Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DDNS IS NOT WORKING...! CISCO 877 1

Status
Not open for further replies.
4ukh

4ukh

Programmer
Jan 10, 2008
15
SA
I tried very much to setting up the DynDNS but failed... please help me following are my configs...

thanks for the help

!This is the running config of the router: 192.168.1.1
!----------------------------------------------------------------------------
!version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CYBERIA-GATEWAY
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
clock timezone PCTime 3
!
crypto pki trustpoint TP-self-signed-3884097217
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3884097217
revocation-check none
rsakeypair TP-self-signed-3884097217
!
!
crypto pki certificate chain TP-self-signed-3884097217
certificate self-signed 02
30820256 308201BF A0030201 02020102 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33383834 30393732 3137301E 170D3032 30333032 32313233
35355A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 38383430
39373231 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100C878 8390121A BC9F5F9A 5508A649 32898333 6D5972C2 656B626A B7470A08
C7AD53A6 CE8BC8EB A223AAB8 BD8D4429 6EE8B5F3 77A75ED1 18F56EDC 9404AA0E
B4ED6775 1DDE4EEA BFFE2613 D46E9686 7F520016 E20C95B6 3D7AFEB8 9C4EF6B3
121CC2DF 4B3D983D 40C40B1D CD859075 31925901 95B9EA9E DA3B1B96 1496972F
1BF10203 010001A3 7E307C30 0F060355 1D130101 FF040530 030101FF 30290603
551D1104 22302082 1E435942 45524941 2D474154 45574159 2E796F75 72646F6D
61696E2E 636F6D30 1F060355 1D230418 30168014 EF5E9DE0 787FD11F 71060A74
ACD23A20 B77565D0 301D0603 551D0E04 160414EF 5E9DE078 7FD11F71 060A74AC
D23A20B7 7565D030 0D06092A 864886F7 0D010104 05000381 81000522 AECAFECD
4F4364AB B3237A87 D4DA4FD7 762A1FD8 378A1F31 007E8DEB E769F937 FB6FCA69
02DE711D D49D6CAC B747EB1F 8472C88D FC8D2EBC F00E77E5 5835F4BD 9DF36AC7
CA17596F 46DB3037 382081E4 FD947B3A DBDAE917 8B3A2F52 2D9A8385 AF319B57
666813C7 16EA0E60 8DA69F6D FFCD5909 B37612CC DC630EAE 6C26
quit
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.1 192.168.1.99
ip dhcp excluded-address 192.168.1.151 192.168.1.254
!
ip dhcp pool 1
import all
network 192.168.1.0 255.255.255.0
domain-name relook7000.dyndns.org
dns-server 212.119.64.2 212.119.64.3
default-router 192.168.1.1
lease infinite
!
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
ip domain name yourdomain.com
ip name-server 212.119.64.2
ip name-server 212.119.64.3
ip ddns update method sdm_ddns1
HTTP
add ht tp://xxxxxxxxxxxxxxx@members.dyndns.org/nic/update?system=dyndns&hostname=<h>&myip=<a>
remove ht tp://xxxxxxxxxxxxx> I DON'T KNOW WHAT IS THIS FOR? AND HOW TO REMOVE THIS <xxxxxxxxxxxxxxxxx@members.dyndns.org/nic/update?system=dyndns&hostname=<h>&myip=<a>
!
!
!
!
username XXXXX privilege 15 password 0 XXXXXXXXXXX
!
!
archive
log config
hidekeys
!
!
!
!
!
interface ATM0
description $ES_WAN$
no ip address
ip mask-reply
ip directed-broadcast
no atm ilmi-keepalive
pvc 0/35
pppoe-client dial-pool-number 1
!
dsl operating-mode auto
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
interface Dialer1
ip ddns update hostname XXXXXXXX.dyndns.org.yourdomain.com
ip ddns update sdm_ddns1
ip address negotiated
ip mtu 1452
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname XXXXXXXXXXXX@2048.cyberia.net.sa
ppp chap password 0 XXXXXXXXXXXXXXXXX
ppp pap sent-username XXXXXXXXXXXX@2048.cyberia.net.sa password 0 XXXXXXXXXXXXX
!
interface Dialer0
no ip address
dialer in-band
dialer idle-timeout 0
no cdp enable
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer1 overload
ip nat inside source static tcp 192.168.1.102 4000 interface Dialer1 4000
ip nat inside source static udp 192.168.1.102 4000 interface Dialer1 4000
!
access-list 1 remark SDM_ACL Category=18
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 23 remark SDM_ACL Category=17
access-list 23 permit any
dialer-list 1 protocol ip permit
no cdp run
!
!
!
control-plane
!
banner login ^C
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device.
This feature requires the one-time use of the username "cisco"
with the password "cisco". The default username and password have a privilege level of 15.

Please change these publicly known initial credentials using SDM or the IOS CLI.
Here are the Cisco IOS commands.

username <myuser> privilege 15 secret 0 <mypassword>
no username cisco

Replace <myuser> and <mypassword> with the username and password you want to use.

For more information about SDM please follow the instructions in the QUICK START
GUIDE for your router or go to -----------------------------------------------------------------------
^C
!
line con 0
password Line
login local
no modem enable
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet
!
scheduler max-task-time 5000
end
 
Sort by date Sort by votes
The last thing you want to use is SDM for this config---it'll never work. Look at mine and copy and paste in (as the "?" will automatically pull up the help topic in the Cisco---can't remember the key combo to bypass this). Actually, I'll look for another post with this solution...works every time if done correctly...will post back in a minute.

Burt
 
Upvote 0 Downvote
So...
CYBERIA-GATEWAY>en
CYBERIA-GATEWAY#conf t
CYBERIA-GATEWAY(config)#no ip ddns method sdm_ddns1
CYBERIA-GATEWAY(config)#ip ddns method not_sdm
CYBERIA-GATEWAY(DDNS-update-method)#http
CYBERIA-GATEWAY(DDNS-HTTP)#add CYBERIA-GATEWAY(DDNS-HTTP)#exit
CYBERIA-GATEWAY(DDNS-update-method)#interval maximum 2 0 0 0
CYBERIA-GATEWAY(DDNS-update-method)#exit
CYBERIA-GATEWAY(config)#int di1
CYBERIA-GATEWAY(config-if)#no ip mtu 1452
CYBERIA-GATEWAY(config-if)#ip tcp adjust-mss 1452
CYBERIA-GATEWAY(config-if)#ip ddns update hostname yourdnsname.blablabla.com
CYBERIA-GATEWAY(config-if)#ip ddns update this_one_works host members.dyndns.org
CYBERIA-GATEWAY(config-if)#end
CYBERIA-GATEWAY#

The ip tcp adjust-mss 1452 puts the max segment (tcp data unit) size at 1452 bytes, which puts ip max transmission unit at 1492 bytes, which is what you want for adsl. The two things SDM does is add that stupid "remove" config under ddns config mode and leaves out the "host members.dyndns.org" in the "ip ddns update this_one_works host members.dyndns.org" line under the interface config. Never works that way---not having the remove statement under ddns config mode and having the host members.dyndns.org are necessary for ddns to work in a Cisco device.
I have had the interval at 2 days for almost a year now, and dyndns.org has never complained, and this config has been rock solid.
The interval 2 0 0 0 is 2 days, 0 hours, 0 minutes and 0 seconds (yes, seconds...why? Because Cisco is evil that way...), but you can adjust it to whatever you want.
It is best to type only to get into specific modes, and copy and paste the rest for accuracy, but you can't paste the "?"---you have to manually enter it. In other words, copy and paste this...
add when you're a this prompt
CYBERIA-GATEWAY(DDNS-HTTP)#
and then do the key combo like this...hit ctrl-v and then ?---not all 4 keys at the same time (ctrl-v-shift-?)---hit ctrl-v, let go, then type the ?
Then you can copy and paste all the rest. When I need to copy and paste text into a cli instance, I always use PuTTy or Tera Term, whether I'm consoled, telnetted or ssh'd in. Good luck.

Burt
 
Upvote 0 Downvote
Whoopsie...this line
CYBERIA-GATEWAY(config)#ip ddns method not_sdm
should be
CYBERIA-GATEWAY(config)#ip ddns method this_one_works
Sorry---had a fusion done in my back a few days ago...pain pills...you get the picture...woooooooooooooooo...
And of course put your own info in for "username:password" and "yourdnsname.blablabla.com"---the : is also missing in your config, but I think you just left that out...but you do need that...
PuTTy and Tera Term are free and I HIGHLY recommend them, especially Tera Term---HyperTerminal in Windoze sucks and screws up configs all the time, IMHO.
One more thing...where I said
"It is best to type only to get into specific modes, and copy and paste the rest for accuracy, but you can't paste the "?"---you have to manually enter it. In other words, copy and paste this...
add password@members.dyndns.org/nic/update" target="_blank"> that pasted wrong for me...what I mean is everything up to the ?, then manually enter the ? with the key combo, then continue to copy and paste, but I'm sure you get that.
I also noticed that pain medication tends to make me ramble...

Burt
 
Upvote 0 Downvote
thank you for the help but it does not work for me here is my new config after your modifications; and one more thing i think there is some thing else which is missing/conflicting with this DynDNS setting...

please do me a favor thoroughly inspect the config and find me out whats actually wrong with that. If some thing is missing please add that...

and as well as I'll point to you some messy things which could be a cause of the problem...

regards

------------------------------------------------------------

Current configuration : 11232 bytes
!
! Last configuration change at 02:44:19 PCTime Tue Oct 28 2008 by admin
! NVRAM config last updated at 01:44:01 PCTime Tue Oct 28 2008 by admin
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CYBERIA-GATEWAY
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
clock timezone PCTime 3
!
crypto pki trustpoint TP-self-signed-3884097217
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3884097217
revocation-check none
rsakeypair TP-self-signed-3884097217
!
!
crypto pki certificate chain TP-self-signed-3884097217
certificate self-signed 02
30820256 308201BF A0030201 02020102 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33383834 30393732 3137301E 170D3032 30333032 32313233
35355A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 38383430
39373231 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100C878 8390121A BC9F5F9A 5508A649 32898333 6D5972C2 656B626A B7470A08
C7AD53A6 CE8BC8EB A223AAB8 BD8D4429 6EE8B5F3 77A75ED1 18F56EDC 9404AA0E
B4ED6775 1DDE4EEA BFFE2613 D46E9686 7F520016 E20C95B6 3D7AFEB8 9C4EF6B3
121CC2DF 4B3D983D 40C40B1D CD859075 31925901 95B9EA9E DA3B1B96 1496972F
1BF10203 010001A3 7E307C30 0F060355 1D130101 FF040530 030101FF 30290603
551D1104 22302082 1E435942 45524941 2D474154 45574159 2E796F75 72646F6D
61696E2E 636F6D30 1F060355 1D230418 30168014 EF5E9DE0 787FD11F 71060A74
ACD23A20 B77565D0 301D0603 551D0E04 160414EF 5E9DE078 7FD11F71 060A74AC
D23A20B7 7565D030 0D06092A 864886F7 0D010104 05000381 81000522 AECAFECD
4F4364AB B3237A87 D4DA4FD7 762A1FD8 378A1F31 007E8DEB E769F937 FB6FCA69
02DE711D D49D6CAC B747EB1F 8472C88D FC8D2EBC F00E77E5 5835F4BD 9DF36AC7
CA17596F 46DB3037 382081E4 FD947B3A DBDAE917 8B3A2F52 2D9A8385 AF319B57
666813C7 16EA0E60 8DA69F6D FFCD5909 B37612CC DC630EAE 6C26
quit
ip cef
no ip dhcp use vrf connected
ip dhcp binding cleanup interval 10
ip dhcp excluded-address 192.168.1.1 192.168.1.99
ip dhcp excluded-address 192.168.1.151 192.168.1.254
!
ip dhcp pool 1
import all
network 192.168.1.0 255.255.255.0
domain-name members.dyndns.org
!
!IS THIS OK I MEAN DOMAIN-NAME MEMBERS.DYNDNS.ORG
!
dns-server 212.119.64.2 212.119.64.3
!
!THESE DNS SERVER IPs ARE ISP'S IPs
!
default-router 192.168.1.1
lease infinite
!
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
ip domain name yourdomain.com
ip host relook7000.dyndns.org 63.208.196.100
ip name-server 212.119.64.2
ip name-server 212.119.64.3
ip ddns update method not_sdm
HTTP
add interval maximum 2 0 0 0
!
ip dhcp-client update dns server both
!
!
!
username XXXXXXXXX privilege 15 password 0 XXXXXXXXXX
!
!
archive
log config
hidekeys
!
!
!
!
!
interface ATM0
description $ES_WAN$
no ip address
ip mask-reply
ip directed-broadcast
no atm ilmi-keepalive
pvc 0/35
pppoe-client dial-pool-number 1
!
dsl operating-mode auto
!
interface FastEthernet0
ip ddns update hostname XXXXXX.dyndns.org
ip ddns update DynDNS host members.dyndns.org
ip ddns update sdm_ddns1 host members.dyndns.org
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
interface Dialer1
ip ddns update hostname XXXXXXXX.dyndns.org.yourdomain.com
!
!HERE AGAIN WHAT IS THIS--------------------^
!
ip ddns update sdm_ddns1
ip ddns update XXXXXXXX.dyndns.org
ip ddns update this_one_works host members.dyndns.org
ip ddns update not_sdm host members.dyndns.org
ip address negotiated
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname XXXXXXX@2048.cyberia.net.sa
ppp chap password 0 XXXXXXX
ppp pap sent-username XXXXX@2048.cyberia.net.sa password 0 XXXXXX
!
interface Dialer0
no ip address
dialer in-band
dialer idle-timeout 0
no cdp enable
!
router rip
passive-interface ATM0
passive-interface Vlan1
passive-interface Dialer1
passive-interface Dialer0
network 192.168.1.0
no auto-summary
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1 permanent
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http secure-client-auth
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer1 overload
ip nat inside source static tcp 192.168.1.102 4000 interface Dialer1 4000
ip nat inside source static udp 192.168.1.102 4000 interface Dialer1 4000
!
access-list 1 remark SDM_ACL Category=18
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 23 remark SDM_ACL Category=17
access-list 23 permit any
dialer-list 1 protocol ip permit
no cdp run
!
!
!
control-plane
!
banner login ^C
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device.
This feature requires the one-time use of the username "cisco"
with the password "cisco". The default username and password have a privilege level of 15.

Please change these publicly known initial credentials using SDM or the IOS CLI.
Here are the Cisco IOS commands.

username <myuser> privilege 15 secret 0 <mypassword>
no username cisco

Replace <myuser> and <mypassword> with the username and password you want to use.

For more information about SDM please follow the instructions in the QUICK START
GUIDE for your router or go to -----------------------------------------------------------------------
^C
!
line con 0
password Line
login local
no modem enable
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet
!
scheduler max-task-time 5000
end
 
Upvote 0 Downvote
What is this...
ip ddns update hostname XXXXXXXX.dyndns.org.yourdomain.com

My domain name is 2620router.gotdns.com. You need your domain name there. You also did part of it wrong. I will show you the exact commands you need again---you need to take the old sdm-generated ddns config out first!
There should be nothing under fastethernet1! Why is there???

Here is what you need...enter this in VERBATIM! Just type it in, and remember---when you type in the ?, hit ctrl-v and then the ?


CYBERIA-GATEWAY>en
CYBERIA-GATEWAY#conf t
CYBERIA-GATEWAY(config)#no ip ddns method sdm_ddns1
CYBERIA-GATEWAY(config)#ip ddns method this_one_works
CYBERIA-GATEWAY(DDNS-update-method)#http
CYBERIA-GATEWAY(DDNS-HTTP)#add CYBERIA-GATEWAY(DDNS-HTTP)#exit
CYBERIA-GATEWAY(DDNS-update-method)#interval maximum 2 0 0 0
CYBERIA-GATEWAY(DDNS-update-method)#exit
CYBERIA-GATEWAY(config)#int di1
CYBERIA-GATEWAY(config-if)#no ip mtu 1452
CYBERIA-GATEWAY(config-if)#ip tcp adjust-mss 1452
CYBERIA-GATEWAY(config-if)#no ip ddns update sdm_ddns1
CYBERIA-GATEWAY(config-if)#no ip ddns update XXXXXXXX.dyndns.org
CYBERIA-GATEWAY(config-if)#ip ddns update hostname xxxxxxxxxx
CYBERIA-GATEWAY(config-if)#ip ddns update this_one_works host members.dyndns.org
CYBERIA-GATEWAY(config-if)#exit
CYBERIA-GATEWAY(config)#int fa1
CYBERIA-GATEWAY(config-if)#no ip ddns update hostname
XXXXXX.dyndns.org
CYBERIA-GATEWAY(config-if)#no ip ddns update DynDNS host
members.dyndns.org
CYBERIA-GATEWAY(config-if)#no ip ddns update sdm_ddns1 host
members.dyndns.org
CYBERIA-GATEWAY(config-if)#exit
CYBERIA-GATEWAY(config)#ip dhcp pool 1
CYBERIA-GATEWAY(dhcp-config)#no domain-name members.dyndns.org
CYBERIA-GATEWAY(dhcp-config)#domain-name xxxxxxxxxx
CYBERIA-GATEWAY(dhcp-config)#end
CYBERIA-GATEWAY#

The xxxxxxxxxx is the domain name you chose, NOT "members.dyndns.org. Like mine is 2620router.gotdns.com---whatever yours is goes where the xxxxxxxxxx is in the config example. Type all that in EXACT and you shall be fine!
The username:password is of course YOUR username and password...

One more thing---before you post a config again, make sure you uncheck "process tgml" in "Step 2 Options".

Burt
 
Upvote 0 Downvote
Thanks for your help Burt which is really much appreciated. Ok I modified the configs as you said now just have a look because it’s still not working. There is only one thing which I’m not understanding is what you meant by domain name of mine I just enter the rocknroll007.dyndns.org... and its little confusing to me because I’m very new to this Cisco CLI. I just buy this Cisco(877)router + modem for the better services but as you know it become worst for me yet... but I am sure with you help that day is not so far when it work perfectly O God... weeew
-----------------------------------------------
Current configuration : 11006 bytes
!
! Last configuration change at 09:23:28 PCTime Tue Oct 28 2008 by admin
! NVRAM config last updated at 09:23:48 PCTime Tue Oct 28 2008 by admin
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CYBERIA-GATEWAY
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
clock timezone PCTime 3
!
crypto pki trustpoint TP-self-signed-3884097217
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3884097217
revocation-check none
rsakeypair TP-self-signed-3884097217
!
!
crypto pki certificate chain TP-self-signed-3884097217
certificate self-signed 02
30820256 308201BF A0030201 02020102 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33383834 30393732 3137301E 170D3032 30333032 32313233
35355A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 38383430
39373231 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100C878 8390121A BC9F5F9A 5508A649 32898333 6D5972C2 656B626A B7470A08
C7AD53A6 CE8BC8EB A223AAB8 BD8D4429 6EE8B5F3 77A75ED1 18F56EDC 9404AA0E
B4ED6775 1DDE4EEA BFFE2613 D46E9686 7F520016 E20C95B6 3D7AFEB8 9C4EF6B3
121CC2DF 4B3D983D 40C40B1D CD859075 31925901 95B9EA9E DA3B1B96 1496972F
1BF10203 010001A3 7E307C30 0F060355 1D130101 FF040530 030101FF 30290603
551D1104 22302082 1E435942 45524941 2D474154 45574159 2E796F75 72646F6D
61696E2E 636F6D30 1F060355 1D230418 30168014 EF5E9DE0 787FD11F 71060A74
ACD23A20 B77565D0 301D0603 551D0E04 160414EF 5E9DE078 7FD11F71 060A74AC
D23A20B7 7565D030 0D06092A 864886F7 0D010104 05000381 81000522 AECAFECD
4F4364AB B3237A87 D4DA4FD7 762A1FD8 378A1F31 007E8DEB E769F937 FB6FCA69
02DE711D D49D6CAC B747EB1F 8472C88D FC8D2EBC F00E77E5 5835F4BD 9DF36AC7
CA17596F 46DB3037 382081E4 FD947B3A DBDAE917 8B3A2F52 2D9A8385 AF319B57
666813C7 16EA0E60 8DA69F6D FFCD5909 B37612CC DC630EAE 6C26
quit
ip cef
no ip dhcp use vrf connected
ip dhcp binding cleanup interval 10
ip dhcp excluded-address 192.168.1.1 192.168.1.99
ip dhcp excluded-address 192.168.1.151 192.168.1.254
!
ip dhcp pool 1
import all
network 192.168.1.0 255.255.255.0
dns-server 212.119.64.2 212.119.64.3
default-router 192.168.1.1
domain-name rocknroll007.dyndns.org
lease infinite
!
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
ip domain name yourdomain.com
! ^
!WHAT IS THIS
!
ip host rocknroll007.dyndns.org 63.208.196.100
! ^
!IS THIS OK
!
ip name-server 212.119.64.2
ip name-server 212.119.64.3
ip ddns update method this_one_works
HTTP
add stname=<h>&myip<a>
interval maximum 2 0 0 0
!
ip dhcp-client update dns server both
!
!
!
username admin XXXXXXXXXX 15 password 0 XXXXXXXXXXX
!
!
archive
log config
hidekeys
!
!
!
!
!
interface ATM0
description $ES_WAN$
no ip address
ip mask-reply
ip directed-broadcast
no atm ilmi-keepalive
pvc 0/35
pppoe-client dial-pool-number 1
!
dsl operating-mode auto
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
interface Dialer1
ip ddns update hostname rocknroll007
ip ddns update this_one_works host members.dyndns.org
ip address negotiated
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname xxxxxxxxxx@2048.cyberia.net.sa
ppp chap password 0 xxxxxxxxx
ppp pap sent-username xxxxxxxxxx@2048.cyberia.net.sa password 0 xxxxxxxxxxx
!
interface Dialer0
no ip address
dialer in-band
dialer idle-timeout 0
no cdp enable
!
router rip
passive-interface ATM0
passive-interface Vlan1
passive-interface Dialer1
passive-interface Dialer0
network 192.168.1.0
no auto-summary
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1 permanent
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http secure-client-auth
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer1 overload
ip nat inside source static tcp 192.168.1.102 4000 interface Dialer1 4000
ip nat inside source static udp 192.168.1.102 4000 interface Dialer1 4000
!
access-list 1 remark SDM_ACL Category=18
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 23 remark SDM_ACL Category=17
access-list 23 permit any
dialer-list 1 protocol ip permit
no cdp run
!
!
!
control-plane
!
banner login ^C
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device.
This feature requires the one-time use of the username "cisco"
with the password "cisco". The default username and password have a privilege le
vel of 15.

Please change these publicly known initial credentials using SDM or the IOS CLI.

Here are the Cisco IOS commands.

username <myuser> privilege 15 secret 0 <mypassword>
no username cisco

Replace <myuser> and <mypassword> with the username and password you want to use
.

For more information about SDM please follow the instructions in the QUICK START

GUIDE for your router or go to -----------------------------------------------------------------------
^C
!
line con 0
password Line
login local
no modem enable
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet
!
scheduler max-task-time 5000
end



4ukh
 
Upvote 0 Downvote
ip domain name yourdomain.com
! ^
!WHAT IS THIS

That is mainly for rsa key generation (cryptographic stuff)---it has no bearing on anything, don't worry about that.

ip host rocknroll007.dyndns.org 63.208.196.100
! ^
!IS THIS OK

That just relates a domain name to an ip address---this is only in the router---the same thing happens in any internet-connected computer...this is so you can type "ping rocknroll007.dyndns.org" in the router, and the router knows what IP address to ping. Just like in a computer---"ping from the command prompt works because the outside dns servers come back and tell your computer what IP address it is. You do not need this in the router. I would get rid of it. It is mainly used for hosts on the inside of YOUR LAN---the router knows the outside domain names because of thye name server...
ip name-server 212.119.64.2
ip name-server 212.119.64.3

I would do a "no ip host rocknroll007.dyndns.org 63.208.196.100" so the router doesn't get confused...\

This is b-a-a-a-a-a-d-d-d-d...

router rip
passive-interface ATM0
passive-interface Vlan1
passive-interface Dialer1
passive-interface Dialer0
network 192.168.1.0
no auto-summary

Get rid of it! it is NOT needed and is a definite security risk in your situation (edge device, only one LAN subnet throughout)---the LAN is directly connected, so it knows about all routes inside! Do a "no router rip".

Some other security issues and such---I will write what you need to type for all of this to take place. The DDNS config is not working because of one small typo in this line...
add stname=<h>&myip<a>
This is what I told you to type...
add See the mistake? Look CAREFULLY...there is no = in yours...
at the end of that line...look
ho
stname=<h>&myip<a>
now look at myip<a>
it is supposed to be
myip=<a>
with the = before the <a>
Like Pink Floyd says..."NO, WRONG...DO IT AGAIN!"

This will make all the necessary changes...

CYBERIA-GATEWAY>en
CYBERIA-GATEWAY#conf t
CYBERIA-GATEWAY(config)#no ip domain name yourdomain.com
CYBERIA-GATEWAY(config)#no ip host rocknroll007.dyndns.org 63.208.196.100
CYBERIA-GATEWAY(config)#no router rip
CYBERIA-GATEWAY(config)#line vty 0 4
CYBERIA-GATEWAY(config-line)#password xxxxxxxx
CYBERIA-GATEWAY(config-line)#no access-class 23 in
CYBERIA-GATEWAY(config-line)#trans in telnet ssh
CYBERIA-GATEWAY(config-line)#exit
CYBERIA-GATEWAY(config)#no access-list 23
CYBERIA-GATEWAY(config)#no ip nat inside source list 1 int di1 overload
CYBERIA-GATEWAY(config)#ip nat inside source list 101 int di1 overload
CYBERIA-GATEWAY(config)#access-list 101 remark Best_to_use_extended_lists_for_NAT
CYBERIA-GATEWAY(config)#access-list 101 permit ip 192.168.1.0 0.0.0.255 any
CYBERIA-GATEWAY(config)#no access-list 23 remark SDM_ACL Category=17
CYBERIA-GATEWAY(config)#no banner login
CYBERIA-GATEWAY(config)#ip domain name local
CYBERIA-GATEWAY(config)#service password-encryption
CYBERIA-GATEWAY(config)#no username admin priv 15 password xxxxx
CYBERIA-GATEWAY(config)#username xxxxxxx priv 15 secret xxxxx

*NOTE*---if you get an error with this, then put the original "username xxxx priv 15 password xxxxxx" back in...the reason I would change this is that level 7 passwords are easily cracked ("password") but "secret" passwords are MD5 hashes, and are one-way hashes and have yet to be able to be cracked by anyone, including Kevin Mitnik!

CYBERIA-GATEWAY(config)#enable secret yyyyyyyyyyy

this is a different password from all the rest---write it down!

CYBERIA-GATEWAY(config)#ntp clock-period 17180370
CYBERIA-GATEWAY(config)#ntp server 64.113.32.5 source di1

That's a free NTP server---been solid for me for 2 years now...very important to sync time for error reports, etc. You can get time that the router reports by doing sh clock.
Now for the ddns stuff...don't miss!

CYBERIA-GATEWAY(config)#ip ddns method this_one_works
CYBERIA-GATEWAY(DDNS-update-method)#http
CYBERIA-GATEWAY(DDNS-HTTP)#add CYBERIA-GATEWAY(DDNS-HTTP)#exit
CYBERIA-GATEWAY(DDNS-update-method)#exit
CYBERIA-GATEWAY(config)#exit
CYBERIA-GATEWAY#wr

I would read up on security for this router if I were you---there's still a LOT that this router can do, and DON'T let SDM do it! If you need help, let us know. The safest way to remote in to configure things is VPN, which it looks like this router will do, but at LEAST ssh in...NEVER telnet from the outside! Inside is okay, but NEVER from outside. Do all of this EXACTLY paying great attention to detail and it should work. Good luck.

One more thing...the login banner that is on your router tells an attacker "I have a GUI you can use to screw this guy---in case you can't remember the CLI stuff..."
HUGE mistake!!!

Burt
 
Upvote 0 Downvote
Before the ddns part, do this...

CYBERIA-GATEWAY(config)#ip ddns method this_one_works
CYBERIA-GATEWAY(DDNS-update-method)#http
CYBERIA-GATEWAY(DDNS-HTTP)#no add
You have to get rid of your mistake before putting in the correct one---do this before ANYTHING else! In fact...

CYBERIA-GATEWAY>en
CYBERIA-GATEWAY#conf t
CYBERIA-GATEWAY(config)#ip ddns method this_one_works
CYBERIA-GATEWAY(DDNS-update-method)#http
CYBERIA-GATEWAY(DDNS-HTTP)#no add CYBERIA-GATEWAY(DDNS-HTTP)#exit
CYBERIA-GATEWAY(DDNS-update-method)#exit
CYBERIA-GATEWAY(config)#

Then do what I just posted, minus the en and conf t in the first two lines, of course. Good luck!

Burt
 
Upvote 0 Downvote
ok! i'm away from home for 3 days... i'll enter your configs and than let you know... o yeh one more thing what if i let you to telnet my router for further refinements is it possible for you...?

thank a lot

4ukh
 
Upvote 0 Downvote
Yes, but I would rather you learn this stuff yourself---there are many many configuration examples and explanations for everything under the sun---just Google it, and start posting in the Cisco Certification and Testing forums---many great posts about building labs, and especially about GREAT books for learning by Todd Lammle and other great CCIE authors.


Burt
 
Upvote 0 Downvote
very well very nice thank you but you know the way you teach/describe is really very simple and effective which mostly people don't have that power and seance, what are you The Great Teacher :)? this configuring thing is really very great and its like you are directly talking to the hardware cool. so i think to work with these sort of gadgets you should learn enough knowledge to understand what is going on though I've a bachelor degree of BS-SW but this cisco thing is completely new to me... :-( and im deciding to go for CCNA.


4ukh
 
Upvote 0 Downvote
That's awesome! See you in the Cisco Certification and Testing Forum!

Burt
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

pbxcomm
  • Locked
  • Question
CISCO VG450
Replies
1
Views
356
bdk76
bdk76
Skip Rango
  • Locked
  • Question
how to backup cisco sg500-52p switch
Replies
1
Views
350
madwok
madwok
Jared R
  • Locked
  • Question
Cisco UC320W Paging Help
Replies
0
Views
326
Jared R
Jared R
Hayden09
  • Locked
  • Question
Cisco Sg-300 Flapping?
Replies
0
Views
332
Hayden09
Hayden09
JMarine0811
  • Locked
  • Question
CISCO VG450 Factory reset
Replies
1
Views
430
whykap
whykap

Part and Inventory Search

Sponsor

Back
Top