Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Cisco 877 Config Help

Reply
Thread Tools

Cisco 877 Config Help

 
 
flamer flamer is offline
Junior Member
Join Date: Oct 2009
Posts: 1
 
      10-03-2009
Hi Guys.
This is my first post. After trawling around google for some help this site appears more than any other, so I decided to post and see if any one could offer me some advise or a few pointers.
We have just purchased an 877 router and have a single web server (linux) sitting on our network with a single fixed ip address from BT Business Broaband in the UK. We origionally used the BT 2-Wire router which needs a re-boot a bit to often. We decided to go for the Cisco unit for reliability but have a few problems.

When I power up the 877 and re-boot everything we are having problems with the email side of the server. We cant send emails via outlook to the server from either the internal network or externally over internet. The mail server wont receive emails from the internet. The webmail cant send email messages either.

Our trixbox server can register all our SIP connections and we can make calls outgoing. If we try to dial one of our DID number from say a mobile phone, a message is played by the voiptalk.org server that says 'sorry' and hangs up.

The www server is working fine and I did not get round to looking at the ftp server yet or testing ssh. Hopfully they will work.

If I swap back to the old router it all works again. In the BT Broadband router we used port forwarding and it worked.

This is the current running-config of the router.

Current configuration : 8128 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname MES-R1
!
boot-start-marker
boot-end-marker
!
logging buffered 51200
logging console critical
enable secret 5 xxxxxx
!
no aaa new-model
clock timezone PCTime 0
clock summer-time PCTime date Mar 30 2003 1:00 Oct 26 2003 2:00
!
crypto pki trustpoint TP-self-signed-3114465656
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3114465656
revocation-check none
rsakeypair TP-self-signed-3114465656
!
!
crypto pki certificate chain TP-self-signed-3114465656
certificate self-signed 01
30820250 308201B9 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33313134 34363536 3536301E 170D3032 30333031 30313135
33385A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 31313434
36353635 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100B909 343507B0 6B5294CA 69C5DE5B 9FAD6068 35D10D62 C8A70751 5B65E8D4
247A3386 C1EEB490 01529DC0 CF8A93CA 4D58538F 9955B6FD C6FC11EF 726D6611
6BA94FA9 7F90AEFA DA7C46EB EFD38E72 FD7DBA1A 95E59F6E C71BB85C 1F6F3DFB
C8F66013 EF85E00F 079F960F 31F36B1D 41E29EB7 12ADD192 3FB8F08C DBA24892
5F730203 010001A3 78307630 0F060355 1D130101 FF040530 030101FF 30230603
551D1104 1C301A82 184D4553 2D52312E 6D61676D 612D6772 6F75702E 636F2E75
6B301F06 03551D23 04183016 80145866 3CA97D81 ED95A8C0 7F68A852 7E8C2CF7
2D39301D 0603551D 0E041604 1458663C A97D81ED 95A8C07F 68A8527E 8C2CF72D
39300D06 092A8648 86F70D01 01040500 03818100 A1D6018C 889FFDD3 8F7E1E78
B8098653 4C62FB10 68290BC5 1A8DBE7B 28D4E14A D22337C2 026119F8 85DF5685
D32E10E9 54D500CD CEAD80CB DC4412EA CE2256A6 F8992AB6 EE2558DF 8BA3C412
4066C01A B58D0576 9DE8DC48 D41E837F E914DACA F098B1D8 ED76A2B5 DF7BA05A
26B457CC A7DCC5FD 3DEAA54F 3BD152C1 FD565F9E
quit
dot11 syslog
no ip source-route
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.0.1
ip dhcp excluded-address 192.168.0.60
ip dhcp excluded-address 192.168.0.50
!
ip dhcp pool sdm-pool
import all
network 192.168.0.0 255.255.255.0
default-router 192.168.0.1
dns-server 62.6.40.162 194.74.65.69
lease 0 2
!
!
no ip bootp server
ip domain name magma-group.co.uk
ip name-server 62.6.40.162
ip name-server 194.74.65.69
ip inspect name DEFAULT100 cuseeme
ip inspect name DEFAULT100 ftp
ip inspect name DEFAULT100 h323
ip inspect name DEFAULT100 icmp
ip inspect name DEFAULT100 netshow
ip inspect name DEFAULT100 rcmd
ip inspect name DEFAULT100 realaudio
ip inspect name DEFAULT100 rtsp
ip inspect name DEFAULT100 esmtp
ip inspect name DEFAULT100 sqlnet
ip inspect name DEFAULT100 streamworks
ip inspect name DEFAULT100 tftp
ip inspect name DEFAULT100 tcp
ip inspect name DEFAULT100 udp
ip inspect name DEFAULT100 vdolive
!
multilink bundle-name authenticated
!
!
username MESAdmin privilege 15 secret 5 xxxxxx
!
!
archive
log config
hidekeys
!
!
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
!
!
!
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
description $ES_WAN$$FW_OUTSIDE$
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 192.168.0.1 255.255.255.0
ip access-group 100 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1452
!
interface Dialer0
description $FW_OUTSIDE$
ip address negotiated
ip access-group 101 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip inspect DEFAULT100 out
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
ip tcp adjust-mss 1412
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap callin
ppp chap hostname xxxxxxxxxxxxxxx
ppp chap password 7 xxxxxxxxxxxxxx
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0
!
!
ip http server
ip http access-class 2
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 192.168.1.110 3389 interface Dialer0 18000
ip nat inside source static tcp 192.168.0.60 25 interface Dialer0 25
ip nat inside source static tcp 192.168.0.60 21 interface Dialer0 21
ip nat inside source static tcp 192.168.0.60 80 interface Dialer0 80
ip nat inside source static tcp 192.168.0.60 110 interface Dialer0 110
ip nat inside source static tcp 192.168.0.60 444 interface Dialer0 444
ip nat inside source static tcp 192.168.0.60 22 interface Dialer0 22
!
logging trap debugging
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 2 permit 62.49.74.180
access-list 2 permit 192.168.0.0 0.0.0.255
access-list 100 permit tcp host 62.49.74.180 host 192.168.0.1 eq telnet
access-list 100 permit tcp 192.168.0.0 0.0.0.255 host 192.168.0.1 eq telnet
access-list 100 permit tcp host 62.49.74.180 host 192.168.0.1 eq 22
access-list 100 permit tcp 192.168.0.0 0.0.0.255 host 192.168.0.1 eq 22
access-list 100 permit tcp host 62.49.74.180 host 192.168.0.1 eq www
access-list 100 permit tcp 192.168.0.0 0.0.0.255 host 192.168.0.1 eq www
access-list 100 permit tcp host 62.49.74.180 host 192.168.0.1 eq 443
access-list 100 permit tcp 192.168.0.0 0.0.0.255 host 192.168.0.1 eq 443
access-list 100 permit tcp host 62.49.74.180 host 192.168.0.1 eq cmd
access-list 100 permit tcp 192.168.0.0 0.0.0.255 host 192.168.0.1 eq cmd
access-list 100 deny tcp any host 192.168.0.1 eq telnet
access-list 100 deny tcp any host 192.168.0.1 eq 22
access-list 100 deny tcp any host 192.168.0.1 eq www
access-list 100 deny tcp any host 192.168.0.1 eq 443
access-list 100 deny tcp any host 192.168.0.1 eq cmd
access-list 100 deny udp any host 192.168.0.1 eq snmp
access-list 100 deny ip host 255.255.255.255 any
access-list 100 deny ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 101 permit tcp any any established
access-list 101 permit udp host 194.74.65.69 eq domain any
access-list 101 permit udp host 62.6.40.162 eq domain any
access-list 101 permit tcp any any eq smtp
access-list 101 permit tcp any any eq ftp
access-list 101 permit tcp any any eq www
access-list 101 permit tcp any any eq pop3
access-list 101 permit tcp any any eq 444
access-list 101 permit tcp any any eq 22
access-list 101 permit icmp any any echo-reply
access-list 101 permit icmp any any time-exceeded
access-list 101 permit icmp any any unreachable
access-list 101 deny ip 192.168.0.0 0.0.0.255 any
access-list 101 deny ip 10.0.0.0 0.255.255.255 any
access-list 101 deny ip 172.16.0.0 0.15.255.255 any
access-list 101 deny ip 192.168.0.0 0.0.255.255 any
access-list 101 deny ip 127.0.0.0 0.255.255.255 any
access-list 101 deny ip host 255.255.255.255 any
access-list 101 deny ip host 0.0.0.0 any
access-list 101 deny ip any any
access-list 102 permit ip host 62.49.74.180 any
access-list 102 permit ip 192.168.0.0 0.0.0.255 any
dialer-list 1 protocol ip permit
no cdp run
!
!
!
!
control-plane
!
banner login ^CCAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
login local
no modem enable
transport output telnet
line aux 0
login local
transport output telnet
line vty 0 4
access-class 102 in
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end

Hope someone can point me in the right direction.
Phil.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Need help with a cisco 877 and Bt homehub naroekie Cisco 0 03-04-2011 10:08 PM
cisco 877 atm pvc config for QOS GT Cisco 0 10-21-2009 08:00 PM
Cisco 877 with Demon Broadband - Help Colin Heseltine Cisco 2 03-30-2007 10:43 AM
Cisco 877 & Cisco 827 as backup Simon Gronow Cisco 2 12-18-2006 06:58 AM
cisco 877 pptp passthrough Cen Cisco 1 08-17-2005 02:22 AM



Advertisments