Cisco ADSL/VDSL config example

As promised in the other thread.

I have not tested this yet on VDSL but it should work:

yourhostname#show start
Using 3584 out of 262136 bytes
!
! No configuration change since last restart
! NVRAM config last updated at 17:52:38 NZDT Sun Nov 20 2011 by DELETED
! NVRAM config last updated at 17:52:38 NZDT Sun Nov 20 2011 by DELETED
version 15.2
no service pad
service tcp-keepalives-in
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname YOUR HOSTNAME
!
boot-start-marker
boot-end-marker
!
!
enable secret ROUTER PASSWORD
!
no aaa new-model
memory-size iomem 10
clock timezone NZST 12 0
clock summer-time NZDT recurring last Sun Sep 2:00 1 Sun Apr 3:00
crypto pki token default removal timeout 0
!
!
no ip source-route
ip auth-proxy max-login-attempts 5
ip admission max-login-attempts 5
!
!
!
ip dhcp excluded-address 192.168.0.47 192.168.0.61         (OPTIONAL)
!
ip dhcp pool DHCP-LAN      (EXAMPLE for dynamic IP allocation using DHCP)
network 192.168.0.32 255.255.255.224
default-router 192.168.0.62
dns-server DNS SERVER IP
lease 0 3
!
ip dhcp pool DHCP-IPphone1                    (EXAMPLE for fixed IP allocation using DHCP)
host 192.168.0.1 255.255.255.240
client-identifier 0100.1565.1aac.ab
dns-server 192.168.0.13
default-router 192.168.0.14
!
ip dhcp pool DHCP-IPphone2
host 192.168.0.2 255.255.255.240
client-identifier 0100.1565.1da6.36
dns-server 192.168.0.13
default-router 192.168.0.14
!
!
no ip bootp server
ip domain name nettrust.net.nz
ip host HOSTNAME ROUTER-IP-ADDRESS
ip name-server YOUR DNS SERVER
ip cef
no ipv6 cef
!
!
license udi pid CISCO887VA-K9 sn DELETED
!
!
username DELETED secret PASSWORD
!
!
!
!
!
controller VDSL 0
!
ip ssh version 2
!
!
!
!
!
!
!
!
!
interface Ethernet0
no ip address
!
interface Ethernet0.10                (ONLY FOR VDSL)
encapsulation dot1Q 10
pppoe enable group global
pppoe-client dial-pool-number 1
!
interface ATM0                      (ONLY FOR ADSL)
no ip address
no atm ilmi-keepalive
pvc 0 0/100
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface FastEthernet0               (EXAMPLE)
switchport mode trunk
no ip address
!
interface FastEthernet1
no ip address
shutdown
!
interface FastEthernet2
no ip address
shutdown
!
interface FastEthernet3
no ip address
shutdown
!
interface Vlan1
description DMZ Public Network
ip address IP NETMASK
no ip redirects
no ip unreachables
no ip proxy-arp
!
interface Vlan10
description Private Network
ip address 192.168.0.62 255.255.255.224
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly in
!
interface Vlan20
description VoIP Network
ip address 192.168.0.14 255.255.255.240
no ip redirects
no ip unreachables
no ip proxy-arp
!
interface Dialer0
ip address negotiated
ip access-group filter_incoming in
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1492         (ONLY FOR VDSL)
ip nat outside
ip virtual-reassembly in
encapsulation ppp
ip tcp adjust-mss 1300           (REQUIRED IF USING ROUTER FOR VPN)
dialer pool 1
ppp pap sent-username ISP USER & PASS
!
no ip classless
ip forward-protocol nd
no ip http server
no ip http secure-server
!
ip nat inside source list 1 interface Dialer0 overload
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip access-list extended filter_incoming
deny   tcp any any range 135 139
deny   tcp any any eq 445
permit ip any any
ip access-list extended terminal_access
permit tcp 120.136.4.96 0.0.0.15 any eq 22
permit tcp 192.168.0.0 0.0.0.255 any eq 22
deny   tcp any any
!
access-list 1 permit 192.168.0.32 0.0.0.31
no cdp run
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
login
line vty 0 4
access-class terminal_access in
exec-timeout 0 0
logging synchronous
login local
transport input ssh
!
ntp server IP ADDRESS
ntp server IP ADDRESS
!
end

myhostname#

Thanks to Vibe Communications www.vibecommunications.co.nz who helped with the VDSL section.