10-13-2006 01:28 PM - edited 03-05-2019 12:14 PM
i have my soho 91 up and running finally - is anyone else using this... should i be looking for anything in particular to go wrong...
i had to use the web app to set up my network. i could not find any documentation on how to program this particular router.... do you have any good articles for a noob to read?
10-13-2006 11:07 PM
Hello Chris,
have a look at the link below, which contains comprehensive documentation on the SOHO 91 router:
Cisco 831 and SOHO 91 Routers
http://www.cisco.com/univercd/cc/td/doc/product/access/acs_fix/831/index.htm
HTH,
GNT
10-15-2006 10:50 AM
^^ pls help a brotha out ^^
10-16-2006 12:43 AM
Hello Chris,
what are you looking for specifically ? The link I posted contains hard and software configuration info, let me know what you need to know...
Regards,
GNT
10-16-2006 07:59 AM
basically just getting started... My uncles operation is expanding.. He brought me into run the technology end (mostly programming)
we are going to start hosting our own applications soon - nothing that needs to be super secure - but i want to make sure i avoid stupid mistakes... Pls check out my current config - i would love recomendations...
i appreciate the help!!!
========
Current configuration : 1246 bytes
!
version 12.3
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname root
!
no logging buffered
enable secret 5 $1$WTgl$4ivUMx0texkQGmj5j1SAA/
!
username CRWS_Jaidil privilege 15 password 7 125D5453255A0A256E24752700103212544
25053050A010003
username root password 7 075F37495C05491713
no aaa new-model
ip subnet-zero
ip name-server 65.83.241.181
ip name-server 67.32.118.46
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool CLIENT
import all
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
lease 0 2
!
!
!
!
!
!
partition flash 2 6 2
!
!
!
!
interface Ethernet0
ip address 10.10.10.1 255.255.255.0
ip nat inside
no cdp enable
hold-queue 32 in
!
interface Ethernet1
ip address dhcp client-id Ethernet1
ip nat outside
duplex auto
no cdp enable
!
ip nat inside source list 102 interface Ethernet1 overload
ip classless
ip http server
no ip http secure-server
!
access-list 23 permit 10.10.10.0 0.0.0.255
access-list 102 permit ip 10.10.10.0 0.0.0.255 any
no cdp run
!
line con 0
exec-timeout 120 0
no modem enable
stopbits 1
line aux 0
line vty 0 4
access-class 23 in
exec-timeout 120 0
login local
length 0
!
scheduler max-task-time 5000
!
end
==============
10-17-2006 12:17 AM
Hello,
the configuration looks perfectly ok !
Good luck with expanding the business.
Regards,
GNT
10-23-2006 09:09 AM
could i use the soho91 as a firewall for my webserver? It does not have to be super secure... I cant spend a ton on another firewall
10-23-2006 11:52 PM
Hello Chris,
provided that your SOHO91 router has the firewall feature set loaded (do a 'show version' and check for a line similar to 'soho91-k9oy6-mz', which would indicate that you have the firewall feature set installed), the router should support the 'ip inspect' command, which basically is a firewall that would block all traffic defined with 'ip inspect' statements coming from the outside, but would allow it from the inside. Of course there are also access lists available, so if you need basic security on your router, that is certainly configurable.
Can you post the configuration of your router as it is configured now ?
Regards,
GNT
10-25-2006 05:35 AM
VERSION INFO
Cisco Internetwork Operating System Software
IOS (tm) SOHO91 Software (SOHO91-K9OY6-M), Version 12.3(2)XC2, EARLY DEPLOYMENT
RELEASE SOFTWARE (fc1)
Synched to technology version 12.3(1.6)T
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2004 by cisco Systems, Inc.
Compiled Thu 04-Mar-04 01:24 by ealyon
Image text-base: 0x800131E8, data-base: 0x80A40300
ROM: System Bootstrap, Version 12.2(8r)YN, RELEASE SOFTWARE (fc1)
ROM: SOHO91 Software (SOHO91-K9OY6-M), Version 12.3(2)XC2, EARLY DEPLOYMENT RELE
ASE SOFTWARE (fc1)
root uptime is 1 week, 18 hours, 0 minutes
System returned to ROM by power-on
System image file is "flash:soho91-k9oy6-mz.123-2.XC2.bin"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
CISCO SOHO91 (MPC857DSL) processor (revision 0x300) with 29492K/3276K bytes of memory.
Processor board ID AMB081915AX (2089163721), with hardware revision 0000
CPU rev number 7
Bridging software.
2 Ethernet/IEEE 802.3 interface(s)
128K bytes of non-volatile configuration memory.
6144K bytes of processor board System flash partition 1 (Read/Write)
2048K bytes of processor board System flash partition 2 (Read/Write)
2048K bytes of processor board Web flash (Read/Write)
Configuration register is 0x2102
CONFIG ==============================
========
Current configuration : 1246 bytes
!
version 12.3
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname root
!
no logging buffered
enable secret xxx
!
username xxx privilege 15 password xxx
25053050A010003
username xxx password xxx
no aaa new-model
ip subnet-zero
ip name-server 65.x.241.181
ip name-server 67.x.118.46
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool CLIENT
import all
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
lease 0 2
!
!
!
!
!
!
partition flash 2 6 2
!
!
!
!
interface Ethernet0
ip address 10.10.10.1 255.255.255.0
ip nat inside
no cdp enable
hold-queue 32 in
!
interface Ethernet1
ip address dhcp client-id Ethernet1
ip nat outside
duplex auto
no cdp enable
!
ip nat inside source list 102 interface Ethernet1 overload
ip classless
ip http server
no ip http secure-server
!
access-list 23 permit 10.10.10.0 0.0.0.255
access-list 102 permit ip 10.10.10.0 0.0.0.255 any
no cdp run
!
line con 0
exec-timeout 120 0
no modem enable
stopbits 1
line aux 0
line vty 0 4
access-class 23 in
exec-timeout 120 0
login local
length 0
!
scheduler max-task-time 5000
!
end
==============
05-24-2007 10:46 AM
The SOHO 91 IOS version you have does contain firewall commands. If you login to the CRWS under advanced configuration, this gives you the option to enable or disable the firewall. Nothing too big or difficult to accomplish.
05-28-2007 08:04 AM
Hii.. i would suggest that if u r lookin from a security viewpoint then pls
use the ip inspect option with soho
this will help to validate and pass only traffic that is gettin initiated from int n/w and wanting to come back in with some return data.
Pls rate if this helps.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: