This sample configuration shows a Cisco 827 Digital Subscriber Line (DSL) Router connecting to a Cisco 6130 Digital Subscriber Line Access Multiplexer (DSLAM) and terminating on a Cisco 6400 Universal Access Concentrator (UAC). The Cisco 827 router has been configured as a Dynamic Host Configuration Protocol (DHCP) server with Point-to-Point Protocol over ATM (PPPoA).
For more information on document conventions, see the Cisco Technical Tips Conventions.
There are no specific prerequisites for this document.
The information in this document is based on the software and hardware versions below.
Cisco 827-4V Customer Premises Equipment (CPE) IOS® Software Release 12.1(1)XB
Cisco 6400 UAC-Node Route Processor (NRP) IOS Software Release 12.0(7)DC
Cisco 6400 UAC-Node Switch Processor (NSP) IOS Software Release 12.0(4)DB
Cisco 6130 DSLAM-NI2 IOS Software Release 12.1(1)DA
The information presented in this document was created from devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If you are working in a live network, ensure that you understand the potential impact of any command before using it.
In this instance, the Internet Service Provider (ISP) has given the subscriber a single IP address (172.18.0.1) for Internet connectivity, but the subscriber has a small network of PCs and wants to have Internet access for all devices.
The solution shown here implements Network Address Translation (NAT) on the Cisco 827 router. NAT is designed for IP address simplification and conservation; it enables private IP internetworks that use nonregistered IP addresses to connect to the Internet. NAT operates on a router, usually connecting two networks, and translates the private (in this case the 10.0.0.0 network) addresses in the internal network to legal (in this case, 172.18.0.1) addresses before packets are forwarded to another network. As part of this functionality, NAT can be configured to advertise only one address (172.18.0.1) for the entire network. This provides additional security, effectively hiding the entire internal network behind a single IP address.
NAT serves the dual purposes of security and address conservation, and is typically implemented in remote access environments. In this example, an IP address of 10.0.0.1 is manually configured on the Ethernet interface of the Cisco 827 router. The Cisco 827 router is configured to act as a DHCP server, and leases IP addresses to local LAN devices attached to its Ethernet network.
The following configuration shows NAT configured for the Ethernet and ATM interfaces. The Ethernet interface (designated Ethernet0 in the network diagram below) has an IP address of 10.0.0.1, with a subnet mask of 255.0.0.0. NAT is configured for inside, which means that the interface is connected to the inside network that is subject to NAT translation. The ATM interface (designated Dialer0 in the network diagram below) has an IP address of 172.18.0.1 and a subnet mask of 255.255.0.0. NAT on Dialer0 is configured for outside, which means that the interface is connected to an outside network such as the Internet. For more information about end-to-end Asynchronous Digital Subscriber Line (ADSL) PPPoA architecture, refer to PPPoA Baseline Architecture.
In this section, you are presented with the information to configure the features described in this document.
Note: To find additional information on the commands used in this document, use the Command Lookup Tool (registered customers only) .
This document uses the network setup shown in the diagram below.
This document uses the configuration shown below.
Cisco 827 Router |
---|
! version 12.1 service timestamps debug datetime msec service timestamps datetime msec ! hostname R1 ! ip subnet-zero ! ip dhcp excluded-address 10.0.0.1 !--- The DHCP pool does not lease this address; !--- it is used by interface E0. ! ip dhcp pool <pool name> network 10.0.0.0 255.0.0.0 default-router 10.0.0.1 !--- The default gateway is assigned to local devices. ! interface Ethernet0 ip address 10.0.0.1 255.0.0.0 no ip directed-broadcast ip nat inside no ip mroute-cache ! interface ATM0 no ip address no ip directed-broadcast no ip mroute-cache no atm ilmi-keepalive pvc 1/150 encapsulation aal5mux ppp dialer dialer pool-member 1 ! hold-queue 224 in ! interface Dialer0 ip address 172.18.0.1 255.255.0.0 ip nat outside no ip directed-broadcast encapsulation ppp dialer pool 1 dialer-group 2 ppp pap sent-username <username> password <password> ! ip nat inside source list 1 interface Dialer0 overload ip classless ip route 0.0.0.0 0.0.0.0 Dialer0 no ip http server ! access-list 1 permit 10.0.0.0 0.255.255.255 dialer-list 2 protocol ip permit ! voice-port 1 timing hookflash-in 0 ! voice-port 2 timing hookflash-in 0 ! voice-port 3 timing hookflash-in 0 ! voice-port 4 timing hookflash-in 0 ! end |
There is currently no verification procedure available for this configuration.
There is currently no specific troubleshooting information available for this configuration.
Revision | Publish Date | Comments |
---|---|---|
1.0 |
25-Jan-2008 |
Initial Release |