Tuesday, April 17, 2018

Setup CISCO Wireless Router with ADSL




enable secret 5 $1$HjA4$oPJCWIKOz3l38CTLa/5vR1
enable password cisco
!
aaa new-model
!
!
!
!
!
!
!
aaa session-id common
!
memory-size iomem 10
service-module wlan-ap 0 bootimage autonomous
crypto pki token default removal timeout 0
!
!
ip source-route
!
!
ip dhcp excluded-address 10.10.11.1
ip dhcp excluded-address 10.10.11.4
!
ip dhcp pool locallan
 network 10.10.11.0 255.255.255.0
 dns-server xxx.xxx.xxx.xxx
 default-router 10.10.11.1
!
!
ip cef
no ip domain lookup
no ipv6 cef
!
!
multilink bundle-name authenticated
license udi pid CISCO881W-GN-A-K9 sn FTX1522021R
license boot module c880-data level advipservices
!
!
username cisco password 0 cisco
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0
 no ip address
!
interface FastEthernet1
 no ip address
!
interface FastEthernet2
 no ip address
!
interface FastEthernet3
 no ip address
!
interface FastEthernet4
 description to ISP
 ip address dhcp
 ip nat outside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
interface wlan-ap0
 description Service module interface to manage the embedded AP
 ip unnumbered Vlan10
 arp timeout 0
!
interface Wlan-GigabitEthernet0
 description uplink to AP
 switchport trunk native vlan 10
 switchport mode trunk
 no ip address
!
interface Vlan1
 no ip address
!
interface Vlan10
 description homeap
 ip address 10.10.11.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat inside source list NAT_ACL interface FastEthernet4 overload
ip route 0.0.0.0 0.0.0.0 10.10.10.1 254
!
ip access-list extended NAT_ACL
 permit ip 10.10.11.0 0.0.0.255 any
!
logging esm config
!
!
!
!
!
!
!
control-plane
!
!
line con 0
 logging synchronous level 2
line aux 0
line 2
 no activation-character
 no exec
 transport preferred none
 transport input all
line vty 0 4
 password cisco
 transport input ssh
!
exception data-corruption buffer truncate
end

Configuration for internal AP
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ap
!
enable secret 5 $1$2Cfi$vMWphS5CZwL9rEVIlc2Gs0
!
no aaa new-model
no ip domain lookup
!
!
dot11 syslog
dot11 vlan-name vlan10 vlan 10
!
dot11 ssid homeap
   vlan 10
   authentication open
   authentication key-management wpa
   guest-mode
   mbssid guest-mode
   wpa-psk ascii 0 thepassword
!
!
!
username cisco privilege 15 secret 5 $1$6pP2$M0RRt/.WFvF3T8R1kZJ1z1
!
!
bridge irb
!
!
interface Dot11Radio0
 no ip address
 no ip route-cache
 !
 encryption vlan 10 mode ciphers tkip
 !
 ssid homeap
 !
 antenna gain 0
 mbssid
 speed  basic-1.0 2.0 5.5 11.0 6.0 9.0 12.0 18.0 24.0 36.0 48.0 54.0 m0. m1. m2. m3. m4. m8. m9. m10. m11. m12. m13. m14. m15.
 station-role root
!
interface Dot11Radio0.10
 encapsulation dot1Q 10 native
 no ip route-cache
 bridge-group 1
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface GigabitEthernet0
 description downlink to router
 no ip address
 no ip route-cache
 bridge-group 1
 no bridge-group 1 source-learning
 bridge-group 1 spanning-disabled
!
interface BVI1
 ip address 0.10.11.4 255.255.255.0
 no ip route-cache
!
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip

By No comments:
Labels: , , , ,

Sunday, April 8, 2018

Internet Connectivity for a Mobile using USB

I used this method to update my iphone 4S when I only had a mobile broadband dongle to get internet and a wireless router.

 
Devices needed

  • Computer with a network adaptor
  • Wireless router with a WAN port (Linksys WAG120N)
  • Mobile broadband connection (HUAWEI dongle)
  • Straight through cable
  • iPhone 4S  

Setting up network adapter (LAN connection) on a Windows Vista PC

  • Go to “computer”-right click on the address bar-select Edit Address-paste the below into the address bar
    • Control Panel\Network and Sharing Center
  • Press enter
  • You will be directed to the Network and Sharing Center
  • On the left of the window select Manage network connections
  • You will see the existing network connections as shown on the below image


 

 

 

 

 Image 1
  • Select the Local Area Connection
  • Right click on the connection and select properties. When “Windows” ask for permission to continue the process select continue
  • Then “Local Area Connection Properties” window will pop-up
  • Go to the Networking tab, as shown below select Internet Protocol Version 4 and click the properties button


Image 2
 
  • As shown on Image 3 “Internet Protocol Version 4 (TCP/IPv4) Properties” window will pop-up
  • Go to General Tab
  • As shown on the le set to obtain ip and DNS addresses automatically













 
 
 
 
Image 3

Sharing the Mobile broadband connection
  • You will see the mobile broadband connection icon under your network connections only if you have already installed a dongle into your computer
  • From the existing connections select the mobile internet connection
  • Make sure the connection is not active
  • Right click on the connection, select properties
  • Mobile network connection properties window will pop-up 
  •  Go to the Sharing tab (see Image 4)

    • Image 4

    • As shown above, tick Allow other network users to connect through this computer’s internet connection and from the drop down menu select the Local Area Connection that you want to connect to the wireless router
    • Click OK 

    Configuring the router

    • Log into the Linksys WAG120N router using the below instructions

    • Type 192.168.1.1 in the address bar
    • Press enter
    • A popup asking for username and password will appear
    • Provide the appropriate user name and password(Linksys WAG120N default user name and password is admin, admin)
    • You are now in the router web interface as shown in Image 5
    • In the Setup-Basic Setup tab disable DHCP as shown below in Image 5

    Image 5
    • As shown in Image 6 under Setup tab click on Ethernet tab
    • We will be using the router Ethernet port1 (Ethernet port 1 can act as a WAN port in the Linksys WAG120N router) as the WAN port to connect to the PC network adapter
    • Select Use as WAN Port as shown below, for the Ethernet connection to use port1 as a WAN port.
    • For the Connection type select Static IP from the combo box 
    • Set the ip addresses as shown in Image 6
    Image 6
     

    Press the home button In your iPhone 

    Configuring ip on the iPhone

    Enter and select the ip settings as shown below.

       

     Image 7

    • Select Settings icon
    • Go to Wi-Fi (if your wireless router is turned on your wireless network will show on your iPhone)
    • Select your Wi-Fi network
    • Go to Wi-Fi ip settings
    • Select Static as the ip address type

    Activating the connection
    • Power on the router
    • Connect the straight through cable to the Ethernet port1 of the router and the other end to the network adapter of the computer
    • Dial the shared mobile broadband connection and connect to the internet using your PC
    • Make sure the wireless router is connected to the internet
    • The router has an icon that lights up when it is connected to the internet
    • Connect your iPhone to the Wi-Fi Network
    • You will be able to browse the internet using your iPhone with the help of your shared mobile connection by connecting to your wireless router.

    Explanation of ip settings

    • We have used static ip addresses for all the devices except the mobile broadband connection and LAN connection.
     

    Every device need an ip address to connect to the internet, each computer on the internet has a unique ip address. When we connect to the internet using the mobile broadband connection we receive a unique ip address. As this connection is shared with the LAN connection (network adapter), automatically the LAN connection receives a ip address (192.168.0.1) and a subnet mask (255.255.255.0). This ip address should be the default gateway for the router as the router uses the LAN connection to connect to the internet through its WAN port via the mobile broadband connection. Use the same address as the DNS address. Subnet mask for the LAN, router and phone should be the same as all the devices should be in the same subnet. You can use a suitable ip address in the range 192.168.0.X as the Ethernet ip address for the router. All this will make sure that your router is able to connect to the internet.

    We need to make sure by connecting to this router via Wi-Fi our phone can connect to the internet. The routers local ip address by default is set to 192.168.1.1 therefore the “Router” address for the phone should be that address and the DNS address also should be the same. As for the ip address you can use a address in the range 192.168.1.X.

    By No comments:
    Labels: , ,

    Cisco PIX Firewall as Home Router



     

     

    Set clock- No need to do this but just so that the internal clock is correct
     pixfirewall(config)#clock set clock set 08:47:00 08 April 2018
    Mark outside and inside interfaces with the used physical interfaces and give them the security level
     pixfirewall(config)#nameif ethernet0 outside security0
     pixfirewall(config)#nameif ethernet1 inside security100
    Enable the two interfaces- there isn’t a "no shut" command in PIX but you can have no in front of a command and negate the command
     pixfirewall(config)#interface ethernet0 10baset
     pixfirewall(config)#interface ethernet1 100full
    Enable dhcp on outside interface to get assigned an ip address from the isp modem to the outside interface using dhcp-this is a route on the outside interface. 
     pixfirewall(config)#ip address outside dhcp setroute
    Set the ip address of the inside interface with the ip you want on your LAN
     pixfirewall(config)#ip address inside 10.10.10.23 255.255.255.0
    Set DHCP for inside LAN-Provide a dhcp scope for the access-point on the inside interface 
     pixfirewall(config)#dhcpd address 10.10.10.23-10.10.10.75 inside
     pixfirewall(config)#dhcpd enable inside
    Assign the dns from ISP-Manually enetered the DNS addresses of ISP (Primary and Se condary DNS)
     pixfirewall(config)#dhcpd dns xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
    Use Nat to translate local private address to global public ip addres on the outside
     pixfirewall(config)#global (outside) 1 interface

    Tells that we are defining a global address pool- A pool or single ip, outside is the interface we are using for the pool, 1 is the id of the pool, need to match with NAT pool , interface key word specify that we are using the ip of the interface(outisde interface here)


    Translate using NAT
     pixfirewall(config)#nat (inside) 1 10.10.10.0 255.255.255.0 0 0
    Enabling ssh
    pixfirewall(config)#username cisco password cisco
    pixfirewall(config)#aaa authentication ssh console LOCAL
     pixfirewall(config)#domain-name somedomain.com
     pixfirewall(config)#ca generate rsa key 2048
     pixfirewall(config)#ca save all
     pixfirewall(config)#ssh 10.10.10.0 255.255.255.0 inside

    By No comments:
    Labels: , ,
    Subscribe to: Comments (Atom)