How to Configure a Basic Router with CLI in Bangladesh
How to Configure a Basic Router with CLI in Bangladesh
This step-by-step guide shows how to bring a small site or home office online using a typical Bangladesh ISP connection (often PPPoE or a static IP). We’ll cover WAN setup, LAN, DHCP, NAT, DNS, basic security, and verification on Cisco IOS. MikroTik equivalents are included at the end.
What You Need
- A router with CLI (Cisco ISR/Catalyst IR, MikroTik, etc.).
- ISP handoff on Ethernet (ONT/media converter) with PPPoE username/password or static IP.
- Console/SSH access and a terminal app.
Quick Start – Cisco IOS (copy-paste)
This configuration assumes:
- LAN: 192.168.10.0/24 on
GigabitEthernet0/0 - WAN: Option A PPPoE on
GigabitEthernet0/1(common in BD), or Option B Static IP - DNS: Cloudflare (1.1.1.1) + Google (8.8.8.8)
- Timezone: Asia/Dhaka
1) Basic identity, time, and SSH
conf t hostname BD-RTR ip domain-name techornothing.local clock timezone BD +6 0 service timestamps log datetime msec username admin privilege 15 secretcrypto key generate rsa modulus 2048 ip ssh version 2 line vty 0 4 login local transport input ssh exit banner motd ^ Authorized use only. ^
2) LAN interface + DHCP
conf t interface GigabitEthernet0/0 description LAN ip address 192.168.10.1 255.255.255.0 no shutdown exit ip dhcp excluded-address 192.168.10.1 192.168.10.20 ip dhcp pool LAN-10 network 192.168.10.0 255.255.255.0 default-router 192.168.10.1 dns-server 1.1.1.1 8.8.8.8 lease 1
3) WAN – Option A: PPPoE (most common)
conf t interface GigabitEthernet0/1 description WAN-to-ISP (PPPoE) no ip address pppoe enable group global pppoe-client dial-pool-number 1 no shutdown exit interface Dialer1 mtu 1492 ip address negotiated ip nat outside encapsulation ppp dialer pool 1 ppp chap hostnameppp chap password ppp pap sent-username password no shutdown exit interface GigabitEthernet0/0 ip nat inside exit ip route 0.0.0.0 0.0.0.0 Dialer1
WAN – Option B: Static Public IP (alternative)
conf t interface GigabitEthernet0/1 description WAN-to-ISP (Static) ip addressip nat outside no shutdown exit ip route 0.0.0.0 0.0.0.0
4) NAT overload (PAT)
conf t access-list 100 permit ip 192.168.10.0 0.0.0.255 any ip nat inside source list 100 interface Dialer1 overload ! for PPPoE ! or: ! ip nat inside source list 100 interface GigabitEthernet0/1 overload
5) Basic hardening
conf t no ip http server no cdp run service password-encryption logging buffered 64000 access-list 10 permit 192.168.10.0 0.0.0.255 line vty 0 4 access-class 10 in exit write memory
6) Verification & useful commands
show ip interface brief show interface dialer1 show pppoe session show ip dhcp binding show ip nat translations show ip route ping 1.1.1.1 source 192.168.10.1 ping google.com traceroute google.com
MikroTik RouterOS (equivalent quick config)
Interface names may vary (ether1 WAN, ether2 LAN). Adjust as needed.
1) Identity, time, user
/system identity set name=BD-RTR /system clock set time-zone-name=Asia/Dhaka /user add name=admin group=full password=disabled=no /ip service set telnet disabled=yes /ip service set www disabled=yes
2) LAN + DHCP + DNS
/ip address add interface=ether2 address=192.168.10.1/24 comment=LAN /ip pool add name=LAN-POOL ranges=192.168.10.21-192.168.10.200 /ip dhcp-server add name=LAN-DHCP interface=ether2 address-pool=LAN-POOL lease-time=1d disabled=no /ip dhcp-server network add address=192.168.10.0/24 gateway=192.168.10.1 dns-server=1.1.1.1,8.8.8.8 /ip dns set servers=1.1.1.1,8.8.8.8 allow-remote-requests=yes
3) WAN Option A – PPPoE
/interface pppoe-client add name=pppoe-out1 interface=ether1 user=password= disabled=no use-peer-dns=yes add-default-route=yes /ip firewall nat add chain=srcnat out-interface=pppoe-out1 action=masquerade
WAN Option B – Static
/ip address add interface=ether1 address=/ /ip route add dst-address=0.0.0.0/0 gateway= /ip firewall nat add chain=srcnat out-interface=ether1 action=masquerade
4) Test
/ping 1.1.1.1 /tool traceroute address=google.com /ip dhcp-server lease print
Troubleshooting Checklist
- PPPoE auth fails: re-check username/password and MTU (1492). Confirm the ISP VLAN isn’t required.
- Got IP but no internet: default route present? DNS reachable? NAT rule applied to correct WAN?
- Clients no IP: verify DHCP pool, server status, and that the LAN interface is up.
- Slow sites but ping ok: check DNS, try 1.1.1.1/8.8.8.8; verify there isn’t a double-NAT upstream.
- Bangladesh-specific tip: many ISPs peer via BDIX; if international seems slow but local fast, open a ticket with your ISP and ask them to check upstream routing.
Note: command examples assume lab defaults; adapt interface names and addresses to your environment.
Comments
Post a Comment