” section in Chapter 2, “Cisco IOS Basic Skills.” For
more information on the commands used in the following tables, refer to the Cisco IOS
Release 12.0 documentation set.

4-4 Cisco 805 Router Software Configuration Guide

 Configuring the Cisco 805 Router

Global Parameters
Use the following table to configure the router for global parameters.

Step Task Router Prompt Command

1 Enter configuration mode. Router# configure terminal
2 Specify name for router. Router (config)# hostname name
3 Specify encrypted password to prevent Router (config)# enable secret <password>
unauthorized access to router.
4 Configure router to recognize zero subnet Router (config)# ip subnet-zero
range as valid range of addresses.
5 Disable router from translating unfamiliar Router (config)# no ip domain-lookup
words (typos) entered during a console session
into IP addresses.

Ethernet Interface
Use the following table to configure the Ethernet interface.

Step Task Router Prompt Command

1 Enter configuration mode for Ethernet Router (config)# interface ethernet 0
interface.
2 Set IP address and subnet mask. Router (config-if)# ip address ip-address mask
3 Enable interface and configuration changes Router (config-if)# no shutdown
just made to interface.
4 Exit configuration mode for Ethernet interface. Router (config-if)# exit

Configuring Small Office to ISP Networks 4-5

Network 1: Leased Line, PPP

Serial Interface
Use the following table to configure the serial interface.

Step Task Router Prompt Command

1 Enter configuration mode for serial interface. Router (config)# interface serial 0
2 Set IP address to address used on Ethernet Router (config-if)# ip unnumbered ethernet 0
interface.
3 Specify PPP as encapsulation (framing) Router (config-if)# encapsulation ppp
method.
4 Enable interface and configuration changes Router (config-if)# no shutdown
just made to interface.
5 Exit configuration mode for serial interface. Router (config-if)# exit
6 Set up a static route to ISP router. Router (config)# ip route 0.0.0.0 0.0.0.0 serial 0

Command-Line Access to the Router

Use the following table to configure parameters to control access to the router.

Step Task Router Prompt Command

1 Enter line configuration mode, and specify the Router (config)# line console 0
console terminal line.
2 Specify a unique password on the line. Router password <password>
(config-line)#
3 Enable password checking at terminal session Router login
login. (config-line)#

4 Specify a virtual terminal for remote console Router line vty 0 4

access. (config-line)#

5 Specify a unique password on the line. Router password <password>

(config-line)#

4-6 Cisco 805 Router Software Configuration Guide

 Sample Configuration

Step Task Router Prompt Command

6 Enable password checking at virtual terminal Router login
session login. (config-line)#

7 Exit line configuration mode, and return to Router end

privileged EXEC mode. (config-line)#

Sample Configuration
The following is a sample configuration based on performing the tasks in “Configuring the
Cisco 805 Router” section on page 4-4. You do not need to input the commands marked
“default.” These commands appear automatically in the configuration file generated when
you use the show running command.
Current configuration:
!
version 12.0
no service pad (default)
service timestamps debug uptime (default)
service timestamps log uptime (default)
no service password-encryption (default)
hostname Cisco805
enable secret 5 $1$RnI.$K4mh5q4MFetaqKzBbQ7gv0
ip subnet-zero
no ip domain-lookup
!
interface Ethernet0
ip address 192.168.1.1 255.255.255.0
no ip directed-broadcast (default)
!
interface Serial0
ip unnumbered ethernet 0
no ip directed-broadcast (default)
encapsulation ppp
!
no ip http server (default)
ip classless (default)
!
ip route 0.0.0.0 0.0.0.0 serial 0
!
line con 0
exec-timeout 10 0 (default)

Configuring Small Office to ISP Networks 4-7

Network 2: Dial-up Line, PPP

password 4youreyesonly
login
transport input none (default)
stopbits 1 (default)
line vty 0 4
password secret
login
!
end

Network 2: Dial-up Line, PPP

Figure 4-2 shows a sample small office network connected to an ISP with a asynchronous
dial-up line running PPP. This sample network uses IP as the only routed protocol. Instead
of using a dynamic routing protocol such as RIP to learn the route to the ISP, this network
uses a static IP route, which is a user-defined route to the ISP.
This sample network uses the dial-on-demand routing (DDR) implementation of dialer
profiles. For conceptual information, refer to the “Dialer Profiles” section in Appendix C,
“Concepts.”
This sample network uses nonregistered IP addresses on the router Ethernet interface and
the LAN devices. To solve the problem of using nonregistered IP addresses when accessing
the Internet, this sample network uses Easy IP (Phase 1). This feature combines NAT and
PPP/IPCP. With this feature, the Cisco 805 router can automatically negotiate a registered
IP address for the router dialer interface from the ISP router. All devices in this sample
network can use this registered IP address when accessing the Internet. For more
information on this feature, including configuration information, refer to the “Configuring
Easy IP (Phase 1)” section in Chapter 5, “Advanced Features.”
You can also configure the firewall feature in this sample network.

4-8 Cisco 805 Router Software Configuration Guide

 Configuring the Cisco 805 Router

Figure 4-2 Network 2

Network address:
IP: 10.0.0.0
199.87.7.1
Cisco 805
Dial-up line, PPP

Internet service
Modem provider
10.1.1.1 Negotiate

18136
CHAP or PAP
IP address
from ISP router

Configuring the Cisco 805 Router

To configure the features for this sample network, perform the tasks described in the
following sections on a PC. A sample configuration file that illustrates how to configure the
network is presented after the tasks.
After your router boots, the following prompt displays. Enter no.
Would you like to enter the initial configuration dialog [yes]: no

For complete information on how to access global configuration mode, refer to the
“Entering Global Configuration Mode” section in Chapter 2, “Cisco IOS Basic Skills.” For
more information on the commands used in the following tables, refer to the Cisco IOS
Release 12.0 documentation set.

Configuring Small Office to ISP Networks 4-9

Network 2: Dial-up Line, PPP

Global Parameters
Use the following table to configure the router for global parameters.

Step Task Router Prompt Command

1 Enter configuration mode. Router# configure terminal
2 Specify name for router. Router (config)# hostname name
3 Specify encrypted password to prevent Router (config)# enable secret <password>
unauthorized access to router.
4 Configure router to recognize zero subnet Router (config)# ip subnet-zero
range as valid range of addresses.
5 Disable router from translating unfamiliar Router (config)# no ip domain-lookup
words (typos) entered during a console session
into IP addresses.

Ethernet Interface
Use the following table to configure the Ethernet interface.

Step Task Router Prompt Command

1 Enter configuration mode for Ethernet Router (config)# interface ethernet 0
interface.
2 Set IP address and subnet mask. Router (config-if)# ip address ip-address mask
3 Enable interface and configuration changes Router (config-if)# no shutdown
just made to interface.
4 Exit configuration mode for Ethernet interface. Router (config-if)# exit

4-10 Cisco 805 Router Software Configuration Guide

 Configuring the Cisco 805 Router

Serial Interface
Use the following table to configure the serial interface.

Step Task Router Prompt Command

1 Enter configuration mode for serial interface. Router (config)# interface serial 0
2 Remove any IP address associated with Router (config-if)# no ip address
interface.
3 Specify PPP as encapsulation (framing) type. Router (config-if)# encapsulation ppp
4 Enable CHAP and/or PAP, and specify Router (config-if)# ppp authentication chap pap
authentication on incoming (received) calls callin
only. or
ppp authentication chap callin
or
ppp authentication pap callin
5 Specify mode of serial interface as Router (config-if)# physical-layer async
asynchronous.
6 Configure asynchronous line for data traffic. Router (config-if)# async mode dedicated
7 Specify that you are using DDR. Router (config-if)# dialer in-band
8 Set up dialer pool, and assign serial interface Router (config-if)# dialer pool-member number
to the dialer pool.
9 Enable interface and configuration changes Router (config-if)# no shutdown
just made to interface.
10 Exit serial configuration mode. Router (config-if)# exit

Dialer Profile
To configure the dialer profile, you must set up a dialer interface and dialer pool. (Dialer
pools are set up with the serial interface.) For conceptual information, refer to the “Dialer
Profiles” section in Appendix C, “Concepts.”
Use the following table to configure the dialer interface.

Configuring Small Office to ISP Networks 4-11

Network 2: Dial-up Line, PPP

Step Task Router Prompt Command

1 Enter configuration mode for and define dialer Router (config)# interface dialer 1
rotary group.
2 Specify PPP as encapsulation (framing) type. Router (config-if)# encapsulation ppp
3 Specify ISP router authentication name. Router (config-if)# dialer remote-name name
4 Specify amount of idle time before calls are Router (config-if)# dialer idle-timeout seconds
disconnected. either
5 Specify telephone number of ISP router. Router (config-if)# dialer string string
modem-script chat-script-name
6 Specify dialer pool to use for calls to ISP. Router (config-if)# dialer pool number
(Dialer pool was set up in “Serial Interface”
section on page 4-11.)
7 Assign dialer interface to a dialer group. Router (config-if)# dialer-group number
8 Enable CHAP and/or PAP, and specify Router (config-if)# ppp authentication chap pap
authentication on incoming (received) calls callin
only. or
ppp authentication chap callin
or
ppp authentication pap callin
9 Set up CHAP hostname and password. Router (config-if)# ppp chap hostname hostname
ppp chap password <secret>
10 Set up PAP username and password. Router (config-if)# ppp pap sent-username
username password
<password>
11 Disable CDP. Router (config-if)# no cdp enable
12 Enable interface and configuration changes Router (config-if)# no shutdown
just made to interface.
13 Exit configuration mode for dialer interface. Router (config-if)# exit
14 Set up static route to ISP router. Router (config)# ip route 0.0.0.0 0.0.0.0 dialer 1

4-12 Cisco 805 Router Software Configuration Guide

 Configuring the Cisco 805 Router

Step Task Router Prompt Command

15 Create script that causes connected modem to Router (config)# chat-script script-name
place call to ISP router. expect-send
16 Set up dialer list that determines that IP Router (config)# dialer-list dialer-group protocol
triggers a call. ip permit

For information on controlling the types of traffic that can activate your dial-up line and
increase your monthly dial-up line cost, refer to the “Controlling Dial-up Line Activation”
section in Chapter 5, “Advanced Features.”

Asynchronous Line
Use the following table to configure the asynchronous line.

Step Task Router Prompt Command

1 Enter configuration mode for asynchronous Router (config)# line 1
line (line 1).
2 Specifies that router should send and listen to Router flowcontrol hardware
flow control information from attached serial (config-line)#
device.
3 Specify that all protocols can connect to line 1. Router transport input all
(config-line)#
4 Configure line 1 for both incoming and Router modem inout
outgoing calls. (config-line)#

5 Set baud rate. Router speed 115200

(config-line)#
6 Set stop bits. Router stopbits 1
(config-line)#
7 Exit configuration mode for serial interface. Router (config-if)# exit

Configuring Small Office to ISP Networks 4-13

Network 2: Dial-up Line, PPP

Easy IP (Phase 1)
For information on configuring Easy IP (Phase 1), refer to the “Configuring Easy IP (Phase
1)” section in Chapter 5, “Advanced Features.”

Firewall Feature
For information on configuring a firewall, refer to the Cisco IOS Firewall Feature Set
feature module, which appears on Cisco Connection Online (CCO) only.

Command-Line Access to the Router

Use the following table to configure parameters to control access to the router.

Step Task Router Prompt Command

1 Enter line configuration mode, and specify the Router (config)# line console 0
console terminal line.
2 Specify a unique password on the line. Router (config-line)# password <password>
3 Enable password checking at terminal session Router (config-line)# login
login.
4 Specify a virtual terminal for remote console Router (config-line)# line vty 0 4
access.
5 Specify a unique password on the line. Router (config-line)# password <password>
6 Enable password checking at virtual terminal Router (config-line)# login
session login.
7 Exit line configuration mode, and return to Router (config-line)# end
privileged EXEC mode.

Sample Configuration
The following is a sample configuration based on performing the tasks in “Configuring the
Cisco 805 Router” section on page 4-9. It does not show firewall-related commands. For a
sample configuration of the firewall feature, refer to the Cisco IOS Firewall Feature Set
feature module, which appears on Cisco Connection Online (CCO) only.

4-14 Cisco 805 Router Software Configuration Guide

 Sample Configuration

You do not need to input the commands marked “default.” These commands appear
automatically in the configuration file generated when you use the show running
command.
Current configuration:
!
version 12.0
no service pad (default)
service timestamps debug uptime (default)
service timestamps log uptime (default)
no service password-encryption (default)
hostname Cisco805
enable secret 5 $1$RnI.$K4mh5q4MFetaqKzBbQ7gv0
ip subnet-zero
no ip domain-lookup
chat-script dial "" AT OK "\patdt\T" TIMEOUT 60 CONNECT \C
!This generic chat script is known to work. For information on
!customizing your chat script, refer to the Dial Solutions Configuration
!Guide.

interface Ethernet0
ip address 10.1.1.1 255.255.255.0
no ip directed-broadcast (default)
ip nat inside
!
interface Serial0
physical-layer async
no ip address
no ip directed-broadcast (default)
encapsulation ppp
dialer in-band
dialer pool-member 1
async mode dedicated
ppp authentication chap pap callin
ppp chap hostname chapisp
ppp chap password abra
ppp pap sent-username papisp password cadabra
!
interface Dialer1
ip address negotiated
no ip directed-broadcast (default)
encapsulation ppp
dialer remote-name isp
dialer idle-timeout 500
dialer string 5551111 modem-script dial

Configuring Small Office to ISP Networks 4-15

Network 3: Frame Relay

dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname chapisp
ppp chap password abra
ppp pap sent-username papisp password cadabra
ip nat outside
!
no ip http server (default)
ip classless (default)
!
ip route 0.0.0.0 0.0.0.0 dialer 1
dialer-list 1 protocol ip permit
ip nat inside source list 1 interface dialer 0 overload
access-list 1 permit 10.0.0.0 0.255.255.255
!
line con 0
exec-timeout 10 0 (default)
password 4youreyesonly
login
transport input none (default)
stopbits 1 (default)
line 1
modem InOut
transport input all
speed 115200
flowcontrol hardware
line vty 0 4
password secret
login
!
end

Network 3: Frame Relay

Figure 4-3 shows a sample small office network connected to an ISP with Frame Relay.
This sample network uses IP as the only routed protocol. Instead of using a dynamic routing
protocol such as RIP to learn the route to the ISP, this network uses a static IP route, which
is a user-defined route to the ISP.

4-16 Cisco 805 Router Software Configuration Guide

 Configuring the Cisco 805 Router

This sample network uses nonregistered IP addresses on the router Ethernet interface and
the LAN devices. To solve the problem of using nonregistered IP addresses when accessing
the Internet, this sample network uses the NAT overload feature. You buy one registered IP
address for the serial interface from the ISP, then using NAT overload, all devices in this
sample network can use this registered IP address when accessing the Internet. For more
information on this feature, including configuration information, refer to the “Configuring
NAT Overload” section in Chapter 5, “Advanced Features.”
You can also configure the firewall feature in this sample network.

Figure 4-3 Network 3

Network address:
IP: 10.0.0.0

Cisco 805
Frame Internet service
Relay provider

18137
10.1.1.1 192.168.0.2 192.168.0.1

Configuring the Cisco 805 Router

To configure the features for this sample network, perform the tasks described in the
following sections on a PC. A sample configuration file that illustrates how to configure the
network is presented after the tasks.
After your router boots, the following prompt displays. Enter no.
Would you like to enter the initial configuration dialog [yes]: no

For complete information on how to access global configuration mode, refer to the
“Entering Global Configuration Mode” section in Chapter 2, “Cisco IOS Basic Skills.” For
more information on the commands used in the following tables, refer to the Cisco IOS
Release 12.0 documentation set.

Configuring Small Office to ISP Networks 4-17

Network 3: Frame Relay

Global Parameters
Use the following table to configure the router for global parameters.

Step Task Router Prompt Command

1 Enter configuration mode. Router# configure terminal
2 Specify name for router. Router (config)# hostname name
3 Specify encrypted password to prevent Router (config)# enable secret <password>
unauthorized access to router.
4 Configure router to recognize zero subnet Router (config)# ip subnet-zero
range as valid range of addresses.
5 Disable router from translating unfamiliar Router (config)# no ip domain-lookup
words (typos) entered during a console session
into IP addresses.

Ethernet Interface
Use the following table to configure the Ethernet interface.

Step Task Router Prompt Command

1 Enter configuration mode for Ethernet Router (config)# interface ethernet 0
interface.
2 Set IP address and subnet mask. Router (config-if)# ip address ip-address mask
3 Enable interface and configuration changes Router (config-if)# no shutdown
just made to interface.
4 Exit configuration mode for Ethernet interface. Router (config-if)# exit

4-18 Cisco 805 Router Software Configuration Guide

 Configuring the Cisco 805 Router

Serial Interface
Use the following table to configure the serial interface.

Step Task Router Prompt Command

1 Enter configuration mode for serial interface. Router (config)# interface serial 0
2 Set IP address and subnet mask. Router (config-if)# ip address ip-address mask
4 Set encapsulation (framing) method to Frame Router (config-if)# encapsulation frame relay
Relay. If the ISP router is not a Cisco router, [ietf]
use ietf option.
5 Set LMI type to type provided by Frame Relay Router (config-if)# frame-relay lmi-type
service provider. (Default is cisco.) {ansi | cisco | q933a}
6 Enable interface and configuration changes Router (config-if)# no shutdown
just made to interface.
7 Exit configuration mode for serial interface. Router (config-if)# exit
8 Set up a static route to ISP router. Router (config)# ip route 0.0.0.0 0.0.0.0 serial 0

NAT Overload
For information on configuring NAT overload, refer to the “Configuring NAT Overload”
section in Chapter 5, “Advanced Features.”

Firewall Feature
For information on configuring a firewall, refer to the Cisco IOS Firewall Feature Set
feature module, which appears on Cisco Connection Online (CCO) only.

Configuring Small Office to ISP Networks 4-19

Network 3: Frame Relay

Command-Line Access to the Router

Use the following table to configure parameters to control access to the router.

Step Task Router Prompt Command

1 Enter line configuration mode, and specify the Router (config)# line console 0
console terminal line.
2 Specify a unique password on the line. Router (config-line)# password <password>
3 Enable password checking at terminal session Router (config-line)# login
login.
4 Specify a virtual terminal for remote console Router (config-line)# line vty 0 4
access.
5 Specify a unique password on the line. Router (config-line)# password <password>
6 Enable password checking at virtual terminal Router (config-line)# login
session login.
7 Exit line configuration mode, and return to Router (config-line)# end
privileged EXEC mode.

Sample Configuration
The following is a sample configuration based on performing the tasks in “Configuring the
Cisco 805 Router” section on page 4-17. You do not need to input the commands marked
“default.” These commands appear automatically in the configuration file generated when
you use the show running command.

4-20 Cisco 805 Router Software Configuration Guide

 Sample Configuration

Current configuration:
!
version 12.0
no service pad (default)
service timestamps debug uptime (default)
service timestamps log uptime (default)
no service password-encryption (default)
hostname Cisco805
enable secret 5 $1$RnI.$K4mh5q4MFetaqKzBbQ7gv0
ip subnet-zero
no ip domain-lookup
!
interface Ethernet0
ip address 10.1.1.1 255.255.255.0
no ip directed-broadcast (default)
ip nat inside
!
interface Serial0
ip address 192.168.0.2 255.255.255.0
no ip directed-broadcast (default)
no ip mroute-cache (default)
encapsulation frame-relay ietf
frame-relay lmi-type ansi
ip nat outside
!
no ip http server (default)
ip classless (default)
!
ip route 0.0.0.0 0.0.0.0 serial 0
ip nat inside source list 1 interface serial 0 overload
access-list 1 permit 10.0.0.0 0.255.255.255
!
line con 0
exec-timeout 10 0 (default)
password 4youreyesonly
login
transport input none (default)
stopbits 1 (default)
line vty 0 4
password secret
login
!
end

Configuring Small Office to ISP Networks 4-21

Network 3: Frame Relay

4-22 Cisco 805 Router Software Configuration Guide