DorsetBunny
Technical User
So my router has been stable these past two days until this evening - more disconnects 
I have yet to call my provider as it changes from BT to Virgin on Tuesday anyways. My ping problem seems to have been sorted but I am a bit green still on the config side of things.
I wonder if some guru would go through mine with a red pen so-to-speak.....
All I run at home are two windows desktops, a Mac Mini, a Ubuntu laptop, an iPhone. I do play games a lot. I dont have any remote access into my systems here so I dont need vpn/rdc/ssh in etc.
I do want logging to syslog (until such time as my setup stabilises, then I can turn it off)
oh and the ntp seems to not want to work (maybe this is fixed in c837-k9o3y6-mz.124-25c which I have ready to put on this (once my configs are a little tidier)
************************************************************
<MYROUTER>#show running-config
Building configuration...
Current configuration : 3698 bytes
!
version 12.3
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname <MYROUTER>
!
boot-start-marker
boot-end-marker
!
logging buffered 52100 debugging
!
username <MY_USER> privilege 15 password 7 <MY_PASS>
clock timezone PCTime 0
no aaa new-model
ip subnet-zero
!
ip dhcp pool CLIENT
import all
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
dns-server 4.2.2.1
lease 0 2
!
ip name-server 4.2.2.1
ip audit notify log
ip audit po max-events 100
no ftp-server write-enable
no scripting tcl init
no scripting tcl encdir
!
no crypto isakmp enable
!
interface Ethernet0
description $ETH-LAN$$FW_INSIDE$
ip address 10.10.10.1 255.255.255.0
ip access-group sdm_ethernet0_in in
ip nat inside
no ip mroute-cache
hold-queue 100 out
!
interface ATM0
no ip address
no ip unreachables
no ip proxy-arp
no ip mroute-cache
atm vc-per-vp 64
atm ilmi-keepalive 10
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
dsl operating-mode auto
dsl enable-training-log
!
interface FastEthernet1
no ip address
duplex auto
speed auto
!
interface FastEthernet2
no ip address
duplex auto
speed auto
!
interface FastEthernet3
no ip address
duplex auto
speed auto
!
interface FastEthernet4
no ip address
duplex auto
speed auto
!
interface Dialer0
no ip address
!
interface Dialer1
description $FW_OUTSIDE$
ip address negotiated
ip access-group sdm_dialer1_in in
ip nat outside
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname <MY_ISP_USER>@btinternet.com
ppp chap password 7 <MY_ISP_PASSWORD>
ppp pap sent-username <MY_ISP_USER>@btinternet.com password 7 <MY_ISP_PASSWORD>
ppp ipcp mask request
ppp ipcp address accept
hold-queue 224 in
!
ip nat pool mw2 10.10.10.2 10.10.10.2 netmask 255.255.255.0 type rotary
ip nat inside source list 102 interface Dialer1 overload
ip nat inside source static tcp 10.10.10.2 6552 interface Dialer1 6552
ip nat inside source static udp 10.10.10.2 6552 interface Dialer1 6552
ip nat inside source static udp 10.10.10.2 28960 interface Dialer1 28960
ip nat inside source static tcp 10.10.10.2 27015 interface Dialer1 27015
ip nat inside source static udp 10.10.10.2 27015 interface Dialer1 3101
ip nat inside destination list 105 pool mw2 *** FOR GAMES ***
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
ip http server
ip http secure-server
! *** What are all these sdm ACL's for?? ****
ip access-list extended sdm_dialer1_in
remark SDM_ACL Category=1
permit udp any any
permit ip any any
ip access-list extended sdm_ethernet0_in
remark SDM_ACL Category=1
permit udp any any
permit ip any any
logging 10.10.10.2
access-list 23 permit 10.10.10.0 0.0.0.255
access-list 102 permit ip 10.10.10.0 0.0.0.255 any
access-list 105 permit tcp any any range 27014 27050
dialer-list 1 protocol ip permit
!
control-plane
!
line con 0
exec-timeout 120 0
no modem enable
transport preferred all
transport output all
stopbits 1
line aux 0
transport preferred all
transport output all
stopbits 1
line vty 0 4
access-class 23 in
login local
length 0
transport preferred all
transport input all
transport output all
!
scheduler max-task-time 5000
sntp server 131.107.1.10
!
end
I have yet to call my provider as it changes from BT to Virgin on Tuesday anyways. My ping problem seems to have been sorted but I am a bit green still on the config side of things.
I wonder if some guru would go through mine with a red pen so-to-speak.....
All I run at home are two windows desktops, a Mac Mini, a Ubuntu laptop, an iPhone. I do play games a lot. I dont have any remote access into my systems here so I dont need vpn/rdc/ssh in etc.
I do want logging to syslog (until such time as my setup stabilises, then I can turn it off)
oh and the ntp seems to not want to work (maybe this is fixed in c837-k9o3y6-mz.124-25c which I have ready to put on this (once my configs are a little tidier)
************************************************************
<MYROUTER>#show running-config
Building configuration...
Current configuration : 3698 bytes
!
version 12.3
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname <MYROUTER>
!
boot-start-marker
boot-end-marker
!
logging buffered 52100 debugging
!
username <MY_USER> privilege 15 password 7 <MY_PASS>
clock timezone PCTime 0
no aaa new-model
ip subnet-zero
!
ip dhcp pool CLIENT
import all
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
dns-server 4.2.2.1
lease 0 2
!
ip name-server 4.2.2.1
ip audit notify log
ip audit po max-events 100
no ftp-server write-enable
no scripting tcl init
no scripting tcl encdir
!
no crypto isakmp enable
!
interface Ethernet0
description $ETH-LAN$$FW_INSIDE$
ip address 10.10.10.1 255.255.255.0
ip access-group sdm_ethernet0_in in
ip nat inside
no ip mroute-cache
hold-queue 100 out
!
interface ATM0
no ip address
no ip unreachables
no ip proxy-arp
no ip mroute-cache
atm vc-per-vp 64
atm ilmi-keepalive 10
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
dsl operating-mode auto
dsl enable-training-log
!
interface FastEthernet1
no ip address
duplex auto
speed auto
!
interface FastEthernet2
no ip address
duplex auto
speed auto
!
interface FastEthernet3
no ip address
duplex auto
speed auto
!
interface FastEthernet4
no ip address
duplex auto
speed auto
!
interface Dialer0
no ip address
!
interface Dialer1
description $FW_OUTSIDE$
ip address negotiated
ip access-group sdm_dialer1_in in
ip nat outside
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname <MY_ISP_USER>@btinternet.com
ppp chap password 7 <MY_ISP_PASSWORD>
ppp pap sent-username <MY_ISP_USER>@btinternet.com password 7 <MY_ISP_PASSWORD>
ppp ipcp mask request
ppp ipcp address accept
hold-queue 224 in
!
ip nat pool mw2 10.10.10.2 10.10.10.2 netmask 255.255.255.0 type rotary
ip nat inside source list 102 interface Dialer1 overload
ip nat inside source static tcp 10.10.10.2 6552 interface Dialer1 6552
ip nat inside source static udp 10.10.10.2 6552 interface Dialer1 6552
ip nat inside source static udp 10.10.10.2 28960 interface Dialer1 28960
ip nat inside source static tcp 10.10.10.2 27015 interface Dialer1 27015
ip nat inside source static udp 10.10.10.2 27015 interface Dialer1 3101
ip nat inside destination list 105 pool mw2 *** FOR GAMES ***
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
ip http server
ip http secure-server
! *** What are all these sdm ACL's for?? ****
ip access-list extended sdm_dialer1_in
remark SDM_ACL Category=1
permit udp any any
permit ip any any
ip access-list extended sdm_ethernet0_in
remark SDM_ACL Category=1
permit udp any any
permit ip any any
logging 10.10.10.2
access-list 23 permit 10.10.10.0 0.0.0.255
access-list 102 permit ip 10.10.10.0 0.0.0.255 any
access-list 105 permit tcp any any range 27014 27050
dialer-list 1 protocol ip permit
!
control-plane
!
line con 0
exec-timeout 120 0
no modem enable
transport preferred all
transport output all
stopbits 1
line aux 0
transport preferred all
transport output all
stopbits 1
line vty 0 4
access-class 23 in
login local
length 0
transport preferred all
transport input all
transport output all
!
scheduler max-task-time 5000
sntp server 131.107.1.10
!
end
