کد:
http://ciscoconfigs.net/index.php?option=com_content&task=view&id=22&Itemid=26

This configuration snippet shows how to setup a router with a modem bank to act as a dial-in remote access server. Believe it
or not in this day of broadband everywhere there are still folks who have reasons for keeping a dial-in remote access server.
These days it is more for a backup than anything else.


# This configuration was taken from an 2621 running 112.2(17a) IP Plus with a NM-16AM module. This is a 16 port
# analog modem bank.

# I always like debug and log information to show the actual date and time and it is also good security practice to make sure
# password-encryption is turned on.

service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption

hostname RAS-Router

logging buffered 4096 debugging
enable secret cisco


# These are usernames that the dial-in users will need to use to complete the PPP authentication phase.

username cisco password cisco
username ciscoconfigs password ciscoconfigs


# To ensure accurate time reporting set the timezone properly as well set the new daylight savings time settings.

clock timezone EST -5
clock summer-time DST recurring 2 Sun Mar 2:00 1 Sun Nov 2:00

# The following command is needed to set the country code for these modems.

modem country microcom_hdms usa

# It is always good to turn off source-routing on older routers where it is not the default.

ip subnet-zero
no ip source-route

no ip domain-lookup


# This command enables the use of a global address-pool for the dial-in clients. The dhcp-proxy-client tag
# tells the router to act as a proxy dhcp client to an external DHCP server. This way you don't have to
# define a local pool on the router and all your DHCP scopes are in one place.

ip address-pool dhcp-proxy-client

# Basic IP addressing on an interface. It is good practice to hard code speed and duplex on all your
# networking gear.

interface FastEthernet0/0
ip address 10.1.1.30 255.255.255.0
speed 100
full-duplex

# It's a 2621 so it has 2 FastEthernets but in this example we aren't using the second one so its shutdown.

interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto


# The interface Group-Async1 command is used to lump the characteristics for all of the dial in
# interfaces. This saves you from having to create an async interface for each modem line. So to start
# off we need to assign it as unnumbered to FastEthernet0/0. We do this to enable the async
# interfaces to be able to process IP packets without actually having to use an IP address.
# In some cases it might be advantageous to bind it to a loopback interface instead of a physical
# interface. In this case if this physical interface goes down, nobody is talking so its irrelevant here.
# We set the encapsulation type to ppp for a standard ppp connection. We set to the async mode to
# interacive so it can take a slip or ppp command at the EXEC level. The peer default ip address dhcp
# command tells the router that the remote peer that is dialing in will receive its ip address through dhcp.
# We then set the ppp authentication method to chap pap which is standard when setting up a ppp
# connection from a Microsoft client. The client will need to authenticate with a username defined
# in the local database that was defined above. We then assign the modem lines which are 33-48 to be
# controlled by this group interface. Keep in mind the line numbers may be different for you.
interface Group-Async1
ip unnumbered FastEthernet0/0
encapsulation ppp
async mode interactive
peer default ip address dhcp
ppp authentication chap pap
group-range 33 48


# This router is running EIGRP so it can receive all of the routes from the rest of the interal network.
# We do not want to attempt to propagate EIGRP routes over the dial lines so we set the group-async1
# interface to passive mode. We set the network value to 10.0.0.0 which basically states that we will run
# EIGRP on any network interface on this router that falls under the class A address of 10.x.x.x.
# Therefore we see that the only interface that will participate in EIGRP is the FA0/0 interface.

router eigrp 1
passive-interface Group-Async1
network 10.0.0.0
auto-summary

# IP Classless is always used with EIGRP

ip classless
no ip http server

# It is good security practice to set up your read and write community strings to something other than
# public and private.

snmp-server community ciscoconfigs-pub RO
snmp-server community ciscoconfigs-priv RW

line con 0

# Line 33 - 48 are the modem lines. First of all we use the flush-at-activation command to get rid of
# any garbage that my be in the modem line buffer before we bring up the connection. We then set
# the modem to allow incoming calls with the modem Dialin command, then we set the transport input
# to all. We then use the autoselect ppp command to tell the router to start PPP once we receive
# PPP packets from the dial-in user.

line 33 48
flush-at-activation
modem Dialin
transport input all
autoselect ppp

# Standard aux and vty 0 4 definitions

line aux 0
line vty 0 4
password cisco
login

end



موضوعات مشابه: