Port Forwarding for the Cisco

#
# Telnet to Router and enter provided username and password
# Then follow these steps to setup port forwards
#

#
# To enter Admin Mode ( will require root password )
#

Type enable at the prompt

#
# To show currently configured Interfaces ( there could be several )
#

Type show ip interface at the prompt.

#
# To show Current Port Forwards on Router

Type show ip nat translations at the prompt.

#
# To Enter Configuation Mode
#

Type configure at the prompt.

#
# To add Port Forwarding rules modify then type the following commands at the prompt.
# Note: "BVI1" was the found interface name from running command "show ip interface"
#

ip nat inside source static (TCPorUDP) (YourCompsIP) (PortToForward) interface BVI1 (PortToForward)

#
# To forward port 3389 TCP to the computer that had the 172.16.2.60 ip address you would do the following.
#

ip nat inside source static tcp 172.16.2.60 3389 interface BVI1 3389

#
# End Configure Session
#

Press CTRL-Z

#
# Once you have entered the config, test it out and if it works,
# issue this command to make it persistent:
#

NfSen

NfSen is a graphical web based front end for the nfdump netflow tools.

NfSen allows you to:

• Display your netflow data: Flows, Packets and Bytes using RRD (Round Robin Database).

• Easily navigate through the netflow data.

• Process the netflow data within the specified time span.

• Create history as well as continuous profiles.

• Set alerts, based on various conditions.

• Write your own plugins to process netflow data on a regular interval.

Different tasks need different interfaces to your netflow data. NfSen allows you to keep all the convenient advantages of the command line using nfdump directly and gives you also a graphical overview over your netflow data.
NfSen is available at sourceforge and distributed under the BSD license. 

Link: http://nfsen.sourceforge.net/

Configuring Secure Shell on Routers and Switches Running Cisco IOS

Set Up an IOS Router or Switch as SSH Client

There are four steps required to enable SSH support on an IOS router:

1. Configure the hostname command.
2. Configure the DNS domain.
3. Generate the SSH key to be used.
4. Enable SSH transport support for the virtual type terminal (vtys).

If you want to have one device act as an SSH client to the other, you can add SSH to a second device called Reed. These devices are then in a client-server arrangement, where Carter acts as the server, and Reed acts as the client. The IOS SSH client configuration on Reed is the same as required for the SSH server configuration on Carter.


!--- Step 1: Configure the hostname if you have not previously done so.

hostname carter

!--- The aaa new-model command causes the local username and password on the router
!--- to be used in the absence of other AAA statements.

aaa new-model
username cisco password 0 cisco

!--- Step 2: Configure the DNS domain of the router.

ip domain-name rtp.cisco.com

!--- Step 3: Generate an SSH key to be used with SSH.

cry key generate rsa
ip ssh time-out 60
ip ssh authentication-retries 2

!--- Step 4: By default the vtys' transport is Telnet. In this case,
!--- Telnet is disabled and only SSH is supported.

line vty 0 4
transport input SSH

!--- Instead of aaa new-model, you can use the login local command.

Link: http://www.cisco.com/en/US/tech/tk583/tk617/technologies_tech_note09186a00800949e2.shtml

Joomla 1.5

Joomla! is an award-winning Content Management System (CMS) that will help you build websites and other powerful online applications. Best of all, Joomla! is an open source solution that is freely available to everybody.

Joomla! is used all over the world to power everything from simple, personal homepages to complex corporate web applications. Here are just some of the ways people use our software:

• Corporate websites or portals
• Online commerce
• Small business websites
• Non-profit and organizational websites
• Government applications
• Corporate intranets and extranets
• School and church websites
• Personal or family homepages
• Community-based portals
• Magazines and newspapers
• the possibilities are limitless…

Joomla! can be used to easily manage every aspect of your website, from adding content and images to updating a product catalog or taking online reservations.

Utorrent

µTorrent, the BitTorrent client that is..

Micro-Sized Yet Feature Filled

Most of the features present in other BitTorrent clients are present in µTorrent, including bandwidth prioritization, scheduling, RSS auto-downloading and Mainline DHT (compatible with BitComet). Additionally, µTorrent supports the Protocol Encryption joint specification (compatible with Azureus 2.4.0.0 and above, BitComet 0.63 and above) and peer exchange.

Resource-Friendly

µTorrent was written with efficiency in mind. Unlike many torrent clients, it does not hog valuable system resources - typically using less than 6MB of memory, allowing you to use the computer as if it weren't there at all. Additionally, the program itself is contained within a single executable less than 220 KB in size.

Skinnable and Localized

Various icon, toolbar graphic and status icon replacements are available, and creating your own is very simple. µTorrent also has support for localization, and with a language file present, will automatically switch to your system language. If your language isn't available, you can easily add your own, or edit other existing translations to improve them!

Actively Developed and Improved

The developer puts in a lot of time working on features and making things more user-friendly. Releases only come out when they're ready, with no schedule pressures, so the few bugs that appear are quickly addressed and fixed.

CCleaner

CCleaner is a freeware system optimization and privacy tool. It removes unused files from your system - allowing Windows to run faster and freeing up valuable hard disk space. It also cleans traces of your online activities such as your Internet history. But the best part is that it's fast (normally taking less than a second to run) and contains NO Spyware or Adware! :)

Firefox 3.0

Top New Features

Password Manager
Remember site passwords without ever seeing a pop-up.

One-Click Bookmarking
Bookmark, search and organize Web sites quickly and easily.

Improved Performance
View Web pages faster, using less of your computer’s memory.

Smart Location Bar
Find the sites you love in seconds—enter a term for instant matches that make sense.

Instant Web Site ID
Avoid online scams, unsafe transactions and forgeries with simple site identity.

Full Zoom
See any part of a Web page, up close and readable, in seconds.

Platform-Native Look & Feel
Browse with a Firefox that’s integrated into your computer’s operating system.

Centos

CentOS is an Enterprise-class Linux Distribution derived from sources freely provided to the public by a prominent North American Enterprise Linux vendor. CentOS conforms fully with the upstream vendors redistribution policy and aims to be 100% binary compatible. (CentOS mainly changes packages to remove upstream vendor branding and artwork.) CentOS is free. CentOS is now accepting donations via PayPal, please click the button for more information.

CentOS is developed by a small but growing team of core developers. In turn the core developers are supported by an active user community including system administrators, network administrators, enterprise users, managers, core Linux contributors and Linux enthusiasts from around the world.

CentOS has numerous advantages over some of the other clone projects including: an active and growing user community, quickly rebuilt, tested, and QA'ed errata packages, an extensive mirror network, developers who are contactable and responsive, multiple free support avenues including IRC Chat, Mailing Lists, Forums, a dynamic FAQ. Commercial support is offered via a number of vendors.

Link: www.centos.org

Ubuntu

Ubuntu is a community developed, Linux-based operating system that is perfect for laptops, desktops and servers. It contains all the applications you need - a web browser, presentation, document and spreadsheet software, instant messaging and much more.

The Ubuntu promise

• Ubuntu will always be free of charge, including enterprise releases and security updates.
• Ubuntu comes with full commercial support from Canonical and hundreds of companies around the world.
• Ubuntu includes the very best translations and accessibility infrastructure that the free software community has to offer.
• Ubuntu CDs contain only free software applications; we encourage you to use free and open source software, improve it and pass it on.

Link: www.ubuntu.com

Truecrypt

Free open-source disk encryption software for Windows Vista/XP, Mac OS X, and Linux

Main Features:

• Creates a virtual encrypted disk within a file and mounts it as a real disk.
• Encrypts an entire partition or storage device such as USB flash drive or hard drive.
• Encrypts a partition or drive where Windows is installed (pre-boot authentication).
• Encryption is automatic, real-time (on-the-fly) and transparent.
• Provides two levels of plausible deniability, in case an adversary forces you to reveal the password
  1) Hidden volume (steganography – more information may be found here).
  2) No TrueCrypt volume can be identified (volumes cannot be distinguished from random data).
• Encryption algorithms: AES-256, Serpent, and Twofish. Mode of operation: XTS.

Link: http://www.truecrypt.org/

Tor: anonymity online

Tor is a software project that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security. Tor protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location. Tor works with many of your existing applications, including web browsers, instant messaging clients, remote login, and other applications based on the TCP protocol.
Link: http://www.torproject.org/

Compiere

Compiere is changing the economics of enterprise applications by making Enterprise Resource Planning (ERP) and Customer Relationship Management (CRM) easier. Easier to acquire. Easier to implement. Easier to extend. Easier to change.
Easier, Adaptable and Affordable ERP and CRM
Compiere delivers powerful ERP and CRM capabilities that are built on an innovative Model-driven Applications platform.

Unlike traditional ERP vendors who recommend adapting your enterprise processes to match the default software settings, Compiere encourages you to customize your solution to match your business needs. The Model-driven Application Platform enables you to customize your ERP solution — quickly, easily and affordably — typically without programming.

Easier to Acquire
Compiere ERP and CRM software is easier to acquire through our unique open source business model. You are free to download, evaluate and use the open source version of Compiere without restriction. Compiere and its network of Authorized Partner provide a range of services to maximize the value of your Compiere ERP solution.

Easier to Implement
With Compiere, ERP implementation is easier because it provides both strong functionality upon software installation, and ease of customization to your business needs. What's more, Compiere provides a multitude of resources to streamline the ERP implementation process.

Easier to Extend
The Compiere Model-driven Application Platform makes it easier to expand your ERP solution to growing, changing and evolving enterprise needs

Easier to Change
Compiere is easier to change because there are no "final" decisions. Any element of the ERP system can be changed at any time without consequences in other parts of the application or to application data.

Openbravo

Openbravo is an open source ERP solution designed specifically for the SME (small to midsize firm). Developed in a web based environment, it includes many robust functionalities which are considered part of the extended ERP: procurement and warehouse management, project and service management, production management, and financial management.

Additionally, this same application seemlessly integrates the rest of the areas, starting with a management scope directly helping clients with its CRM (Customer Relationship Management) and BI (Business Intelligence).

Zen Cart™

Zen Cart™, the Shopping Cart Designed for Online Merchants

Zen Cart™ truly is the art of e-commerce; free, user-friendly, open source shopping cart software. The ecommerce web site design program is being developed by group of like-minded shop owners, programmers, designers, and consultants that think ecommerce web design could be and should be done differently.

Some shopping cart "solutions" seem to be complicated programming exercises instead of responding to users' needs, Zen Cart™ puts the merchants and shoppers requirements first. Similarly, other shopping cart software programs are nearly impossible to install and use without an IT degree, Zen Cart™ can be installed and set-up by anyone with the most basic web site building and computer skills.

There are hundreds of shopping cart programs available, but none come close to offering the level of options, features and support available with Zen Cart™. Even the commercial programs have a hard time competing.

Designed with shoppers in mind.

Developers and designers love it.

A long list of features.

Strong, growing, helpful online community.

Link: http://www.zen-cart.com

Thunderbird IMAP Gmail

Note: if you're using an older version of Thunderbird, we highly recommend upgrading to version 2.0.

To set up your Thunderbird client to work with Gmail:

1. Enable IMAP in Gmail.
2. Open Thunderbird, and select Tools > Account Settings.
3. Click Add Account.
4. Select the Email account radio button and click Next. The Identity screen appears.
5. Enter your full name in the Your Name field. Enter your full Gmail email address (username@gmail.com) in the Email Address field, and click Next.
6. Select IMAP as the type of incoming server you are using. Enter imap.gmail.com in the Incoming Server field.
7. Set the Outgoing Server to smtp.gmail.com, and click Next.


8. Enter your Gmail username (including @gmail.com) in the Incoming User Name and Outgoing User Name fields, and click Next.

9. Enter a name for your email account in the Account Name field, and click Next.
10. Verify your account information in the dialog box, and click Finish.
11. Select Server Settings from the folder list below your new account.
12. Update the Port value to 993.
13. In the Security Settings section, select SSL from the Use secure connection options.
14. Select Check for messages at startup and Automatically download new messages
15. Click Outgoing Server (SMTP) in the folder list


16. Select the smtp.gmail.com (Default) entry from the list and click Edit. The SMTP Server page appears.
17. Enter smtp.gmail.com as the Server Name and set the Port to 587.
18. Select User name and password and enter your Gmail username (including @gmail.com) in the User Name field.
19. Select TLS from the Use secure connection radio buttons and click OK.
20. Click OK to save your changes and exit the Account Settings dialog.


21. Check our recommended client settings, and adjust your client's settings as needed.

* Did you click 'Save Changes' after enabling IMAP in Gmail? To ensure that Gmail can communicate with your mail client, be sure to click Save Changes on the Forwarding and POP/IMAP settings tab.

How to convert a FAT/FAT32 to NTFS

To convert an existing FAT or FAT32 volume to NTFS, follow these steps:

1. Click Start, point to All Programs, point to Accessories, and then click Command Prompt.
2. At the command prompt, type the following, where drive letter is the drive that you want to convert: convert drive letter: /fs:ntfsFor example, type the following command to convert drive E to NTFS: convert e: /fs:ntfs Note If the operating system is on the drive that you are converting, you will be prompted to schedule the task when you restart the computer because the conversion cannot be completed while the operating system is running. When you are prompted, click YES.
3. When you receive the following message at the command prompt, type the volume label of the drive that you are converting, and then press ENTER:The type of the file system is FAT. Enter the current volume label for drive drive letter
4. When the conversion to NTFS is complete, you receive the following message at the command prompt: Conversion complete
5. Quit the command prompt.

Trixbox

Trixbox CE is an open telephony platform that combines the best of the open source telephony tools into one easy-to-install package. Based on an enhanced LAAMP (an open source bundle of Linux^®, Apache™, Asterisk^®, mySQL^®, and PHP), the trixbox^® dashboard provides easy to use, Web-based interfaces to setup, manage, maintain, and support a complete IP-PBX system.


Features

• Unlimited Extensions
• TDM/SIP/IAX Trunks
• Remote Extensions
• Voicemail
• Fax Support
• Voicemail to Email
• IVR Menu System
• Ring Groups
• Call Queues
• Conference Rooms
• Follow-Me
• Time-Based Routing
• Music On Hold
• Paging and Intercom
• Web Access to Voicemail
• Admin Status Screen
• Package Manager (for easy updates)
• Phone Provisioning Tool
• Network Settings Tool
• Enhanced CDR Reports
• Echo Cancellation - OSLEC (Open Source Line Echo Cancelation)

Link: http://www.trixbox.com

Recovery Password Cisco

1. Attach a terminal or PC with terminal emulation to the console port of the router.
Use these terminal settings:
¨ 9600 baud rate
¨ No parity
¨ 8 data bits
¨ 1 stop bit
¨ No flow control
Refer to these documents for information on how to cable and connect a terminal to the console port
or the AUX port:
¨ Cabling Guide for Console and AUX Ports
¨ Connecting a Terminal to the Console Port on Catalyst Switches
¨ Connect a Terminal to Catalyst 2948G−L3, 4908G−L3, and 4840G Series Switches

2. If you can access the router, type show version at the prompt, and record the configuration register setting. See Example of Password Recovery Procedure in order to view the output of a show version
command

Note: The configuration register is usually set to 0x2102 or 0x102. If you can no longer access the router (because of a lost login or TACACS password), you can safely assume that your configuration register is set to 0x2102.

3. Use the power switch in order to turn off the router, and then turn the router back on.
Important Notes:
* In order to simulate this step on a Cisco 6400, pull out and then plug in the Node Route
Processor (NRP) or Node Switch Processor (NSP) card.

* In order to simulate this step on a Cisco 6x00 with NI−2, pull out and then plug in the NI−2
card.

4. Press Break on the terminal keyboard within 60 seconds of power up in order to put the router into ROMMON.
If the break sequence does not work, refer to Standard Break Key Sequence Combinations During Password Recovery for other key combinations.

5. Type confreg 0x2142 at the rommon 1> prompt in order to boot from Flash.
This step bypasses the startup configuration where the passwords are stored.

6.Type reset at the rommon 2> prompt.
The router reboots, but ignores the saved configuration.

7. Type no after each setup question, or press Ctrl−C in order to skip the initial setup procedure.

8. Type enable at the Router> prompt.
You are in enable mode and should see the Router# prompt.

9.Type configure memory or copy startup−config running−config in order to copy the nonvolatile
RAM (NVRAM) into memory.

Important: Do not type copy running−config startup−config or write. These commands erase your
startup configuration.

10. Type show running−config.
The show running−config command shows the configuration of the router. In this configuration, the shutdown command appears under all interfaces, which indicates all interfaces are currently shut
down. In addition, the passwords (enable password, enable secret, vty, console passwords) are in
either an encrypted or unencrypted format. You can reuse unencrypted passwords. You must change
encrypted passwords to a new password.

11.Type configure terminal.
The hostname(config)# prompt appears.

12. Type enable secret in order to change the enable secret password. For example: hostname(config)#enable secret cisco

13.Issue the no shutdown command on every interface that you use.
If you issue a show ip interface brief command, every interface that you want to use should display up up.

14. Type config−register . Where configuration_register_setting is
either the value you recorded in step 2 or 0x2102 .
For example: hostname(config)#config−register 0x2102

15. Press Ctrl−z or end in order to leave the configuration mode.
The hostname# prompt appears.

16. Type write memory or copy running−config startup−config in order to commit the changes.

NetXMS

NetXMS is new and rapidly developing monitoring system, released under GPL2 license. It can be used for monitoring entire IT infrastructure, starting with SNMP-capable hardware (like switches and routers) and ending with applications on your servers. NetXMS is an extremely reliable and powerful monitoring system, enabling you to improve your network availability and service levels.

The system has three-tier architecture: the information is collected by monitoring agents (either our own high-performance agents or SNMP agents) and delivered to monitoring server for processing and storing. Network administrator can access collected data using Windows-based Management Console, WEB Interface or Management Console for PocketPC.

Having been designed with flexibility and scalability in mind, NetXMS features a wide range of supported platforms, leaving you the freedom of choice of platform(s) for your network. NetXMS Server, the core system, is currently available for Windows NT/2000/2003/XP, Linux, Solaris and FreeBSD. High-performance modular monitoring Agents are available for the same platforms as well as for OpenBSD, NetBSD, NetWare, HP-UX and AIX. NetXMS currently supports the following databases: MySQL, PostgreSQL, Microsoft SQL and Oracle. Due to the modular structure of the system, support for other SQL databases can be added upon request in a matter of days.

Some of various NetXMS features are listed below:

* NetXMS allows monitoring network devices, servers and applications from one management server
* Configuration and access to monitoring data take place through the user-friendly and customizable Windows-based GUI
* NetXMS ability to send e-mails and SMS notifications, or execute external programs as a reaction to any event, enables you to receive warning notifications based on collected values
* Ability to organize monitored objects into hierarchical structure to represent service dependencies
* Centralized agent upgrade
* Layer 3 IP topology autodiscovery
* Portable client library
* Very flexible event processing
* Remote actions
* Flexible access control configuration

Zenoss

Zenoss provides a complete suite of software and services to help you succeed in monitoring your IT infrastructure. Our software provides a single, integrated solution for monitoring your entire IT infrastructure - network, servers, applications, across the full lifecycle - inventory, configuration, availability, performance, events.

Through our unique approach our goal is to overcome the common hurdles to achieving effective IT monitoring and management.

Link: http://www.zenoss.com/

WiBro

WiBro
WiBro is wireless Broadband internet service, providing full mobility through open, IP based network with various types of terminals.

Carry the high speed Internet in your pocket.
Access the web, multimedia contents and whatever information you need as you move.

Background and Telecom Market Trend

- Dramatic rise of demand on (wire/wireless) Internet services in Korea.
- An efficient frequency band was sought by Industries; the government reallocated 2.3GHz, once allocated for FWA, for Portable Internet service(Dec. 2002)

- The annual growth rate of voice telecom market, both fixed and wireless, is decreasing, as time goes by; while that of data service market is increasing. Especially that of wireless market is very big. But there are some limitations of the current wireless internet equipment. First, the current mobile phone has some disadvantages such as low data rate but high charge. Second, the wireless LAN has less mobility and a narrow cell coverage of about one hundred meters.

- These factors have made a new mobile wireless internet service appear. The new mobile wireless internet service has some advanced features such as good mobility and coverage as well as higher data rate but lower charge than the existing cellular phone.

Positioning

WiBro(Mobile WiMAX), 3G, and WLAN complement each other and are partially competing.

Link: Slide http://www.wibro.or.kr/down/wibro_overview.ppt

Configuring NetFlow Export on an IOS Device

The following is a set of commands issued on a router to enable NetFlow version 5 on the FastEthernet 0/1 interface and export to the machine 192.168.9.101 on port 9996.

router#enable
Password:*****
router#configure terminal
router-2621(config)#interface FastEthernet 0/1
router-2621(config-if)#ip route-cache flow
router-2621(config-if)#exit
router-2621(config)#ip flow-export destination 192.168.9.101 9996
router-2621(config)#ip flow-export source FastEthernet 0/1
router-2621(config)#ip flow-export version 5
router-2621(config)#ip flow-cache timeout active 1
router-2621(config)#ip flow-cache timeout inactive 15
router-2621(config)#snmp-server ifindex persist
router-2621(config)#^Z
router#write
router#show ip flow export
router#show ip cache flow

Link: http://manageengine.adventnet.com/products/netflow/help/cisco-netflow/cisco-ios-netflow.html

Installation DD-WRT

DD-WRT is a third party developed firmware released under the terms of the GPL for many ieee802.11a/b/g/h/n wireless routers based on a Broadcom or Atheros chip reference design.

Step 1. Is your router supported?
You can check your router that is supported DD-WRT
Link: http://www.dd-wrt.com/wiki/index.php/Supported_Devices

Step 2. Downloading DD-WRT
Download the latest stable release from
Link: http://www.dd-wrt.com/dd-wrtv3/dd-wrt/downloads.html
Recommend dd-wrt.v23_sp2_standard.zip

Step 3. Upload the Firmware
1. You should be in the Web GUI of the router. Go there now.
2. Click the "Administration" tab
3. Click the "Firmware Upgrade" sub-tab.
4. (Only applicable when DD-WRT is already installed.) Click the "No reset" radio button (works for me, but please double check if "Firmware Defaults" would be better!).
5. Click the "Browse" button and select the DD-WRT .bin file you downloaded and confirmed.
6. Click the "Upgrade" button.
7. The router will take a few minutes to upload the file and flash the firmware. During this time, the power light will flash.
8. A new page will open confirming that the upload was successful (if not). Now wait about 5 minutes before clicking "Continue".
9. If flashed successfully you will now be at the DD-WRT web interface.

Step 4. Testing Login In to the Web GUI
For DD-WRT firmware, Username: root and Password is admin.

Dynamic DNS Support for Cisco

Examples

The following example shows how to configure the update method, the maximum interval of the updates (globally), and configure the hostname on the interface:

ip ddns update method mytest
ddns
http

!Before entering the question mark (?) character in the add http CLI, press the control
(Ctrl) key and the v key together on your keyboard. This will allow you to enter the ?
without the software interpreting the ? as a help query.

add http://test:test@members.dyndns.org/nic/update?system=dyndns&hostname=&myip=
interval maximum 1 0 0 0
exit

interface ether1
ip ddns update hostname abc.dyndns.org
ip ddns update mytest

Link: http://www.cisco.com/en/US/docs/ios/12_3/12_3y/12_3ya8/gt_ddns.html

Cisco DSL Router Configuration

!−−− Comments contain explanations and additional information.
service timestamps debug datetime msec
service timestamps log datetime msec
vpdn enable
no vpdn logging
vpdn−group pppoe
request−dialin
protocol pppoe
!
!
ip subnet−zero
!
ip dhcp excluded−address
ip dhcp pool
network
default−router
dns−server
!
interface ethernet0
no shut
ip address
ip tcp adjust−mss 1452
!−−− If the ip tcp adjust−mss 1452 command is not supported, try the
!−−− following configuration statement:
!−−− ip adjust−mss 1452
!−−− If this command is not supported in your current Cisco DSL Router software
!−−− release, either upgrade to the latest Cisco DSL Router software or follow the
!−−− procedure in Possible Required Configuration Steps on the PC.
ip nat inside
no ip directed−broadcast
!
interface atm0
no shut
no ip address
bundle−enable
dsl operating−mode auto
!
interface atm0.1 point−to−point
no ip address
no ip directed−broadcast
no atm ilmi−keepalive
pvc
pppoe−client dial−pool−number 1
!−−− Common PVC values supported by ISPs are 0/35 or 8/35.
!−−− Confirm your PVC values with your ISP.
!
!
interface dialer1
ip address negotiated
mtu 1492
ip nat outside
encapsulation ppp
dialer pool 1
ppp chap hostname
ppp chap password
ppp pap sent−username password
!
ip nat inside source list 1 interface dialer1 overload
!−−− If you have a pool (a range) of public IP addresses provided
!−−− by your ISP, you can use a NAT Pool. Replace
!−−− ip nat inside source list 1 interface dialer1 overload
!−−− with the following two configuration statements:
!−−− ip nat inside source list 1 pool overload
!−−− ip nat pool
!−−− netmask
!−−− If Internet users require access to an internal server, you can
!−−− add the following static NAT configuration statement:
!−−− ip nat inside source static tcp {80 or 25}
!−−− {80 or 25} extendable
!−−− Note: TCP port 80 (HTTP/web) and TCP port 25 (SMTP/mail) are used
!−−− for this example. You can open other TCP or UDP ports, if needed.
!
ip classless
ip route 0.0.0.0 0.0.0.0 interface dialer 1
access−list 1 permit
!−−− In this configuration, access−list 1 defines a standard access list
!−−− permitting the addresses that NAT will translate. For example, if
!−−− your private IP network was 10.10.10.0, configuring
!−−− access−list 1 permit 10.10.10.0 0.0.0.255 would allow NAT to translate
!−−− packets with source addresses between 10.10.10.0 and 10.10.10.255.
!
end