Discussion in 'Cisco' started by ctech, Nov 19, 2003.

  1. ctech

    ctech Guest

    Ok, I have my router online and working great, 1 small problem. It is
    assigned a private address on the subnet from my provider. My PC is
    assigned the actual public address. This is great, but now I can't telnet
    into my router from off-site. Is there any way to get my routers interface
    to obtain the public address?


    ctech, Nov 19, 2003
    1. Advertisements

  2. The uBR924 is currently operation in the default bridge mode. To make it
    operate as a router, do NAT/PAT, etc., you'll need to upgrade the IOS to
    12.2 as the "cable-modem dhcp proxy" command had serious problems before

    Below is a sample configuration. You'll need to remove the bridge
    statements in your own config in addition to adding new statements.

    Also, a good reference line from Cisco is

    Here is a working configuration with the private info removed. One key is
    the 'cable-modem dhcp-proxy nat testpool' statement under int cable 0 and
    another is to have an IOS 12.2 rev preferably 12.2(7b) or better.

    version 12.2
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    hostname cable
    logging buffered 20480 debugging
    username xxxxx privilege 15 password 0 yyyyy
    clock timezone - -8
    ip subnet-zero
    ip tftp source-interface cable-modem0
    ip dhcp excluded-address
    ip dhcp pool inside
    domain-name broadbandISP.com
    dns-server zzz.zzz.zzz.zzz yyy.yyy.yyy.yyy
    lease 30
    ip audit notify log
    ip audit po max-events 100
    ip ssh time-out 120
    ip ssh authentication-retries 3
    call rsvp-sync
    no need to configure***********
    ! ip address xxx.xxx.xxx.xxx
    interface Ethernet0
    ip address
    ip nat inside
    no ip mroute-cache
    interface cable-modem0
    ip nat outside
    no ip mroute-cache
    no cable-modem compliant bridge
    cable-modem dhcp-proxy nat testpool
    !ip nat pool testpool xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx netmask
    !ip nat inside source list 99 pool testpool overload
    ip classless
    no ip pim bidir-enable
    no ip domain-lookup
    no ip http server
    no ip http cable-monitor
    access-list 99 permit
    snmp-server packetsize 2053
    snmp-server manager
    voice-port 0
    input gain -2
    output attenuation 0
    voice-port 1
    input gain -2
    output attenuation 0
    alias exec c config terminal
    alias exec s show run
    alias exec ib show ip interface brief
    alias exec ir show ip route
    alias exec sc show contr c0 mac state
    line con 0
    exec-timeout 0 0
    privilege level 15
    logging synchronous
    line vty 0 4
    exec-timeout 0 0
    logging synchronous
    login local
    scheduler max-task-time 5000
    Bob by The Bay, Nov 19, 2003
    1. Advertisements

  3. One correction:

    I accidentally commented out the "ip nat inside source list 99 pool testpool
    overload" command in the sample config. This statement does in fact need to
    be manually added along with access-list 99.

    A reload is also necessary before any commands are automatically generated.

    Bob by The Bay, Nov 19, 2003
  4. ctech

    ctech Guest

    Thanks, once again you came through and quick. I'll give that a try, you are
    the man.
    ctech, Nov 19, 2003
  5. ctech

    ctech Guest

    The only problem is that I can't upgrade to IOS 12.2 , I can't get to the
    files on Cisco's CCO. I don't have the information I need to get the IOS
    updates. Do you thing this may work without the update?
    ctech, Nov 19, 2003
  6. I've never tried it under 12.1, so I can't really speak to that from
    experience except to pass on the info from Cisco in that document I

    The "cable-modem dhcp-proxy" command, which is key, was introduced in
    12.1(1)T but there is recommendation from Cisco to use 12.2 stated as

    Caution: Be aware of bug CSCdt32356. Dynamic Network Address Translation
    (NAT) using the cable-modem dhcp-proxy nat <pool-name> cable interface
    command does not function correctly. IP address or subnet masks and default
    gateways are not assigned correctly, if at all. After the command is
    entered, the address assigned to the NAT pool does not respond to Address
    Resolution Protocol (ARP). The IP NAT pool that is created is from the cable
    modem scope rather than the customer premises equipment (CPE) scope, so it
    puts an unroutable IP address in the NAT pool. Notice that this problem
    occurs on several cable modem's Cisco IOS software versions, especially
    12.1(5)T. Cisco recommends that you use 12.2 train.
    Bob by The Bay, Nov 19, 2003
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.