I’ve been using the same Cisco 678 DSL router/modem for around a decade, and I had a 675 for a year or two before that. My DSL provider tries to sell or lease me a new DSL modem every time I call to change my service or move, but I’m sticking with my 678 until it dies, doesn’t support the service I need, or my provider completely drops support for it. (I can’t recall contacting them for any kind of support related to anything other than a service change or move; their residential DSL service has been stable and sufficient, and my 678 just keeps trucking.) I recently made a small service change and decided to reset and reconfigure my router/modem.
The 678 can be reset and configured using the LAN port, but connecting to the management port using the provided management cable is safer. If you don’t have a management cable, Cisco is kind enough to tell you how (basically, a DB9 to RJ45 cable). If you’re stuck using the LAN, then do your homework, double check your work, and be prepared to accept defeat. I use telnet when connecting over the LAN and screen, tip, or cu when connecting with the management cable.
When the connection is initially opened, the router should prompted for the exec password. If the router/modem is already running when the connection is opened, then it may be necessary to hit enter to trigger the prompt.
If you don’t know the exec or enable passwords for your router/modem, then check out the Password Recovery Procedure for the Cisco 6xx.
Start by resetting the router/modem to a known state. If the current state is a complete disaster, then it can be completely reset using RMON. See Erase the Configuration from the Password Recovery Procedure for details. Typically, the router/modem can be reset by connecting and erasing the configuration in normal mode (shown below).
This is where working with the LAN can be tricky. If the configuration is erased and written, but the connection is dropped before a new configuration is written, the router could be left in an unknown/undesirable state. If you’re connected using the LAN, skip the reboot step at the end. And, good luck!
User Access Verification Password: <your password> cbos>enable Password: <your password> cbos#set nvram erase Erasing Running Configuration. You must use "write" for changes to be permanent. cbos#write Warning: traffic may pause while NVRAM is being modified NVRAM written. cbos#reboot
The router/modem will reboot into a “clean” state with no configuration (including blank passwords).
My configuration is fairly straight forward. I have a single external IP and a handful of devices that use network address translation (NAT) to access the outside world. Most of my internal network is assigned static IPs, but I maintain a small pool of IPs for (mostly wireless) DHCP devices. In my setup, my Cisco 678 acts as the modem and router, but it’s possible to configure the 678 as a simple modem bridged to another device that handles PPP, NAT, DHCP, etc. For details, see the RFC 1483 Routing section in the Cisco 600 Series Installation and Operation Guide.
I start by connecting and setting the passwords for exec and enable.
User Access Verification Password:<your password; blank after reset> cbos>enable Password:<your password; blank after reset> cbos#set password exec <new password> Exec Password Change Successful! cbos#set password enable <new password> Enable Password Change Successful!
Next, configure the PPP connection.
cbos#set ppp wan0-0 ipcp 0.0.0.0 PPP wan0-0 IPCP Address set to 0.0.0.0 cbos#set ppp wan0-0 dns 0.0.0.0 PPP wan0-0 DNS Server Addresses set to 0.0.0.0 cbos#set ppp wan0-0 authentication enable PAP and CHAP Authentication is now enabled on specified port cbos#set ppp wan0-0 login <your login> User name for wan0-0 has been set to <your login> cbos#set ppp wan0-0 password <your password> Password for wan0-0 has been set to <your password>. cbos#set ppp restart enabled CPE Remote Restart is now enabled...
Next, enable network address translation (NAT).
cbos#set nat enabled NAT is now enabled You must use "write" then reboot for changes to take effect.
Next, configure the internal/local network. The LAN port is eth0, and the following example sets the router/modem’s IP to 10.0.0.1.
cbos#set interface eth0 address 10.0.0.1 eth0 ip address changed from 10.0.0.1 to 10.0.0.1
Next, setup a DHCP server for the internal/local network. The following example allocates a pool of 16 IPs starting at 10.0.0.200, sets a DNS server to pass to DHCP clients, and a gateway that points to the router.
cbos#set dhcp server enabled DHCP Server enabled cbos#set dhcp server pool 0 ip 10.0.0.200 size 16 netmask 255.255.255.0 Pool 0 IP parameter is now 10.0.0.200 cbos#set dhcp server pool 0 dns <dns server IP> Pool 0 DNS parameter is now <dns server IP> cbos#set dhcp server pool 0 gateway 10.0.0.1 Pool 0 gateway parameter is now 10.0.0.1 cbos#set dhcp server pool 0 enabled DHCP Server Pool 0 now enabled
Next, configure the WAN port. Before executing the following steps, disconnect the phone line. Once the configuration is complete and written, the phone line can be reconnected.
cbos#set interface wan0-0 close Closing connection wan0-0 cbos#set interface wan0-0 vpi 0 Change completed. cbos#set interface wan0-0 vci 32 Change completed. cbos#set interface wan0-0 open Opening connection wan0-0
Finally, write the configuration and reboot.
cbos#write Warning: traffic may pause while NVRAM is being modified NVRAM written. cbos#reboot
At this point, I like to connect over the LAN and issue a few commands to validate that the running configuration was persisted correctly, the DSL line is trained and authenticated, and the connection’s upstream and downstream data rates are correct (verify you’re getting what you pay for).
User Access Verification Password: <your password> cbos>enable Password: <your password> cbos#show nvram Warning: traffic may pause while NVRAM is being accessed [[ CBOS = Section Start ]] NSOS MD5 Enable Password = <omitted> NSOS Remote Restart = enabled NSOS MD5 Root Password = <omitted> NSOS MD5 Commander Password = <omitted> [[ PPP Device Driver = Section Start ]] PPP Port Option = 00, IPCP,IP Address,3,Auto,Negotiation Not Required,Negotiable,IP,0.0.0.0 PPP Port Option = 00, IPCP,Primary DNS Server,129,Auto,Negotiation Not Required,Negotiable,IP,0.0.0.0 PPP Port Option = 00, IPCP,Secondary DNS Server,131,Auto,Negotiation Not Required,Negotiable,IP,0.0.0.0 PPP Port User Name = 00, <omitted> PPP Port User Password = 00, **** [[ IP Routing = Section Start ]] IP NAT = enabled [[ DHCP = Section Start ]] DHCP Server = enabled DHCP Server Pool IP = 00, 10.0.0.200 DHCP Server Pool DNS = 00, <omitted> [[ ATM WAN Device Driver = Section Start ]] ATM WAN Virtual Connection Parms = 00, 0, 32, 0 cbos#show interface wan0 wan0 ADSL Physical Port Line Trained Actual Configuration: Overhead Framing: 3 Trellis Coding: Enabled Standard Compliance: T1.413 Downstream Data Rate: 6144 Kbps Upstream Data Rate: 896 Kbps <omitted the rest... but there's lots more!> cbos#show interface wan0-0 WAN0-0 ATM Logical Port PVC (VPI 0, VCI 32) is open. ScalaRate set to Auto AAL 5 UBR Traffic PPP LCP State: Opened PPP NCP State (IP Routing): Opened PPP MRU: 2048 HDLC Framing: disabled MPOA Mode: VC Mux PPP Login: <your login> Authentication Type: Autodetecting/PAP RADIUS: disabled PPP Tx: 113997 Rx: 387171 Dest IP: <omitted> Dest Mask: 255.255.255.255 IP Port Enabled
If there are any problems, check out the Cisco 600 Series Installation and Operation Guide – Troubleshooting.