cisco and telewest/virgin media

Discussion in 'Cisco' started by Kevin Wincott, Jun 4, 2007.

  1. Hi,

    Can anyone offer any advice for configuring a cisco router to use a
    Telewest connection? I have the router plugged into the modem but when i
    configure the details from a normal belkin router i can not see the
    outside world :(
     
    Kevin Wincott, Jun 4, 2007
    #1
    1. Advertising

  2. Kevin Wincott

    Al Guest

    On Jun 4, 11:34 am, Kevin Wincott <> wrote:
    > Hi,
    >
    > Can anyone offer any advice for configuring a cisco router to use a
    > Telewest connection? I have the router plugged into the modem but when i
    > configure the details from a normal belkin router i can not see the
    > outside world :(


    The following is a slightly sanitised copy of the config I had on my
    831 when I had NTL cable, hope it helps - it should hopefully point
    you in the right direction. There's bits of this config that probably
    aren't doing anything - I did a lot of playing with it & I'm not sure
    whether this is a fully-working copy or not.

    You may want to post more details of your config, like what router you
    are using & it's config (minus anything identifiable) if you're still
    stuck.

    //START
    version 12.3

    no service pad

    service timestamps debug datetime

    service timestamps log datetime

    service password-encryption

    !

    hostname Router

    !

    logging buffered 16000 debugging

    no logging console

    enable secret 5 >snip>

    !

    username UserA privilege 15 password <snip>

    clock timezone GMT 0

    clock summer-time BST recurring last Sun Mar 2:00 last Sun Oct 2:00

    aaa new-model

    !

    !

    aaa authentication login vpnusers local

    aaa authorization exec default local

    aaa authorization network vpn-remote-access local

    aaa session-id common

    ip subnet-zero

    no ip source-route

    ip tcp synwait-time 10

    ip domain name mydomain.co.uk

    ip name-server a.b.c.d

    ip name-server a.b.c.e

    !

    !

    ip cef

    ip inspect alert-off

    ip inspect max-incomplete low 100

    ip inspect max-incomplete high 200

    ip inspect one-minute low 100

    ip inspect one-minute high 200

    ip inspect udp idle-time 20

    ip inspect tcp idle-time 1800

    ip inspect tcp finwait-time 1

    ip inspect tcp synwait-time 15

    ip inspect tcp max-incomplete host 25 block-time 0

    ip inspect name my-fw smtp

    ip inspect name my-fw ftp

    ip inspect name my-fw tcp

    ip inspect name my-fw fragment maximum 128 timeout 1

    ip inspect name my-fw icmp

    ip inspect name my-fw udp timeout 10

    ip inspect name my-fw http

    ip audit notify log

    ip audit po max-events 100

    ip audit name IDS_in info action alarm

    ip audit name IDS_in attack action alarm drop reset

    ip audit name IDS_out info action alarm

    ip audit name IDS_out attack action alarm drop reset

    ip ssh time-out 60

    ip ssh authentication-retries 2

    !

    no ftp-server write-enable

    !

    class-map match-all CM-eMule

    match access-group name ACL-eMule

    !

    !

    !

    interface Ethernet0

    description "LAN"

    ip address 192.168.5.1 255.255.255.0

    ip nat inside

    !

    interface Ethernet1

    description Internet LAN

    ip address dhcp

    ip access-group ACL-Firewall-ISP in

    no ip redirects

    no ip unreachables

    no ip proxy-arp

    ip nat outside

    ip inspect my-fw out

    duplex auto

    no cdp enable

    !

    interface FastEthernet1

    no ip address

    duplex auto

    speed auto

    !

    interface FastEthernet2

    no ip address

    duplex auto

    speed auto

    !

    interface FastEthernet3

    no ip address

    duplex auto

    speed auto

    !

    interface FastEthernet4

    no ip address

    duplex auto

    speed auto

    !

    ip nat translation timeout 300

    ip nat inside source route-map RM-InternetNAT interface Ethernet1
    overload

    ip classless

    ip route 0.0.0.0 0.0.0.0 dhcp

    no ip http server

    no ip http secure-server

    ip dns server

    !

    !

    ip access-list standard ACL-LAN-NAT

    permit 192.168.5.0 0.0.0.255

    ip access-list standard ACL-VTY

    permit 192.168.5.0 0.0.0.255

    deny any log

    !

    ip access-list extended ACL-Firewall-ISP

    remark Prevent Cisco Vunerability

    deny 53 any any

    deny 55 any any

    deny 77 any any

    deny pim any any

    remark To allow DHCP

    permit udp any eq bootps any eq bootpc

    remark Block spoofing DoS attacks

    deny ip 0.0.0.0 0.255.255.255 any

    deny ip 10.0.0.0 0.255.255.255 any

    deny ip 127.0.0.0 0.255.255.255 any

    deny ip 169.254.0.0 0.0.255.255 any

    deny ip 172.16.0.0 0.15.255.255 any

    deny ip 192.0.2.0 0.0.0.255 any

    deny ip 192.168.0.0 0.0.255.255 any

    deny ip 224.0.0.0 31.255.255.255 any

    deny ip host 255.255.255.255 any

    remark Allow NTP

    permit udp any any eq ntp
    remark Begin DNS Permits

    permit udp any eq domain any

    deny ip any any log
    !

    ip access-list extended ACL-eMule

    permit udp any any eq 4672

    permit tcp any any eq 4662

    permit tcp any eq 4662 any

    permit udp any eq 4672 any
    !

    route-map RM-InternetNAT permit 20

    match ip address ACL-LAN-NAT

    !

    alias exec siib show ip int brief

    alias exec sir show ip route

    alias exec tm term mon

    alias exec tnm term no mon

    alias exec sint show ip nat trans

    alias exec ct conf t

    alias exec sr show run

    !

    line con 0

    no modem enable

    line aux 0

    line vty 0 4

    access-class ACL-VTY in

    privilege level 15

    logging synchronous

    transport input telnet ssh

    !

    scheduler max-task-time 5000

    sntp server 158.43.128.33

    sntp server 158.43.128.66

    sntp server 158.43.192.66

    !

    end
     
    Al, Jun 5, 2007
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. News Reader
    Replies:
    14
    Views:
    953
    News Reader
    May 19, 2007
  2. Guest

    ~~ VIRGIN MEDIA PHONE NO. ~~

    Guest, Jun 10, 2007, in forum: Computer Support
    Replies:
    1
    Views:
    1,431
  3. Kevin Wincott

    cisco and telewest

    Kevin Wincott, Aug 2, 2007, in forum: Cisco
    Replies:
    2
    Views:
    341
    Leander de Graaf
    Aug 3, 2007
  4. John McGarrigle

    Porting Virgin Media (ntl) Numbers

    John McGarrigle, Aug 21, 2007, in forum: UK VOIP
    Replies:
    4
    Views:
    563
    alexd
    Aug 22, 2007
  5. Hairy Dog
    Replies:
    4
    Views:
    2,006
    Pete @ www.GymRatZ.co.uk
    Sep 22, 2007
Loading...

Share This Page