cisco and telewest/virgin media

Discussion in 'Cisco' started by Kevin Wincott, Jun 4, 2007.

  1. Hi,

    Can anyone offer any advice for configuring a cisco router to use a
    Telewest connection? I have the router plugged into the modem but when i
    configure the details from a normal belkin router i can not see the
    outside world :(
    Kevin Wincott, Jun 4, 2007
    1. Advertisements

  2. Kevin Wincott

    Al Guest

    The following is a slightly sanitised copy of the config I had on my
    831 when I had NTL cable, hope it helps - it should hopefully point
    you in the right direction. There's bits of this config that probably
    aren't doing anything - I did a lot of playing with it & I'm not sure
    whether this is a fully-working copy or not.

    You may want to post more details of your config, like what router you
    are using & it's config (minus anything identifiable) if you're still

    version 12.3

    no service pad

    service timestamps debug datetime

    service timestamps log datetime

    service password-encryption


    hostname Router


    logging buffered 16000 debugging

    no logging console

    enable secret 5 >snip>


    username UserA privilege 15 password <snip>

    clock timezone GMT 0

    clock summer-time BST recurring last Sun Mar 2:00 last Sun Oct 2:00

    aaa new-model



    aaa authentication login vpnusers local

    aaa authorization exec default local

    aaa authorization network vpn-remote-access local

    aaa session-id common

    ip subnet-zero

    no ip source-route

    ip tcp synwait-time 10

    ip domain name

    ip name-server a.b.c.d

    ip name-server a.b.c.e



    ip cef

    ip inspect alert-off

    ip inspect max-incomplete low 100

    ip inspect max-incomplete high 200

    ip inspect one-minute low 100

    ip inspect one-minute high 200

    ip inspect udp idle-time 20

    ip inspect tcp idle-time 1800

    ip inspect tcp finwait-time 1

    ip inspect tcp synwait-time 15

    ip inspect tcp max-incomplete host 25 block-time 0

    ip inspect name my-fw smtp

    ip inspect name my-fw ftp

    ip inspect name my-fw tcp

    ip inspect name my-fw fragment maximum 128 timeout 1

    ip inspect name my-fw icmp

    ip inspect name my-fw udp timeout 10

    ip inspect name my-fw http

    ip audit notify log

    ip audit po max-events 100

    ip audit name IDS_in info action alarm

    ip audit name IDS_in attack action alarm drop reset

    ip audit name IDS_out info action alarm

    ip audit name IDS_out attack action alarm drop reset

    ip ssh time-out 60

    ip ssh authentication-retries 2


    no ftp-server write-enable


    class-map match-all CM-eMule

    match access-group name ACL-eMule




    interface Ethernet0

    description "LAN"

    ip address

    ip nat inside


    interface Ethernet1

    description Internet LAN

    ip address dhcp

    ip access-group ACL-Firewall-ISP in

    no ip redirects

    no ip unreachables

    no ip proxy-arp

    ip nat outside

    ip inspect my-fw out

    duplex auto

    no cdp enable


    interface FastEthernet1

    no ip address

    duplex auto

    speed auto


    interface FastEthernet2

    no ip address

    duplex auto

    speed auto


    interface FastEthernet3

    no ip address

    duplex auto

    speed auto


    interface FastEthernet4

    no ip address

    duplex auto

    speed auto


    ip nat translation timeout 300

    ip nat inside source route-map RM-InternetNAT interface Ethernet1

    ip classless

    ip route dhcp

    no ip http server

    no ip http secure-server

    ip dns server



    ip access-list standard ACL-LAN-NAT


    ip access-list standard ACL-VTY


    deny any log


    ip access-list extended ACL-Firewall-ISP

    remark Prevent Cisco Vunerability

    deny 53 any any

    deny 55 any any

    deny 77 any any

    deny pim any any

    remark To allow DHCP

    permit udp any eq bootps any eq bootpc

    remark Block spoofing DoS attacks

    deny ip any

    deny ip any

    deny ip any

    deny ip any

    deny ip any

    deny ip any

    deny ip any

    deny ip any

    deny ip host any

    remark Allow NTP

    permit udp any any eq ntp
    remark Begin DNS Permits

    permit udp any eq domain any

    deny ip any any log

    ip access-list extended ACL-eMule

    permit udp any any eq 4672

    permit tcp any any eq 4662

    permit tcp any eq 4662 any

    permit udp any eq 4672 any

    route-map RM-InternetNAT permit 20

    match ip address ACL-LAN-NAT


    alias exec siib show ip int brief

    alias exec sir show ip route

    alias exec tm term mon

    alias exec tnm term no mon

    alias exec sint show ip nat trans

    alias exec ct conf t

    alias exec sr show run


    line con 0

    no modem enable

    line aux 0

    line vty 0 4

    access-class ACL-VTY in

    privilege level 15

    logging synchronous

    transport input telnet ssh


    scheduler max-task-time 5000

    sntp server

    sntp server

    sntp server


    Al, Jun 5, 2007
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.