Cisco 877 Config Help

Discussion in 'Cisco' started by flamer, Oct 3, 2009.

  1. flamer

    flamer

    Joined:
    Oct 3, 2009
    Messages:
    1
    Hi Guys.
    This is my first post. After trawling around google for some help this site appears more than any other, so I decided to post and see if any one could offer me some advise or a few pointers.
    We have just purchased an 877 router and have a single web server (linux) sitting on our network with a single fixed ip address from BT Business Broaband in the UK. We origionally used the BT 2-Wire router which needs a re-boot a bit to often. We decided to go for the Cisco unit for reliability but have a few problems.

    When I power up the 877 and re-boot everything we are having problems with the email side of the server. We cant send emails via outlook to the server from either the internal network or externally over internet. The mail server wont receive emails from the internet. The webmail cant send email messages either.

    Our trixbox server can register all our SIP connections and we can make calls outgoing. If we try to dial one of our DID number from say a mobile phone, a message is played by the voiptalk.org server that says 'sorry' and hangs up.

    The www server is working fine and I did not get round to looking at the ftp server yet or testing ssh. Hopfully they will work.

    If I swap back to the old router it all works again. In the BT Broadband router we used port forwarding and it worked.

    This is the current running-config of the router.

    Current configuration : 8128 bytes
    !
    version 12.4
    no service pad
    service tcp-keepalives-in
    service tcp-keepalives-out
    service timestamps debug datetime msec localtime show-timezone
    service timestamps log datetime msec localtime show-timezone
    service password-encryption
    service sequence-numbers
    !
    hostname MES-R1
    !
    boot-start-marker
    boot-end-marker
    !
    logging buffered 51200
    logging console critical
    enable secret 5 xxxxxx
    !
    no aaa new-model
    clock timezone PCTime 0
    clock summer-time PCTime date Mar 30 2003 1:00 Oct 26 2003 2:00
    !
    crypto pki trustpoint TP-self-signed-3114465656
    enrollment selfsigned
    subject-name cn=IOS-Self-Signed-Certificate-3114465656
    revocation-check none
    rsakeypair TP-self-signed-3114465656
    !
    !
    crypto pki certificate chain TP-self-signed-3114465656
    certificate self-signed 01
    30820250 308201B9 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
    31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
    69666963 6174652D 33313134 34363536 3536301E 170D3032 30333031 30313135
    33385A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
    4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 31313434
    36353635 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
    8100B909 343507B0 6B5294CA 69C5DE5B 9FAD6068 35D10D62 C8A70751 5B65E8D4
    247A3386 C1EEB490 01529DC0 CF8A93CA 4D58538F 9955B6FD C6FC11EF 726D6611
    6BA94FA9 7F90AEFA DA7C46EB EFD38E72 FD7DBA1A 95E59F6E C71BB85C 1F6F3DFB
    C8F66013 EF85E00F 079F960F 31F36B1D 41E29EB7 12ADD192 3FB8F08C DBA24892
    5F730203 010001A3 78307630 0F060355 1D130101 FF040530 030101FF 30230603
    551D1104 1C301A82 184D4553 2D52312E 6D61676D 612D6772 6F75702E 636F2E75
    6B301F06 03551D23 04183016 80145866 3CA97D81 ED95A8C0 7F68A852 7E8C2CF7
    2D39301D 0603551D 0E041604 1458663C A97D81ED 95A8C07F 68A8527E 8C2CF72D
    39300D06 092A8648 86F70D01 01040500 03818100 A1D6018C 889FFDD3 8F7E1E78
    B8098653 4C62FB10 68290BC5 1A8DBE7B 28D4E14A D22337C2 026119F8 85DF5685
    D32E10E9 54D500CD CEAD80CB DC4412EA CE2256A6 F8992AB6 EE2558DF 8BA3C412
    4066C01A B58D0576 9DE8DC48 D41E837F E914DACA F098B1D8 ED76A2B5 DF7BA05A
    26B457CC A7DCC5FD 3DEAA54F 3BD152C1 FD565F9E
    quit
    dot11 syslog
    no ip source-route
    ip cef
    !
    !
    no ip dhcp use vrf connected
    ip dhcp excluded-address 192.168.0.1
    ip dhcp excluded-address 192.168.0.60
    ip dhcp excluded-address 192.168.0.50
    !
    ip dhcp pool sdm-pool
    import all
    network 192.168.0.0 255.255.255.0
    default-router 192.168.0.1
    dns-server 62.6.40.162 194.74.65.69
    lease 0 2
    !
    !
    no ip bootp server
    ip domain name magma-group.co.uk
    ip name-server 62.6.40.162
    ip name-server 194.74.65.69
    ip inspect name DEFAULT100 cuseeme
    ip inspect name DEFAULT100 ftp
    ip inspect name DEFAULT100 h323
    ip inspect name DEFAULT100 icmp
    ip inspect name DEFAULT100 netshow
    ip inspect name DEFAULT100 rcmd
    ip inspect name DEFAULT100 realaudio
    ip inspect name DEFAULT100 rtsp
    ip inspect name DEFAULT100 esmtp
    ip inspect name DEFAULT100 sqlnet
    ip inspect name DEFAULT100 streamworks
    ip inspect name DEFAULT100 tftp
    ip inspect name DEFAULT100 tcp
    ip inspect name DEFAULT100 udp
    ip inspect name DEFAULT100 vdolive
    !
    multilink bundle-name authenticated
    !
    !
    username MESAdmin privilege 15 secret 5 xxxxxx
    !
    !
    archive
    log config
    hidekeys
    !
    !
    ip tcp synwait-time 10
    ip ssh time-out 60
    ip ssh authentication-retries 2
    !
    !
    !
    interface ATM0
    no ip address
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    ip route-cache flow
    no atm ilmi-keepalive
    dsl operating-mode auto
    !
    interface ATM0.1 point-to-point
    description $ES_WAN$$FW_OUTSIDE$
    pvc 0/38
    encapsulation aal5mux ppp dialer
    dialer pool-member 1
    !
    !
    interface FastEthernet0
    !
    interface FastEthernet1
    !
    interface FastEthernet2
    !
    interface FastEthernet3
    !
    interface Vlan1
    description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
    ip address 192.168.0.1 255.255.255.0
    ip access-group 100 in
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    ip nat inside
    ip virtual-reassembly
    ip route-cache flow
    ip tcp adjust-mss 1452
    !
    interface Dialer0
    description $FW_OUTSIDE$
    ip address negotiated
    ip access-group 101 in
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    ip nat outside
    ip inspect DEFAULT100 out
    ip virtual-reassembly
    encapsulation ppp
    ip route-cache flow
    ip tcp adjust-mss 1412
    dialer pool 1
    dialer-group 1
    no cdp enable
    ppp authentication chap callin
    ppp chap hostname xxxxxxxxxxxxxxx
    ppp chap password 7 xxxxxxxxxxxxxx
    !
    ip forward-protocol nd
    ip route 0.0.0.0 0.0.0.0 Dialer0
    !
    !
    ip http server
    ip http access-class 2
    ip http authentication local
    ip http secure-server
    ip http timeout-policy idle 60 life 86400 requests 10000
    ip nat inside source list 1 interface Dialer0 overload
    ip nat inside source static tcp 192.168.1.110 3389 interface Dialer0 18000
    ip nat inside source static tcp 192.168.0.60 25 interface Dialer0 25
    ip nat inside source static tcp 192.168.0.60 21 interface Dialer0 21
    ip nat inside source static tcp 192.168.0.60 80 interface Dialer0 80
    ip nat inside source static tcp 192.168.0.60 110 interface Dialer0 110
    ip nat inside source static tcp 192.168.0.60 444 interface Dialer0 444
    ip nat inside source static tcp 192.168.0.60 22 interface Dialer0 22
    !
    logging trap debugging
    access-list 1 permit 192.168.0.0 0.0.0.255
    access-list 2 permit 62.49.74.180
    access-list 2 permit 192.168.0.0 0.0.0.255
    access-list 100 permit tcp host 62.49.74.180 host 192.168.0.1 eq telnet
    access-list 100 permit tcp 192.168.0.0 0.0.0.255 host 192.168.0.1 eq telnet
    access-list 100 permit tcp host 62.49.74.180 host 192.168.0.1 eq 22
    access-list 100 permit tcp 192.168.0.0 0.0.0.255 host 192.168.0.1 eq 22
    access-list 100 permit tcp host 62.49.74.180 host 192.168.0.1 eq www
    access-list 100 permit tcp 192.168.0.0 0.0.0.255 host 192.168.0.1 eq www
    access-list 100 permit tcp host 62.49.74.180 host 192.168.0.1 eq 443
    access-list 100 permit tcp 192.168.0.0 0.0.0.255 host 192.168.0.1 eq 443
    access-list 100 permit tcp host 62.49.74.180 host 192.168.0.1 eq cmd
    access-list 100 permit tcp 192.168.0.0 0.0.0.255 host 192.168.0.1 eq cmd
    access-list 100 deny tcp any host 192.168.0.1 eq telnet
    access-list 100 deny tcp any host 192.168.0.1 eq 22
    access-list 100 deny tcp any host 192.168.0.1 eq www
    access-list 100 deny tcp any host 192.168.0.1 eq 443
    access-list 100 deny tcp any host 192.168.0.1 eq cmd
    access-list 100 deny udp any host 192.168.0.1 eq snmp
    access-list 100 deny ip host 255.255.255.255 any
    access-list 100 deny ip 127.0.0.0 0.255.255.255 any
    access-list 100 permit ip any any
    access-list 101 permit tcp any any established
    access-list 101 permit udp host 194.74.65.69 eq domain any
    access-list 101 permit udp host 62.6.40.162 eq domain any
    access-list 101 permit tcp any any eq smtp
    access-list 101 permit tcp any any eq ftp
    access-list 101 permit tcp any any eq www
    access-list 101 permit tcp any any eq pop3
    access-list 101 permit tcp any any eq 444
    access-list 101 permit tcp any any eq 22
    access-list 101 permit icmp any any echo-reply
    access-list 101 permit icmp any any time-exceeded
    access-list 101 permit icmp any any unreachable
    access-list 101 deny ip 192.168.0.0 0.0.0.255 any
    access-list 101 deny ip 10.0.0.0 0.255.255.255 any
    access-list 101 deny ip 172.16.0.0 0.15.255.255 any
    access-list 101 deny ip 192.168.0.0 0.0.255.255 any
    access-list 101 deny ip 127.0.0.0 0.255.255.255 any
    access-list 101 deny ip host 255.255.255.255 any
    access-list 101 deny ip host 0.0.0.0 any
    access-list 101 deny ip any any
    access-list 102 permit ip host 62.49.74.180 any
    access-list 102 permit ip 192.168.0.0 0.0.0.255 any
    dialer-list 1 protocol ip permit
    no cdp run
    !
    !
    !
    !
    control-plane
    !
    banner login ^CCAuthorized access only!
    Disconnect IMMEDIATELY if you are not an authorized user!^C
    !
    line con 0
    login local
    no modem enable
    transport output telnet
    line aux 0
    login local
    transport output telnet
    line vty 0 4
    access-class 102 in
    privilege level 15
    login local
    transport input telnet ssh
    !
    scheduler max-task-time 5000
    scheduler allocate 4000 1000
    scheduler interval 500
    end

    Hope someone can point me in the right direction.
    Phil.
    flamer, Oct 3, 2009
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Cen
    Replies:
    1
    Views:
    4,319
    www.BradReese.Com
    Aug 17, 2005
  2. Simon Gronow

    Cisco 877 & Cisco 827 as backup

    Simon Gronow, Dec 17, 2006, in forum: Cisco
    Replies:
    2
    Views:
    517
    Simon Gronow
    Dec 18, 2006
  3. Colin Heseltine

    Cisco 877 with Demon Broadband - Help

    Colin Heseltine, Mar 29, 2007, in forum: Cisco
    Replies:
    2
    Views:
    1,344
    Ian Wilson
    Mar 30, 2007
  4. GT
    Replies:
    0
    Views:
    1,514
  5. naroekie
    Replies:
    0
    Views:
    1,152
    naroekie
    Mar 4, 2011
Loading...

Share This Page