Preconditions
For convenience, this article sets the following example configs:
- Connect the WAN port of the router to the modem, dial up to the Internet through pppoe
- The username obtained from the ISP is user_id and the password is user_pass
- There is a Vlan on the internal network, the subnet is 192.168.1.0/24
- The Vlan's gateway address is 192.168.1.254
- Use 192.168.1.1 to 192.168.1.100 as dynamically assigned addresses, leaving the rest for static assignment
- MTU of the ISP network is 1492
About MTU MRU and MSS:
The default values commonly used in Ethernet networks (also the maximum values without using extension standards such as JumboFrame) are as follows:
MTU (Maximum Transmission Unit): 1500byte
MRU (Maximum Receive Unit): 1500byte
MSS (Maximum Segment Size): MTU minus IP header (20byte), TCP header (20byte): 1460byte
With a PPPoE dial-up connection, the PPPoE header needs to occupy 8 bytes, so the maximum MTU / MRU is 1492 and the maximum mss is 1452
The actual value varies according to the ISP. For example, the MTU of the most widely used network in Japan is set to 1454.
Configuration for basic internet connection
Use the enable command to gain administrative privileges, and then enter the configuration mode through the console.
The "router-config#" indicates that this is the root of configuration hierarchy. The configuration should starts from the root hierarchy, and finally returns to root with "exit" command.
router> enable
router# config terminal
router-config#PPPOE dial-up virtual interface
Create dialer1 virtual dialer interface and enter interface configuration
interface dialer1
mtu 1494
ip address negotiated
ip tcp adjust-mss 1454
ip nat outside
dialer pool 1
dialer-group 1
encapsulation ppp
ppp authentication chap callin
ppp chap hostname user_id
ppp chap password user_pass
ppp pap sent-username user_id password user_pass
ppp ipcp dns request accept
exitThere are two similar commands: mtu and ip mtu .
ip mtu affects ipv4 packets through this port, while mtu commands affects all packets. so use mtu command to match mtu with the ISP's network.
Regarding the two authentication methods of chap and pap, if you know which method your ISP uses, you only need to set the corresponding authentication information. If not sure, write both.
Wait for a few seconds, and display the port information with the following command:
show interface dialer1If you see that the port has obtained an external IP address, it indicates that the PPPoE dial-up connection has been successfully established.
Configure VLAN
Now the external network is already connected to the Internet. Next, we need to configure the internal network so that our devices can connect to the external network through the internal LAN.
The router automatically generates a Vlan1 by default and automatically assigns all 8 LAN ports in Vlan1. If there is no special requirement, you can just configure on the Vlan1.
interface Vlan1
ip address 192.168.1.254 255.255.255.0
ip nat inside
no shutdown
exitIn Cisco's IOS configuration commands, almost all commands can be preceded by a "no" to cancel or perform the opposite operation.
Because the default state of interfaces are shutdown, you need to ensure that the interface enters the UP state with no shutdown command.
NAT and routing rules
It is the same as the default state of the interface is shutdown, Enterprise routers does nothing by default for security reasons.
So although Vlan is configured, routing between Vlan and WAN ports is not performed by default. You need to manually configure internal routing rules:
ip nat inside source list 1 interface dialer 1 overload
dialer-list 1 protocol ip permit
ip route 0.0.0.0 0.0.0.0 dialer 1 permanentSince we have only one external network interface, we simply route everything to dialer 1. permanent indicates that this routing rule will be retained even if the dialer1 link is down.
Configure DHCP
PC, NAS, and other fixed devices can be assigned to static IP for easy management. But we also need to connect mobile devices such as mobile phones, tablets and some IoT devices. So it's necessary to allocate a part of the IP from the address pool as an automatic allocation segment through DHCP.
ip dhcp pool lan
network 192.168.1.0 255.255.255.0
default-router 192.168.1.254
dns-server 8.8.8.8 8.8.4.4
exit
ip dhcp excluded-address 192.168.1.101 192.168.1.254It should be noted here that the last command is for EXCLUDED IPs, not IPs for dhcp allocation.
Save Configs
At this point, our router should be able to dial up to the Internet automatically like a normal home router. But the current configuration is saved in the system RAM, so don't forget to use the write command to write the configuration to NVRAM, otherwise all the configuration will disappear after the next restart due to power outage or other reasons!