Updated May 19th, 2003

CISCO Router WAN (HDLC), NAT and DHCP Example

Private Network: 192.168.0.0/24
External Network (DMZ): 202.0.0.0/28
CISCO Router (1700): FastEthernet0:192.168.0.3
Serial0 (HDLC WAN):202.0.0.1
The Internet Server1: 202.0.0.1 (DNS, SMTP, POP3)
The Internet Server2: 202.0.0.2 (DNS, WWW, SYSLOG, NTP) 
jicajvbt#show running-config
Building configuration...
 
Current configuration : 2112 bytes
!
version 12.2
service nagle
no service pad
service timestamps debug datetime msec localtime show-timezone
service timestamps log uptime
service password-encryption
!
hostname gw
!
logging buffered 8192 debugging
no logging console
aaa new-model
!
!
aaa session-id common
enable secret 5 123456789012345678901234567890
!
username hoge password 7 1234567890
clock timezone BST 6
ip subnet-zero
no ip source-route
no ip dhcp conflict logging
ip dhcp excluded-address 192.168.0.1 192.168.0.99
!
ip dhcp pool internalnet
   network 192.168.0.0 255.255.255.0
   default-router 192.168.0.3
   domain-name hoge.local
   netbios-name-server 192.168.0.1 192.168.0.2
   netbios-node-type h-node
   dns-server 202.1.1.1 202.1.1.2
   lease 5
!
!
!
!
!
interface FastEthernet0
 description LAN Network
 ip address 192.168.0.2 255.255.255.0
 no ip redirects
 no ip proxy-arp
 ip nat inside
 no ip route-cache
 speed auto
 no cdp enable
!
interface Serial0
 description 128Kbps HDLC Link to ISP
 ip address 202.144.157.126 255.255.255.240
 ip access-group 100 in
 ip access-group 101 out
 no ip redirects
 no ip proxy-arp
 ip nat outside
 no ip route-cache
 no fair-queue
 no cdp enable
!
ip nat inside source list 1 interface Serial0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0 permanent
no ip http server
!
!
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 100 deny   ip any any log
access-list 101 permit ip 202.144.157.112 0.0.0.15 any
access-list 101 deny   ip any any log
access-list 102 permit ip 192.168.0.0 0.0.0.255 any
access-list 102 deny   ip any any log
no cdp run
radius-server retransmit 3
radius-server authorization permit missing Service-Type
!
line con 0
line aux 0
line vty 0 4
 access-class 102 in
 password 7 030E520807
!
end
Back - Support
Google
Web www.grape-info.com