Cisco 837 configurations - Dynamic IP
Help! I just need a working configuration now!
Copy the following out, replacing the bits in red with your own information. Click here if you want to see the explanations.
You should make sure that you SSH v2 switched on (ie have your done the generation stage already). If not, you can do this by doing the following from the command line:
conf term
ip domain-name your domain name
crypto key generate rsa usage-keys modulus 2048
This is the full working configuration (minus bits that are pertinent to my own connection):
version 12.4
no parser cache
no service pad
service tcp-keepalives-in
service timestamps debug datetime localtime
service timestamps log datetime localtime
service password-encryption
service sequence-numbers
!
hostname name-of-your-device
!
boot-start-marker
boot system flash:c837-k9o3sy6-mz.123-11.T10.bin
boot-end-marker
!
logging count
logging userinfo
logging buffered 32000 informational
logging reload debugging
logging console informational
logging monitor informational
enable secret 5 password for your device
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication logic admin local
!
aaa session-id common
clock timezone GMT 0
clock summer-time BST recurring last Sun Mar 2:00 last Sun Oct 2:00
ip subnet-zero
no ip source-route
no ip gratuitous-arps
!
!
!
!
!
no ip cef
no ip domain lookup
ip domain name your domain name
ip name-server IP address of your ISP DNS server
ip name-server Second IP address of your ISP DNS server
no ip bootp server
ip inspect max-incomplete high 1100
ip inspect max-incomplete low 1100
ip inspect one-minute high 1100
ip inspect one-minute low 1100
ip inspect name DEFAULT100 udp
ip inspect name DEFAULT100 tcp
login block-for 60 attempts 3 within 30
login on-failure log
login on-success log
!
!
!
username username to connect to the router password 7 password to connect to the router
!
!
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 1
ip ssh version 2
!
no crypto isakmp enable
!
!
!
interface Null0
no ip unreachables
!
interface Ethernet0
ip address Your static IP address Your netmask
no ip proxy-arp
no ip mroute-cache
ntp broadcast
no cdp enable
hold-queue 100 out
!
interface Ethernet2
no ip address
hold-queue 100 out
!
interface ATM0
no ip address
ip access-group 10 out
no ip mroute-cache
no atm ilmi-keepalive
dsl operating-mode auto
hold-queue 224 in
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface FastEthernet1
duplex auto
speed auto
!
interface FastEthernet2
duplex auto
speed auto
!
interface FastEthernet3
duplex auto
speed auto
!
interface FastEthernet4
duplex auto
speed auto
!
interface Dialer0
ip address negotiated
ip access-group 101 in
ip access-group 102 out
no ip redirects
no ip unreachables
no ip proxy-arp
ip inspect DEFAULT100 out
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname ISP provided ADSL username
ppp chap password 7 ISP provided ADSL password
ppp pap sent-username ISP provided ADSL username password 7 ISP provided ADSL password
!
ip route 0.0.0.0 0.0.0.0 Dialer0
!
no ip http server
no ip http secure-server
!
!
!
access-list 101 permit any any
dialer-list 1 protocol ip permit
!
no cdp run
!
!
control-plane
!
banner motd ^C
This is machine name. Unauthorised access to this
machine is strictly prohibited. Please disconnect now unless
you have received prior authorisation for use. The systems
administrator is your name on Your phone number.
^C
!
line con 0
password 7 console password
login authentication admin
no modem enable
stopbits 1
line aux 0
line vty 0 4
exec-timeout 5 0
login authentication admin
transport input ssh
!
scheduler max-task-time 5000
ntp logging
ntp clock-period 17180042
ntp source Dialer0
ntp peer 193.0.0.228
ntp peer 130.88.200.98
ntp peer 158.152.1.76 prefer
end