Help config a 1601

Unanswered Question
Oct 10th, 2005

I needed to add an address to my router to allow an additional vpn connection. I copied the config from my Cisco 1601 router to a word document and change the ip addresses to accomidate the new VPN. I then copied the modified code to the router. I am able to connect via the both VPN connection but I can no longer connect to my router via Telnet. I have not run the copy running-config startup-config, copy run start commands. Can I safely restart the router to undo the changes?

This is what I was on my screen:

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#ip nat inside source static (internal ip) (external ip) ^Z

What is the proper procedure for adding an address?

Thank you,

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 5 (2 ratings)
thisisshanky Mon, 10/10/2005 - 18:31

You can do a reload of router (if you have not saved running config to startup config) to return back to the previous config. Once you do this, I would recommend backup the original configs, to a text file and store it safely.

I am not sure what exactly happened with your telnet sessions, I will have to take a look at your configs to find what went wrong.

HTH

Richard Burts Mon, 10/10/2005 - 19:21

I agree with Sankar that if you have not saved the changed config to NVRAM (variations on syntax of copy running-config starup-config, copy run start, write memory, etc) that you can reload the router which will undo the changes and bring you back to the original config.

I also agree with Sankar that saving the existing config as a text file on some media other than the router is a very good idea.

I am not sure that I understand why you would need to add another address to accomodate another VPN connection. And it would help us if you could be specific about how the router is configured and exactly what changes you made. Did you perhaps replace an existing address with a different address and the address that was replaced was the address to which you would telnet?

HTH

Rick

kwheeler02 Tue, 10/11/2005 - 06:10

I have a small network of about 45 workstation that access the internet through a 3com firewall and a Cisco 1601 Router ISO ver 12.0. Partial T1 256 connection. 4 public ip addresses provided by our ISP. We use one address that allows all workstations to access the internet. A second address is configured to allow us to use a VPN to another company which is set up with a “ip nat inside source static” address. My goal is to take one of the unused address and use it as the primary connection and change the internal ip address of the existing “ip nat inside source static” to set up a secondary connection so that we will have a backup.

Before the change I could not use the second ip address to connect via VPN. This is now working. The problem is that I can not connect to the router via Telnet.

I installed Cisco ConfigMaker v2.6 but was not comfortable with using it. I attempted to make the change directly from the ISO. I think what I may have done wrong was to connect to the Router from and XP CMD telnet session. I believe I should have connected with at Hyper Terminal. I did not see an open serial port on the router to connect directly. There is an open Ethernet connection but I have not tried that yet. I believe the safest thing to do it to reboot the router and hope that I am able to connect via Hyper Terminal.

I know there is a way to copy the entire config file to notepad modify it and then copy it back in but I could not figure out how to do it. I read a tutorial that stated that you could add a “ip nat inside source static” address by issuing the following command from the enabled mode:

Router(config)#ip nat inside source static (internal ip) (external ip)

Thank you very much for your assistance!!!

I have attached a Show config printout of the system before the change. I am not sure how safe it is to post this on a forum so I have xed out the ip address.

Router# show config

Using 1408 out of 7506 bytes

!

! Last configuration change at 06:19:06 edt Mon Oct 20 2003 by Router

! NVRAM config last updated at 06:19:08 edt Mon Oct 20 2003 by Router

!

version 12.0

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname Router

!

logging buffered 4096 informational

enable secret X XXXXXXXXXXXXXXXXXXX

enable password X XXXXXXXXXXXXX

!

username Router password XXXXXXXXXXXXX

ip subnet-zero

no ip source-route

ip tcp synwait-time 5

clock timezone est -5

clock summer-time edt recurring

!

!

!

interface Ethernet0

ip address xxx. xxx. xxx. xxx 255.255.255.0

no ip directed-broadcast

no ip proxy-arp

ip nat inside

!

interface Serial0

description connectio to xxxxxxx Internet

bandwidth 256

ip address xxx. xxx. xxx. xxx 255.255.255.252

no ip directed-broadcast

no ip proxy-arp

ip nat outside

encapsulation ppp

no fair-queue

!

ip nat pool ISPPool xxx. xxx. xxx. xxx xxx. xxx. xxx. xxx netmask 255.255.255.248

ip nat pool ovrld xxx. xxx. xxx. xxx xxx. xxx. xxx. xxx netmask 255.255.255.248

ip nat inside source list 18 pool ovrld overload

ip nat inside source static xxx. xxx. xxx. xxx xxx. xxx. xxx. xxx

ip classless

ip route 0.0.0.0 0.0.0.0 Serial0

!

access-list 18 deny xxx. xxx. xxx. xxx

access-list 18 permit xxx. xxx. xxx. xxx 0.0.0.255

!

line con 0

exec-timeout 120 0

transport input none

line vty 0 4

exec-timeout 0 0

password 7 XXXXXXXXXXXXXX

login local

!

end

Richard Burts Tue, 10/11/2005 - 12:45

Kevin

I do not have experience with ConfigMaker but feel that most of us do well to become comfortable with the command line interface for managing the configuration of the router. It should work about equally well to access the router via a telnet session or via hyperterm to the console port. In general I prefer to launch telnet from things other than the Windows CMD prompt since I find the CMD prompt to be awkward for cut and paste and those kinds of things.

Once you have logged in to the router (whether via telnet or via the console port) and gotten into privilege mode you can issue the show running-config command. This will show the active config. You can then select the text and do a copy. You can then go to Notepad (or Wordpad, ir any other text editor) and paste the config statements into a document. I believe that you should do this as a way to store the config somewhere off of the router, in addition to being a way to make changes in the router config.

If you have copied the config into a document you can then edit it to make changes. Depending on the circumstances, it is usually not necessary to paste the entire document back into the router to make the change. Usually you can select just the part of the config that is changing and paste that in.

I can not tell from your description whether you changed the IP address of the Ethernet interface or of the Serial interface. If you did change one (or both) of these addresses, and if that was the address to which you had been telnetting, it would explain why you were not able to talnet after making the change.

HTH

Rick

kwheeler02 Fri, 10/14/2005 - 11:28

I was able to access the router via the console and it appeared to be configured properly. I went ahead a rebooted the router and it reverted back to the config before the change. I logged on via the console and changed the static ip address again. I tested the new VPN and Telnet and everything is working so I saved the running-config to the startup-config. I rebooted the router again and everything looks good.

Thanks again for your assistance.

Actions

Login or Register to take actions

This Discussion

Posted October 10, 2005 at 6:15 PM
Stats:
Replies:5 Avg. Rating:5
Views:729 Votes:0
Shares:0
Tags: No tags.

Discussions Leaderboard