How do I configure DHCP on Cisco 1721 and T1

[Rhannek9]

Okay first off sorry I am a newb at this Cisco stuff. I'm only used to configuring linksys routers with handly web access

For all I know the 1721 is configured for the T1, but DHCP is not. Can someone hint him how I can set this up for NAT'd dhcp?
I guess I will be doing this with hyperterminal?
ANY HELP AT ALL WOULD BE GREATLY APPRECIATED!!!

Here is the initial setup of the router:

> router>enable
> router#config t
> router(config)#int [name of the interface ] <---LAN interface
> router(config-if)#ip address [ internal ip ] [subnet mask ]
> router(config-if)#no shutdown router(config-if)#exit Enter the
> configuration of the outside interface router(config)#int [name of the
> interface ] <---WAN interface router(config)#ip address [ external ip
> ] [subnet mask ] router(config-if)#no shutdown
> router(config-if)#ctrl-z
>
> To check the status of the interfaces use the command router#show ip
> interface brief they should have an up up status . If they are down
> check the physical connection of the interface.
> If you are not sure if the ip address that you are using is valid you
> can check it with the Subnet Calculator.
>
>

http://www.cisco.com/cgi-bin/Support/IpSubnet/home.pl

>
>
>
> ROUTING TO THE ISP
> router>enable
> router#config t
> router(config)#ip route 0.0.0.0 0.0.0.0 x.x.x.x. <------- x.x.x.x is
> the addres of the ISP, default gateway router(config)#ip routing
> router(config)#ip classless
>
>
> NAT ( Remember that you need to use a public ip address to enable the
> internal LAN to reach the Internet )
> router>enable
> router#config t
> router(config)#ip nat inside source list 120 interface [name of the
> outisde interface] overload router(config)#access-list 120 permit ip
> [address of the LAN] [inverse mask of the LAN ] any router(config)#int
> [name of the interface ] <---LAN interface router(config-if)#ip nat
> inside router(config-if)#exit router(config)#int [name of the
> interface ] <---INTERNET interface router(config-if)#ip nat outside
> router(config-if)#exit
>
> If you have a internal server ( web, exchange for example ) that the
> Internet will access you need to use static nat .
>
> router>enable
> router#config t
> router(config)#ip nat inside source static x.x.x.x y.y.y.y <----where
> x.x.x.x is the internal ip and y.y.y.y is the public ip
> router(config)#exit
>
>
>
>
> DHCP
> To make the router work as a DHCP server :
> router>enable
> router#config t
> router(config)#service dhcp or
> router(config)#ip bootp
> router(config)#ip dhcp pool TEST
> router(dhcp-config)# network X.X.X.X Y.Y.Y.Y ( ip address and subnet
> mask that the LAN will use ) router(dhcp-config)#dns-server {ip of dns
> 1} {ip of dns 2} router(dhcp-config)#default-router Z.Z.Z.Z ( internal
> ip address of the
> router)
> router(dhcp-config)#ctrl-z <----to exit
> -----------------------------------------------------------
>
> ip dhcp excluded-address 172.16.1.100 172.16.1.103
>
> ip dhcp excluded-address 172.16.2.100 172.16.2.103
> --------------------------------------------------
> To use a remote dhcp server
> router>enable
> router#config t
> router(config)#ip helper-address x.x.x.x <---- ip address of the
> remote dhcp server router(config)#exit
>
> ---------------------------------------------
> Router(config)# ip address dhcp
>
> ACCESS-LIST
>
> To enable basic security on the router
> router>enable
> router#config t
> router(config)#access-list 120 permit tcp any any established
> router(config)#access-list 120 permit udp any eq 53 any
> router(config)#access-list 120 permit icmp any any echo-reply
> router(config)#int [name of the interface going to the internet ]
> router(config-if)# ip access-group 120 in router(config)#ctrl-z <--to
> exit
>
> This access-list will prevent outside connections and pings although
> it allows you to ping the outside, have DNS resolution and get a reply
> when the trafic started in your LAN, all other incoming traffic will
> be dropped so if you are using an internal device that the Internet
> will reach you need to specify it . There is a list of common ports in
> this link :
>
>

http://www.iss.net/security_center/advice/Exploits/Ports/

>
> To remove an access-list you first need to disable it :
> router>enable
> router#config t
> router(config)#int [name of the interface going to the internet ]
> router(config-if)#no ip access-group 120 in Then you can modify it on
> a note pad, erase it and paste the new access-list back in config t
> mode:
>
> PASSWORDS
> To have a telnet password
> router>enable
> router#config t
> router(config)#line vty 0 4
> router(config-line)# login
> router(config-line)# password cisco
>
> TO SAVE THE CONFIGURATION :
> router#wr mem



THANKS!

 

[lambent]

You already have the guidelines for setting up DHCP server on your router:

> router(config)#ip dhcp pool TEST
> router(dhcp-config)# network X.X.X.X Y.Y.Y.Y ( ip address and subnet
> mask that the LAN will use ) router(dhcp-config)#dns-server {ip of dns
> 1} {ip of dns 2} router(dhcp-config)#default-router Z.Z.Z.Z ( internal
> ip address of the
> router)
> router(dhcp-config)#ctrl-z <----to exit
> -----------------------------------------------------------
>
> ip dhcp excluded-address 172.16.1.100 172.16.1.103
>
> ip dhcp excluded-address 172.16.2.100 172.16.2.103

And you also have guidelines to set NAT for the internal DHCP clients:

> router(config)#ip nat inside source list 120 interface [name of the
> outisde interface] overload router(config)#access-list 120 permit ip
> [address of the LAN] [inverse mask of the LAN ] any router(config)#int
> [name of the interface ] <---LAN interface router(config-if)#ip nat
> inside router(config-if)#exit router(config)#int [name of the
> interface ] <---INTERNET interface router(config-if)#ip nat outside
> router(config-if)#exit

So you should be able to find your answers in your original post...

 

[Rhannek9]

sorry I am a newb still.
So for DHCP:
> router(config)#ip dhcp pool TEST
> router(dhcp-config)# network X.X.X.X Y.Y.Y.Y ( ip address and subnet
> mask that the LAN will use ) router(dhcp-config)#dns-server {ip of dns
> 1} {ip of dns 2} router(dhcp-config)#default-router Z.Z.Z.Z ( internal
> ip address of the
> router)

I will set the internal ip here, or external?? So it will look like this?:
> router(config)#ip dhcp pool TEST
> router(dhcp-config)# network (ext.ern.a.l ip) 255.255.255.0 ( ip address and subnet mask that the lan will use )
router(dhcp-config)#dns-server {ip of dns
> 1} {ip of dns 2} router(dhcp-config)#default-router 168.192.1.1 ( internal
> ip address of the
> router)
???
Can I edit this as if it was a text file or is there a command that allows me to edit what the internal ip and the subnet mask will be?

And for NAT:
wow I'm lost there

Shoot i'm supposed to figure this out by tomorrow morning im screwed. Thanks again Lambent. Any other help or pointers will be GREATLY appreciated. Thanks!!!

 

[lambent]

e.g

conf t
!
ip dhcp excluded-address 10.0.0.1 10.0.0.30
!
ip dhcp pool internal
network 10.0.0.0 255.255.255.0
default router 10.0.0.1
dns-server 202.202.202.101 202.202.202.102
!
interface s0
description Connected to ISP
ip address 202.202.202.202 255.255.255.0
ip nat outside
no shut
!
interface f0
description Internal network
ip address 10.0.0.1 255.255.255.0
ip nat inside
speed 100
duplex full
no shut
!
access-list 10 permit 10.0.0.0 0.0.0.255
!
ip nat inside source list 10 interface s0 overload
!
ip route 0.0.0.0 0.0.0.0 202.202.202.1
!

Where,

10.0.0.0/24 is your internal subnet
10.0.0.1 is the default gateway of your internal hosts
DHCP will assign IP address 10.0.0.31 - 10.0.0.254 to DHCP clients in your internal network.
202.202.202.202 is the public IP address on your router for the T1
202.202.202.1 is the ISP gateway for the T1
202.202.202.101 and 202.202.202.102 are the ISP DNS servers