This config asumes that we will be using PPP as the transport protocol. PAP as the authentication protocol, and that calls are outbound only.
Information Required :-
Proceed as for a plain Killostream link and test. When satisfied make the following changes. These are to
add isdn call=demon
dir=both
inany=off
prec=out
num={demon ISDN access number}
searchcli=on
Check using
show isdn call
show isdn call=demon
show con dyn=isdn
Check which ppp config are in use and pic a spare one.
show ppp
create ppp=2 over=isdn-demon username={demon user name}
password={PAP password to send}
set ppp=2 iprequest=off idle=55
This breaks down as follows :-
show ppp
show ppp=2
show ppp=2 conf
We need a default route for internet traffic pointing to our new interface.
but we must check that there is not already
one. Posible if someone has used a default route to route packets for the
remote site rather than entering indevidual routes for each network accesed
via the remote site.
Reminder this trick will only for connections opened from our local
network devices to remote servers.
Not for connection the other way.
Note the basic NAT translation modual trigers when a packet with a source
address on one of the defined private network ranges transits the routing
engine, with a destination address that is not within the private list.
The source IP is mapped to the public IP of the global interface, with the
source port chanaged to a spare port number on the router. The router on
the assumption that most conversation are two way will leave an agent
lissening on this port to re-map replies received.
This agent listen will listen for 5 minutes? after the last packet UDP/TCP
unless a FIN packet is seen TCP?
You can see the agents currently active by using the command
This behaviour meens that you must in most cases, add enteries to the NAT
table for private remote networks that are linked via the kilostream line
as well as the local network.
THe remote site will only be able to make use of the internet connection
if the remote router config is updated to include a default route
pointing to this router.
If you set the default gateway of a network device on the local
network to the private IP address of the router and then tring to connect
to an adress on the Internet the router should dial out and connect.
It is best to try this first with an IP address rather than a name.
www.demon.net == 194.159.254.213
Remember to save your updates config.
Add an additional ISDN chanel.
When additional chanels are brought up or shut down
is determined by the
show con dyn=ppp
Add Router IP for our link
add ip int=ppp2 ip={router ip address from demon}
show ip int
show con dyn=ip
show ip route
Add route to indecate which packets should go via are new connection
add ip route=0.0.0.0
interface=ppp2
next={demon gateway, or 0.0.0.0 ?}
show ip route
Network Address Translation
As we are working with Private network addresses on our local network, and
our ISP is dynamicaly assigning us a Public IP address.
We need the routing modual to translate source IP,
and port of kit on our private network before sending it out to the ISP,
to the IP assigned by the ISP and,
reverse this on packets that are received in reply.
enable ip nat
Enable support for address translation.
show ip nat
add ip nat
ip={my private network address}
mask={local network mask}
gblint=ppp2
add ip nat
ip={remote private network address}
mask={remote network mask}
gblint=ppp2
show ip nat
Test setup so far
Testing setup in a resonable order will save a lot of wasted time.
Activate isdn call=demon
show isdn call
Should show call connecting.
show ppp
show ip int
show log
Other Options
Keep call up permenantly, not always a good idea.
set isdn call=demon keepup=on
add ppp=2 over=isdn-demon num=1
options of the set ppp
command.