StarOverIP Ltd.

All solutions over IP

Internet, Data, Voice, Video, Services and Consultancy

Home

Documents

Services

Learning

News

About Us

Contact

Links

ISDN negotiated IP addresses & NAT

This is the configuration I used on a 2503 when I only had ISDN access. This configuration uses RFC1918 IP addresses for your private IP network. These are special internet unroutable addresses. This configuration is quite secure because nothing can connect in to your network because there are no IP NAT translations back into your network. This configuration also includes a DHCP server, so once you have configured the router all you need to do is plug your computers in and they will get an IP address from the router and be ready to access the internet.

Information Needed

From You
router                                              The hostname of your router
cisco                                               The password for telneting to your router
ciscoen                                            The password for enable access to your router

From your ISP
172.16.1.1, 172.16.1.2                   The DNS servers on your ISP’s network
08451232065                                 The Dial-up number for ISDN access to your ISP
simpleisp                                         The username your ISP gave you
password                                        The password form logging into your ISP

Sample Configuration

service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname router
!
enable secret ciscoen
!
ip subnet-zero
no ip source-route
ip dhcp excluded-address 192.168.0.0 192.168.0.10
!
ip dhcp pool home
network 192.168.0.0 255.255.255.0
default-router 192.168.0.1
dns-server 172.16.1.1 172.16.1.2
!
no ip bootp server
isdn switch-type basic-net3
!
interface Ethernet0
description === Your Local Network ===
ip address 192.168.0.1 255.255.255.0
ip nat inside
no cdp enable
!
interface BRI0
no ip address
encapsulation ppp
no keepalive
dialer pool-member 1
isdn switch-type basic-net3
no peer default ip address
no fair-queue
no cdp enable
ppp multilink
no shutdown
!
interface Dialer1
description === ISP Internet ===
ip address negotiated
ip nat outside
encapsulation ppp
no keepalive
dialer pool 1
dialer idle-timeout 300
dialer string 08451232065
dialer hold-queue 20
dialer load-threshold 200 either
dialer-group 1
no peer default ip address
no fair-queue
no cdp enable
ppp authentication pap callin
ppp pap sent-username simpleisp password password
ppp multilink
hold-queue 50 in
!
ip nat inside source list 101 interface Dialer1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
no ip http server
!
access-list 101 permit ip 192.168.0.0 0.0.0.255 any
dialer-list 1 protocol ip permit
no cdp run
!
line con 0
line aux 0
line vty 0 4
access-class 101 in
session-timeout 35791
password cisco
login
!
end

Testing

To test that everything is working properly try the following commands

show isdn status

You are looking for the phrase TEI Established or Multiple frames established, this means your router can see the telephone switch at the end of the ISDN line and you should be able to make calls.

terminal monitor
debug dialer
debug ppp authentication
debug ppp negotiation

Now try to surf the internet. You should see a whole lot of messages staring with trying to dial, then the ppp connection coming up and you should see the username and password authenticated.

Back to Internet Access 101
 
The contents of this webpage are copyright © 2004 - 2010 StarOverIP Ltd. All Rights Reserved.