====== Installing Cisco 886VA for Telekom ======

Configuring a Cisco 886VA for an ADSL2 connectin across a Telekom ISDN line with a static (feste) IP address.

install minicom and adjust to connect and restart minicom

<file>
Router> enable
Router(config)# configure terminal
</file>

Then use a config similar to below:

<file>
!
! No configuration change since last restart
version 15.2
service config
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime
service timestamps log datetime localtime
service password-encryption
!
hostname sner1
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 $1$UTEG$Txxxxxxx002hCh.lSV/
enable password 7 xxxxxxxxxxxxxxxxxxxx
!
no aaa new-model
no process cpu extended history
no process cpu autoprofile hog
memory-size iomem 10
clock timezone CET 1 0
clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-1111852108
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-1111852108
 revocation-check none
 rsakeypair TP-self-signed-1111852108
!
!
crypto pki certificate chain TP-self-signed-1111852108
 certificate self-signed 01

  	quit
no ip source-route
no ip gratuitous-arps
!
!
!
!
!
no ip bootp server
ip inspect name myfw tcp timeout 3600
ip inspect name myfw udp timeout 30
ip cef
no ipv6 cef
!
!
isdn switch-type basic-5ess
license udi pid CISCO886VA-K9 sn FCZ1623C1VX
!
!
username root password 7 xxxxxxxxxxxxxxxxxxxxxxxx
!
!
!
!
!
controller VDSL 0
!
ip ssh pubkey-chain
  username root
  quit
! 
!
!
!
!
!         
!
!
!
interface Ethernet0
 no ip address
 shutdown
!
interface BRI0
 no ip address
 encapsulation hdlc
 shutdown
 isdn switch-type basic-5ess
 isdn termination multidrop
 isdn point-to-point-setup
 no cdp enable
!
interface ATM0
 description Telekom ADSL
 no ip address
 no atm ilmi-keepalive
 pvc 1/32 
  pppoe-client dial-pool-number 1
 !
!
interface ATM0.1 point-to-point
!
interface FastEthernet0
 no ip address
 no cdp enable
!
interface FastEthernet1
 no ip address
 shutdown
 no cdp enable
!
interface FastEthernet2
 no ip address
 shutdown
 no cdp enable
!
interface FastEthernet3
 no ip address
 shutdown
 no cdp enable
!
interface Vlan1
 description Lokales LAN (Switchports FastEth 1-4)
 ip address 10.1.1.200 255.255.0.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip flow ingress
 ip nat inside
 ip virtual-reassembly in
 ip tcp adjust-mss 1202
!
interface Dialer0
 description DSL Einwahl Interface
 ip address negotiated
 ip access-group 111 in
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip mtu 1492
 ip nat outside
 ip inspect myfw out
 ip virtual-reassembly in
 encapsulation ppp
 dialer pool 1
 dialer idle-timeout 600
 dialer-group 1
 no keepalive
 ppp authentication chap callin
 ppp chap hostname feste-ip5/xxxxxxxxxxxxx@t-online-com.de
 ppp chap password 7 xxxxxxxxxxxxxxx
 ppp ipcp dns request
 ppp ipcp mask request
 ppp ipcp route default
 no cdp enable
!
no ip forward-protocol nd
no ip http server
ip http secure-server
!
ip dns server
ip nat inside source list 103 interface Dialer0 overload
ip nat inside source static tcp 10.1.1.1 80 interface Dialer0 80
ip nat inside source static tcp 10.1.1.1 443 interface Dialer0 443
ip nat inside source static tcp 10.1.1.10 25 interface Dialer0 25
ip nat inside source static tcp 10.1.1.10 110 interface Dialer0 110
ip nat inside source static tcp 10.1.1.10 143 interface Dialer0 143
ip nat inside source static tcp 10.1.1.10 465 interface Dialer0 465
ip nat inside source static tcp 10.1.1.1 22 interface Dialer0 22
!
ip access-list extended myfw-acl
!
logging trap debugging
access-list 103 permit ip 10.1.0.0 0.0.255.255 any
access-list 111 permit icmp any any administratively-prohibited
access-list 111 permit icmp any any echo-reply
access-list 111 permit icmp any any packet-too-big
access-list 111 permit icmp any any time-exceeded
access-list 111 permit icmp any any unreachable
access-list 111 permit udp any eq domain any
access-list 111 permit tcp any any eq smtp
access-list 111 permit tcp any any eq pop3
access-list 111 permit tcp any any eq www
access-list 111 permit tcp any any eq 443
access-list 111 permit tcp any any eq 465
access-list 111 permit tcp any any eq 143
access-list 111 permit tcp any any eq 22
access-list 111 deny   ip any any log
access-list 111 permit esp any any
dialer-list 1 protocol ip permit
no cdp run
!
!
!
!
banner motd ^C

BDM/MOL sein Router !!!
Fingergrabbing and pressing the cnoeppkes from the routers is     
allowed for the experts only!! So all the "lefthanders" stay away
and do not disturb the brainstorming at work here. Ohterwise you
will be k/b'd. Also: please keep still and only watch the
blinking lights in astonishment.
^C
!
line con 0
 exec-timeout 0 0
line aux 0
line vty 0 4
 access-class 23 in
 privilege level 15
 password 7 xxxxxxxxxxxxxxxxxxxxxxxxxx
 login local
 transport input ssh
!
end
</file>