Cisco 1400 Series Routers

Configuring a Cisco 1417 ADSL Bridge With NAT

Document ID: 12824

Updated: Jun 01, 2005



This document provides a sample configuration that illustrates an asymmetric digital subscriber line (ADSL)-bridge configuration with Network Address Translation (NAT). This configuration has been tested to work with the residential ADSL service of the Pacific Bell and can be used to replace the Alcatel ADSL modem provided by Pacific Bell.

In order to "route" the Ethernet segment to the Internet, as well as "bridge" between your site and Pacific Bell, use the bridge irb command.

The internal network appears to the Internet (and Pacific Bell) as a single host because NAT is used, and the single host visible to the outside world is the Bridge Virtual Interface (BVI).

Do not include the Ethernet in your bridge group since you probably do not want your internal traffic bridged to the public network.

This configuration also makes the router a Dynamic Host Configuration Protocol (DHCP) server for the internal network. This offers private addresses from to, offers Domain Naming System (DNS) servers to Pacific Bell, and gives the Pacific Bell its own address at the default gateway.



Ensure that you meet these requirements before you attempt this configuration:

  • Cisco IOS® Software Release 12.0(3)T

  • Cisco 1417

  • Residential ADSL service of Pacific Bell

  • This configuration is known to work with this:

    ------------------ show version ------------------
    Cisco Internetwork Operating System Software
    IOS (tm) 1400 Software (C1400-NOSY-M), Version 12.0(5)T1,  RELEASE =
    SOFTWARE (fc1)
    Copyright (c) 1986-1999 by cisco Systems, Inc.
    Compiled Tue 17-Aug-99 10:29 by cmong
    Image text-base: 0x02005000, data-base: 0x0277197C
    ROM: System Bootstrap, Version 12.0(3)T, RELEASE SOFTWARE (fc1)
    ROM: 1400 Software (C1400-RBOOT-R), Version 12.0(3)T,  RELEASE SOFTWARE =
    Router1417 uptime is 5 days, 11 hours, 15 minutes
    System returned to ROM by power-on
    System restarted at 11:05:59 UTC Thu Nov 25 1999
    System image file is "flash:c1400-nosy-mz.120-5.T1"
    cisco 1417 (68360) processor (revision D) with 13312K/3072K bytes of =
    Processor board ID 14520795, with hardware revision 00000000
    Bridging software.
    X.25 software, Version 3.0.0.
    1 Ethernet/IEEE 802.3 interface(s)
    1 ATM network interface(s)
    System/IO memory with parity disabled
    8192K bytes of DRAM onboard 8192K bytes of DRAM on SIMM
    System running from RAM
    7K bytes of non-volatile configuration memory.
    4096K bytes of processor board PCMCIA flash (Read/Write)
    Configuration register is 0x2102 

Components Used

This document is not restricted to specific software and hardware versions.

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.


Refer to the Cisco Technical Tips Conventions for more information on document conventions.


In this section, you are presented with the information to configure the features described in this document.

Note: Use the Command Lookup Tool (registered customers only) to obtain more information on the commands used in this section.

Network Diagram

This document uses this network setup:



This document uses these configurations:

Cisco 1417
------------------ show running-config ------------------

Building configuration...

Current configuration:
! Last configuration change at 21:13:19 UTC Tue Nov 30 1999
! NVRAM config last updated at 21:14:45 UTC Tue Nov 30 1999
version 12.0
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
service udp-small-servers
service tcp-small-servers
hostname Router1417
enable password 0 letmein
ip subnet-zero
no ip domain-lookup
ip dhcp excluded-address
ip dhcp pool ippool1417
bridge irb
process-max-time 200
interface Loopback1
 no ip address
 no ip directed-broadcast
interface Ethernet0
 ip address
 no ip directed-broadcast
 ip nat inside
interface ATM0
 no ip address
 no ip directed-broadcast
 atm vc-per-vp 64
 no ATM ilmi-keepalive
 pvc 8/35
  encapsulation aal5snap
 bridge-group 1
interface BVI1
 ip address <cust-router-ip>
 no ip directed-broadcast
 ip Nat outside
ip default-gateway <pbi-router-ip>
ip Nat pool pbi <cust-router-ip> <cust-router-ip> prefix-length 24
ip Nat inside source list 10 pool pbi overload
ip classless
ip route <pbi-router-ip> permanent
ip http server
access-list 10 permit
bridge 1 protocol ieee
 bridge 1 route ip
line con 0
 transport input none
line vty 0 4
 password 0 letmein


Use this section to confirm that your configuration works properly.

  • show interface ATM 0—If the line is down, check the cabling.

  • show ip nat translations—In order to see if it is necessary to translate addresses for each internal client.

  • debug atm events—In order to look for the modem state:

    0x8 means that the modem waits to hear from central office (CO). This probably means that you do not have a good connection to the CO. Check the connection and make sure that the correct cable is used.

    0x10 means that the modem heads from the CO and now trains. The CO is connected, and the modems attempt to negotiate a connection. If it fails in this state, there is probably an incompatibility between the ADSL interface of the Cisco 1417 and the CO. Make sure that the correct virtual path identifier/virtual channel identifier (VPI/VCI) is used.

    0x20 means that activation is completed, and the link is up.


This section provides information you can use to troubleshoot your configuration.

Troubleshooting Commands

The Output Interpreter Tool (registered customers only) (OIT) supports certain show commands. Use the OIT to view an analysis of show command output.

Note: Refer to Important Information on Debug Commands before you use debug commands.

Related Information

Updated: Jun 01, 2005
Document ID: 12824