Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsSpark New Zealand (including Skinny and BigPipe)867VAE Config....?
davemc

36 posts

Geek


#150895 6-Aug-2014 21:36
Send private message

Can anyone share a working, secure, reliable config for a Cisco 867VAE on VDSL on Telecom/Xtra

I've got it sort of working, but it's not secure, and not very polished.  A mongrel of bits copied from around the net.

Here's what I have so far.

 

version 15.2
 
no service pad
 
service timestamps debug datetime msec
 
service timestamps log datetime msec
 
no service password-encryption
 
!
 
hostname cisco860router
 
!
 
boot-start-marker
 
boot-end-marker
 
!
 
!
 
logging buffered 51200 warnings
 
!
 
no aaa new-model
 
wan mode dsl
 
clock timezone NZST 12 0
 
!
 
!
 
!
 
ip dhcp excluded-address 192.168.1.240 192.168.1.254
 
!
 
ip dhcp pool dynamic
 
 import all
 
 ! doesnt seem to import the Dialer0 isp DNS server, maybe pppoe doesnt count as dhcp
 
 ! show ip dhcp import
 
 network 192.168.1.0 255.255.255.0                                                                                         
 
 default-router 192.168.1.254                                                                                              
 
 dns-server 122.56.237.1 210.55.111.1                                                                                      
 
 ! manually entered
 
 lease 0 2                                                                                                                 
 
!                                                                                                                          
 
ip dhcp pool staticphone                                                                                                   
 
 import all                                                                                                                
 
 host 192.168.1.246 255.255.255.0                                                                                          
 
 client-identifier 0156.789c.c32a.29                                                                                       
 
 default-router 192.168.1.254                                                                                              
 
 dns-server 122.56.237.1 210.55.111.1                                                                                      
 
!                                                                                                                          
 
ip dhcp pool staticfirewall                                                                                                
 
 import all                                                                                                                
 
 host 192.168.1.252 255.255.255.0                                                                                          
 
 client-identifier 01d2.21cb.4567.89                                                                                       
 
 default-router 192.168.1.254                                                                                              
 
 dns-server 122.56.237.1 210.55.111.1                                                                                      
 
!                                                                                                                          
 
!                                                                                                                          
 
!                                                                                                                          
 
ip domain name dmz.somecompany.co.nz                                                                                               
 
ip name-server 122.56.237.1                                                                                                
 
ip name-server 210.55.111.1                                                                                                
 
ip cef                                                                                                                     
 
no ipv6 cef                                                                                                                
 
!                                                                                                                          
 
!                                                                                                                          
 
!                                                                                                                          
 
!                                                                                                                          
 
crypto pki trustpoint TP-self-signed-3389330311                                                                            
 
 enrollment selfsigned                                                                                                     
 
 subject-name cn=IOS-Self-Signed-Certificate-2379459999
 
 revocation-check none
 
 rsakeypair TP-self-signed-233333333
 
!
 
!
 
crypto pki certificate chain TP-self-signed-23432352345
 
 certificate self-signed 01
 
  12456789 etc
 
        quit
 
!
 
!
 
username supertrickyadminirator privilege 15 secret 4 2983479213874290837402837408237
 
 
!
 
controller VDSL 0
 
!
 
!
 
interface ATM0
 
 no ip address
 
 shutdown
 
 no atm ilmi-keepalive
 
!
 
interface Ethernet0
 
 description telecom
 
 no ip address
 
!
 
interface Ethernet0.10
 
 encapsulation dot1Q 10
 
 pppoe-client dial-pool-number 1
 
 no cdp enable
 
!
 
interface FastEthernet0
 
 no ip address
 
!
 
interface FastEthernet1
 
 no ip address
 
!
 
interface FastEthernet2
 
 no ip address
 
!
 
interface FastEthernet3
 
 no ip address
 
!
 
interface GigabitEthernet0
 
 description ToFirewall
 
 no ip address
 
!
 
interface GigabitEthernet1
 
 no ip address
 
 ip tcp adjust-mss 1412
 
 shutdown
 
 duplex auto
 
 speed auto
 
!
 
interface Vlan1
 
 description Local LAN 
 
 ip address 192.168.1.254 255.255.255.0
 
 ip nat inside
 
 ip virtual-reassembly in
 
 ip tcp adjust-mss 1412
 
!
 
interface Dialer0
 
 description Telecom VDSL
 
 ip address negotiated
 
 no ip redirects
 
 no ip unreachables
 
 no ip proxy-arp
 
 ip mtu 1492
 
 ip nat outside
 
 ip virtual-reassembly in
 
 encapsulation ppp
 
 dialer pool 1
 
 dialer-group 1
 
 ppp pap sent-username user@xtrabb.co.nz password 0 password
 
 ppp ipcp dns request
 
 no cdp enable
 
!
 
ip forward-protocol nd
 
ip http server
 
ip http access-class 23
 
ip http authentication local
 
ip http secure-server
 
ip http timeout-policy idle 60 life 86400 requests 10000
 
!
 
!
 
ip nat pool firewall 192.168.1.252 192.168.1.252 netmask 255.255.255.0 type rotary
 
ip nat pool phone 192.168.1.246 192.168.1.246 netmask 255.255.255.0 type rotary
 
ip nat inside source static tcp 192.168.1.252 25 interface Dialer0 25
 
ip nat inside source static tcp 192.168.1.252 22 interface Dialer0 22
 
ip nat inside source list 199 interface Dialer0 overload
 
ip nat inside destination list 130 pool phone
 
ip nat inside destination list 131 pool firewall
 
ip route 0.0.0.0 0.0.0.0 Dialer0
 
!
 
ip access-list extended outside
 
 permit icmp any any echo-reply
 
 permit ip any any
 
!
 
access-list 101 permit tcp any any eq smtp
 
access-list 101 permit ip any any
 
access-list 130 permit udp any any range 7000 7400
 
access-list 131 permit udp any any range 1194 1196
 
access-list 199 permit ip any any
 
dialer-list 1 protocol ip permit
 
mac-address-table aging-time 15
 
no cdp run
 
!
 
!
 
line con 0
 
 login local
 
 no modem enable
 
line aux 0
 
line vty 0 4
 
 access-class 23 in
 
 privilege level 15
 
 login local
 
 transport input telnet ssh
 
!
 
scheduler allocate 60000 1000
 
ntp update-calendar
 
ntp server nz.pool.ntp.org
 
!
 
end
 
 

Create new topic
PeterReader
5968 posts

Uber Geek

Trusted
Geekzone
Lifetime subscriber

  #1103674 6-Aug-2014 21:36
Send private message

Hello... Our robot found some keywords in your post, so here is an automated reply with some important things to note regarding broadband speeds.

 



 

If you are posting regarding DSL speeds please check that

 



 

- you have reset your modem and router

 


 

- your PC (or other PCs in your LAN) is not downloading large files when you are testing

 

- you are not being throttled by your ISP due to going over the monthly cap

 


 

- your tests are always done on an ethernet connection to the router - do not use wireless for testing

 


 

- you read this topic and follow the instructions there.

 



 

Make sure you provide information for other users to help you. If you have not already done it, please EDIT your post and add this now:

 



 

- Your ISP and plan

 


 

- Type of connection (ADSL, ADSL2, VDSL)

 


 

- Your modem DSL stats (do not worry about posting Speedtest, we need sync rate, attenuation and noise margin)

 


 

- Your general location (or street)

 


 

- If you are rural or urban

 


 

- If you know your connection is to an exchange, cabinet or conklin

 


 

- If your connection is to a ULL or wholesale service

 


 

- If you have done an isolation test as per the link above

 



 

Most of the problems with speed are likely to be related to internal wiring issues. Read this discussion to find out more about this. Your ISP is not intentionally slowing you down today (unless you are on a managed plan). Also if this is the school holidays it's likely you will notice slower than usual speed due to more users online.

 



 

A master splitter is required for VDSL2 and in most cases will improve speeds on DSL connections. Regular disconnections can be a monitored alarm or a set top box trying to connect. If there's an alarm connected to your line even if you don't have an alarm contract it may still try to connect so it's worth checking.

 



 

I recommend you read these two blog posts:

 



 

- Is your premises phone wiring impacting your broadband performance? (very technical)

 


 

- Are you receiving a substandard ULL ADSL2+ connection from your ISP?




I am the Geekzone Robot and I am here to help. I am from the Internet. I do not interact. Do not expect other replies from me.

 

These links are referral codes: Sharesies | Mighty Ape | Norton 360 | Lenovo laptops | Geekzone Price Comparison 

 
 
 
 

Best TrendMicro deals for antivirus and malware protection(affiliate link).
Virgil
Dangerous Chocolate
204 posts

Master Geek

ID Verified
Lifetime subscriber

  #1103694 6-Aug-2014 22:07
Send private message

Not sure that PeterReader fully understood the question ....




Lurking ...

davemc

36 posts

Geek


  #1103699 6-Aug-2014 22:19
Send private message

Behave robot, speed is not an issue on this connection, max/max

Cabinet is right outside the premises...

 

show controller vdsl 0

Modem Status:            TC Sync (Showtime!) 
 
DSL Config Mode:         AUTO 
 
Trained Mode:            G.993.2 (VDSL2) Profile 17a
 
Line Attenuation:         0.0 dB                  0.0 dB
 
Signal Attenuation:       0.0 dB                  0.0 dB
 
Noise Margin:            20.2 dB                 28.8 dB
 
Attainable Rate:        92292 kbits/s            36776 kbits/s
 
Actual Power:            12.4 dBm                -15.9 dBm
 
 
Modem FW  Version:      23j
 
Modem PHY Version:      A2pv6C035j.d23j
 
Vendor Version:         Ap6v35j.23j 68
 
 
 
                  DS Channel1     DS Channel0   US Channel1       US Channel0
 
Speed (kbps):             0            69993             0             10342
 
 
 

Create new topic





News and reviews »

Samsung Announces Galaxy AI
Posted 28-Nov-2023 14:48

Epson Launches EH-LS650 Ultra Short Throw Smart Streaming Laser Projector
Posted 28-Nov-2023 14:38

Fitbit Charge 6 Review 
Posted 27-Nov-2023 16:21

Cisco Launches New Research Highlighting Gap in Preparedness for AI
Posted 23-Nov-2023 15:50

Seagate Takes Block Storage System to New Heights Reaching 2.5 PB
Posted 23-Nov-2023 15:45

Seagate Nytro 4350 NVMe SSD Delivers Consistent Application Performance and High QoS to Data Centers
Posted 23-Nov-2023 15:38

Amazon Fire TV Stick 4k Max (2nd Generation) Review
Posted 14-Nov-2023 16:17

Over half of New Zealand adults surveyed concerned about AI shopping scams
Posted 3-Nov-2023 10:42

Super Mario Bros. Wonder Launches on Nintendo Switch
Posted 24-Oct-2023 10:56

Google Releases Nest WiFi Pro in New Zealand
Posted 24-Oct-2023 10:18

Amazon Introduces All-New Echo Pop in New Zealand
Posted 23-Oct-2023 19:49

HyperX Unveils Their First Webcam and Audio Mixer Plus
Posted 20-Oct-2023 11:47

Seagate Introduces Exos 24TB Hard Drives for Hyperscalers and Enterprise Data Centres
Posted 20-Oct-2023 11:43

Dyson Zone Noise-Cancelling Headphones Comes to New Zealand
Posted 20-Oct-2023 11:33

The OPPO Find N3 Launches Globally Available in New Zealand Mid-November
Posted 20-Oct-2023 11:06








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.




RSS feeds
Main feed
Forums feed
Copyright
©2002-2023 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Affiliate links
Mighty Ape
Sharesies
Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright


This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.