====== 1841 - no NAT, just routing ======


Needs updating to reflect the Fibre WAN rather than ADSL which is probably obsolete now.

<code>
1841#sh run
Building configuration...

Current configuration : 3328 bytes
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname 1841-adsl
!
boot-start-marker
boot system flash:c1841-advipservicesk9-mz.151-4.M6.bin
boot-end-marker
!
!
logging buffered 51200 warnings
enable secret 5 $verysecretstring
!
no aaa new-model
!
clock timezone GMT 0 0
clock summer-time BST recurring 4 Sun Mar 1:00 4 Sun Oct 2:00
dot11 syslog
ip source-route
!
!
ip cef
ip domain list rainsbrook.co.uk
ip domain name rainsbrook.co.uk
ip name-server 12.21.12.21

ipv6 source-route
ipv6 unicast-routing
ipv6 cef
ipv6 multicast-routing
!
multilink bundle-name authenticated
!
crypto pki token default removal timeout 0
!
!
!
!
license udi pid CISCO1841 sn FCZ140961YL
username admin password 7 anothersecretstring
!
redundancy
!
!
ip ssh time-out 60
ip ssh version 2
!
!
interface FastEthernet0/0
 description Internet LAN to firewall
 ip address 12.123.345.249 255.255.255.248
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface ATM0/0/0
 no ip address
 no atm ilmi-keepalive
 dsl enable-training-log delay 0
 hold-queue 224 in
 pvc 0/38
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
 !
!
interface Dialer0
 description WAN link to ISP
 ip address negotiated
 encapsulation ppp
 dialer pool 1
 dialer idle-timeout 0
 dialer persistent
 dialer-group 1
 ipv6 enable
 ipv6 traffic-filter adsl-ipv6 in
 ppp chap hostname notsosecretstring
 ppp chap password 7 justapassword
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip access-list standard snmpv4
 permit 1.12.123.1
!
access-list 22 permit 1.12.123.1 log
access-list 22 deny   any log
!
access-list 23 deny   any log
dialer-list 1 protocol ip permit
ipv6 route ::/0 Dialer0
!
!
!
!
snmp-server community readonly RO 22
snmp-server community readonlystring RO snmpv4
snmp-server ifindex persist
snmp-server location Attic-comms-cab
snmp-server contact support@rainsbrook.co.uk
!
!
control-plane
!
!
banner exec ^CC
Session established to $(hostname) on line $(line)^C
banner login ^CC
+-------------------------------------------------------+
|             This is a private system and              |
|      is only for the use of authorized personnel.     |
|                                                       |
+-------------------------------------------------------+
|                                                       |
|  If you are allowed access, you will have been told.  |
|    If you have to ask anyone if you are authorized,   |
|                                                       |
|                   -*YOU AREN'T*-                      |
|                                                       |
+-------------------------------------------------------+



^C
banner motd ^CCx^C
!
line con 0
 password 7 password
 login
line aux 0
line vty 0 4
 access-class 22 in
 password 7 anotherpassword
 login
 transport input all
!
scheduler allocate 20000 1000
end

1841#
</code>



====== PPPoE ======


May need this in the ethernet WAN to set MTU

<code>


Router(config-if)# ip mtu 1492

Router(config-if)# 

</code>

===== SSH setup =====


<code>
1841(config)#ip ssh version 2
Please create RSA keys to enable SSH (and of atleast 768 bits for SSH v2).
1841-adsl(config)#
</code>

<code>
1841(config)#crypto key generate rsa
The name for the keys will be: 1841.mydomain.co.uk
Choose the size of the key modulus in the range of 360 to 4096 for your
  General Purpose Keys. Choosing a key modulus greater than 512 may take
  a few minutes.

How many bits in the modulus [512]: 1024
% Generating 1024 bit RSA keys, keys will be non-exportable...
[OK] (elapsed time was 7 seconds)

1841(config)#
*Jul 15 22:03:08.528: %SSH-5-ENABLED: SSH 2.0 has been enabled
1841(config)#

</code>



===== IPv6 =====


My first two ipv6 pings to the internet from my router:-

<code>
1841-adsl#ping ipv6 2600::
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2600::, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms


1841-adsl#ping ipv6 2001:4860:4860::8888
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:4860:4860::8888, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/28/60 ms

</code>

==== Well Known IPv6 addresses ====

Sprint:- 2600:: \\
Google:- 2001:4860:4860::8888 \\
Google:- 2001:4860:4860::8844 \\