CenturyLink®
Home Account Management Online Self-Help Additional Services
 Sign In
Qwest.net Help

 
 FAQs
 Qwest.net Account
 Getting around on the Qwest.net site
 New to the Internet?
 Qwest.net Levels of Support
 

FAQs: Connecting Using PPP with the Cisco® 675 or 678 Modem


Q: What are the PPP port mappings/NAT (Network Address Translation) settings for different servers and applications for the Cisco 675 or 678 modem?

A: The following are the recommended steps to take if you are having issues with accessing specific services or using specific protocols in PPP mode:

(Note: The steps are the same for PC and Macintosh® users. PC users will access the servers via telnet or Hyperterminal, Macintosh users via Zterm. If Zterm is not already installed on your Macintosh, you can install it from your Qwest.net CD.)

  1. To set up the Cisco 675 or 678 modem to use any kind of server or special services such as IRC (Internet Relay Chat) you will need to map inside to outside addresses for certain ports. Telnet into the Cisco modem by entering the following command at the Run prompt (Start -> Run):
    telnet 10.0.0.1
  2. When you see the cbos> prompt, press the Enter key and then type this command:
    show NAT
    This will display the following information:
    NAT is currently enabled
    Inside Global Address set to xxx.xxx.xxx.xxx
    Inside Local Inside Global Timer Flags Protocol

    • xxx.xxx.xxx.xxx is the IP address assigned to your Cisco 675 or 678 modem by our DHCP (Dynamic Host Configuration Protocol) server. This address can change from time to time, especially if you turn off your router. Now, assuming that you are running your server or IRC client on a computer that has been assigned 10.0.0.2 as its IP address (you can check this by clicking Start, then Run, type winipcfg, hit OK, and read the information under the IP entry), enter the following commands:
        set NAT entry add 10.0.0.2 20 xxx.xxx.xxx.xxx 20 tcp
        set NAT entry add 10.0.0.2 21 xxx.xxx.xxx.xxx 21 tcp

      The address 10.0.0.2 could be 10.0.0.x, where x is a number between 2 and 254 (we are using 10.0.0.2 for this example).  Also the numbers 20 and 21 are the ports you want the router to "listen" to. If you want to "listen" to different ports please choose the appropriate number(s) from the list below.
      Web 80 TCP    FTP 20 TCP, 21 TCP
      POP 110 TCP SMTP 25 TCP
      Telnet 23 TCP IRC194 TCP, 194 UDP
      Quake666 TCP DNS 53 TCP, 53 UDP
      SSH 1022 TCP, 1023 TCP NNTP 119 TCP
      IDENT 113 TCP, UDP ICQ 2300 TCP, 2311 TCP
      Real Player 7070 UDP mIRC 6667 TCP, UDP
      VNC 5900 TCP, 5901 TCP

    • Note that in the case of certain applications, such as mIRC (Mardam-Bey's Internet Relay Chat), you can specify the port that the client will use by selecting it in the preferences.
    • You may also want to run another type of service that is not listed above. If this is the case, check the information from IANA (Internet Assigned Numbers Authority) for a comprehensive list of all available ports.
    • Finally, if you are trying to connect to a site that uses Microsoft's DirectX® technology (such as the ezone), please review the Zone document from Microsoft's Technical Knowledge Database.


Q: How can I protect my Cisco 675 or 678 modem and computer from hackers and security risks?

A: To protect your Cisco 675 or 678 modem from hackers you need to setup an exec and enable password. Good passwords will contain a combination or uppercase and lowercase letters, numbers and non-alphanumeric characters.

If you have static IP addresses and are using them in your computers, the best way to secure your computers from hackers would be running your own firewall or proxy server (consult your network administrator in this matter).

If you are using dynamic IP addresses in your computer or do not have static IP addresses on your Qwest.net account, make sure all the ports on your Cisco 675 or 678 modem are closed. By default all ports on the Cisco 675 and 678 modem are closed. This secures your computer in the network because they are not visible to the outside world. In PPP mode your computers will get an IP address from the router on the range of 10.0.0.2-10.0.0.255. These IP addresses are non-routable so no one can get to your computer. From the Internet, people will only be able to see the IP address of your Cisco 675 or 678 modem.


Q: How do I know if telnet is enabled or disabled for my Cisco 675 or 678 modem?

A: To find out if telnet is enabled or disabled in the Cisco 675 or 678 modem:

  1. Set up a Hyperterminal (Windows) or ZTERM (Macintosh) session with your Cisco 675 or 678 modem.
  2. Enter the following command at the CBOX > prompt and press the Enter key after the entry:

    show telnet

    This will tell you if Telnet is enabled or disabled in the modem.

  3. To log into the Cisco 675 or 678 modem using telnet, telnet to your gateway IP address.
    • If you are using static IP addresses, telnet to your reserved gateway IP address.
    • If you are using dynamic IP addresses, your gateway address will be 10.0.0.1.

Note: If you have the latest version of the CBOS Release 2.2.0, you need to have an EXEC password on the Cisco 675 or 678 modem; if you don't, the modem will refuse the telnet connection.


Q: I am having problems with connectivity (getting and staying connected). How can I fix this?

A: If you are having issues with connectivity with the Cisco 675 or 678 modem, follow these instructions.

  1. Check the cables from your computer to your modem and from your modem to the wall jack.
  2. If the cables are all secure, try unplugging the power cable from the back of the modem and then reconnecting it to reset the modem. If connectivity does not return, try reconfiguring your router.
    • If you are a dynamic IP customer or if you have a single static IP adress:

      After setting up all the cables for a connection through the serial port, you will need to enter the following commands through the Hyperterminal session if you are using Microsot® Windows®. If you are a Macintosh user you will need to use a utility such as Zterm:

      (Note: the commands are the same for Microsoft Windows, Windows NT® and Macintosh users.)

      These are the setup commands to configure the modem. You must have access to the enable mode of the modem to setup the modem.
        cbos> enable
        Password:
        cbos# set nvram erase
        cbos# write
        cbos# reboot
              Password: (unless you have set an exec password)
        cbos> enable
              Password: (will bring up cbos# unless you have set an enable password)
        cbos# set ppp wan0-0 ipcp 0.0.0.0
        cbos# set ppp wan0-0 dns 0.0.0.0
        cbos# set ppp wan0-0 login [ISP USERNAME]
        cbos# set ppp wan0-0 password [ISP PASSWORD]
        cbos# set int wan0-0 disable
        cbos# set int wan0-0 vpi 0 vci 32
                             (vpi - 1 for cap and 0 for DMT)
                             (vci - 1 for cap and 32 for DMT or 35 for AOL)
        cbos# set int wan0-0 enable
        cbos# set ppp restart enable (ONLY for 675)
        cbos# set dhcp server enable
        cbos# set nat enable
        cbos# write
        cbos# reboot
    • If you have multiple static IP addressing:

      (Note: the commands are the same for Microsoft Windows, Windows NT and Macintosh users.)

      These are the setup commands to configure the modem. You must have access to the enable mode of the modem to setup the modem.

        cbos> enable
              Password:
        cbos# set nvram erase
        cbos# write
        cbos# reboot
              Password: (unless you have set an exec password)
        cbos> enable
              Password: (will bring up cbos# unless you have set an enable password)
        cbos# set ppp wan0-0 ipcp 0.0.0.0
        cbos# set ppp wan0-0 dns 0.0.0.0
        cbos# set ppp wan0-0 login [ISP USERNAME]
        cbos# set ppp wan0-0 password [ISP PASSWORD]
        cbos# set int wan0-0 disable
        cbos# set int wan0-0 vpi 0 vci 32
                               (vpi - 1 for cap and 0 for DMT)
                               (vci - 1 for cap and 32 for DMT or 35 for AOL)
        cbos# set int wan0-0 enable
        cbos# set ppp restart enable (ONLY for 675)
        cbos# set int eth0 address xxx.xxx.xxx.xxx [reserved gateway IP]
        cbos# set int eth0 netmask [NETWORK_MASK]
                               (for /30, NETWORK_MASK = 255.255.255.252 - 4 IP's)
                               (for /29, NETWORK_MASK = 255.255.255.248 - 8 IP's)
                               (for /28, NETWORK_MASK = 255.255.255.240 - 16 IP's)
                               (for /27, NETWORK_MASK = 255.255.255.224 - 32 IP's)
                               (for /26, NETWORK_MASK = 255.255.255.192 - 64 IP's)
        cbos# set dhcp server disabled
        cbos# set nat disabled
        cbos# write
        cbos# reboot

  3. If you are still having problems once you have confirmed that the Cisco 675 or 678 modem configuration is correct and you are able to maintain a solid WAN connection on your modem, try forcing your computer to actively search for the Qwest® DNS servers:

    • Forcing DNS in Windows 9X:
      1. Force DNSas follows:
        1. Click on the My Computer icon.
        2. Click on the Control Panel icon.
        3. Click on the Network icon.
        4. Highlight the TCP/IP protocol for your Ethernet card and click on the Properties button.
        5. Click on the DNS Configuration tab and choose the Enable DNS option.
      2. Then configure your DNS in Windows as follows:
        1. Hostname can be set to anything. You may wish to simply use your user name.
        2. Domain should be set to qwest.net.
        3. Server Search Order numbers should be set to your primary and secondary DNS numbers (these are on your welcome letter).
        4. Restart your computer.

    • Forcing DNS in Mac® OS:
      1. Go to the open apple in the upper left of your screen and select the Control Panel. Choose the TCP / IP settings. In the TCP/IP menu:
        1. Type in qwest.net in the Server search domain field.
        2. Type in the DNS numbers from your welcome letter in your server search order number area.
        3. Restart your computer.