Cisco 1400 Series Routers

Configuring a Cisco 1417 Router With a Single IP Address, DHCP, NAT, PPPoA, and PPP-CHAP

Document ID: 12825

Updated: Feb 26, 2008



This sample configuration shows a Cisco 1417 Digital Subscriber Line (DSL) Router connecting to a Cisco 6130 Digital Subscriber Line Access Multiplexer (DSLAM) and terminating on a Cisco 6400 Universal Access Concentrator (UAC). The Cisco 1417 has been configured as a Dynamic Host Configuration Protocol (DHCP) server with PPP over ATM (PPPoA).

The Internet Service Provider (ISP) has given the subscriber a single IP address,, for Internet connectivity, but the subscriber has a small network of PCs and wants to have Internet access for all devices.

The solution is to configure Network Address Translation (NAT) on the Cisco 1417. NAT is designed for IP address simplification and conservation, as it enables private IP internetworks that use nonregistered IP addresses to connect to the Internet. NAT operates on a router, usually connecting two networks, and translates the private (in this case the network) addresses in the internal network to legal (in this case addresses before packets are forwarded to another network. As part of this functionality, NAT can be configured to advertise only one address ( for the entire network. This provides additional security, effectively hiding the entire internal network behind that address.

NAT has the dual functionality of security and address conservation and is typically implemented in remote access environments. An IP address of will be manually configured on the Ethernet interface of the Cisco 1417. The Cisco 1417 will be configured to act as a DHCP server and will lease IP addresses to local LAN devices attached to its Ethernet network.

The following configuration shows NAT configured for the Ethernet and ATM interfaces. The Ethernet0 interface has an IP address of with a subnet mask of NAT is configured for inside, which means that the interface is connected to the inside network that is subject to NAT translation. The ATM interface "Dialer0" has an IP address of and a subnet mask of NAT is configured for outside, which means that the interface is connected to an outside network, such as the Internet.

Before You Begin


For more information on document conventions, see the Cisco Technical Tips Conventions.


There are no specific prerequisites for this document.

Components Used

The information in this document is based on the software versions below.

  • Cisco 1417 DSL Router IOS® Software Release 12.1(1.3)T

  • Cisco 6400 UAC-NRP IOS Software Release 12.0(7)DC

  • Cisco 6400 UAC-NSP IOS Software Release 12.0(4)DB

  • Cisco 6130 DSLAM-NI2 IOS Software Release 12.1(1)DA

The information presented in this document was created from devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If you are working in a live network, ensure that you understand the potential impact of any command before using it.


In this section, you are presented with the information to configure the features described in this document.

Note: To find additional information on the commands used in this document, use the Command Lookup Tool (registered customers only) .

Network Diagram

This document uses the network setup shown in the diagram below.



This document uses the configurations shown below.

Cisco 1417
Current configuration:
version 12.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname R1
ip subnet-zero
ip dhcp excluded-address 

!--- The DHCP pool does not lease this address; it is used by interface E0.

ip dhcp pool <pool name>

!--- The default gateway is assigned to local devices.

interface Ethernet0
 ip address
 ip nat inside
interface ATM0
 no ip address
 atm vc-per-vp 4096
 no atm ilmi-keepalive
 pvc 1/44 
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
interface Dialer0
  ip address    
  ip nat outside  
  encapsulation ppp
  dialer pool 1
  dialer-group 2
  ppp authentication chap callin
  ppp chap hostname <username>
  ppp chap password <password>
ip nat inside source list 1  interface Dialer0 overload
ip classless
access-list 1 permit
ip route Dialer0
no ip http server
dialer-list  2  protocol ip permit
line con 0 


There is currently no verification procedure available for this configuration.


There is currently no specific troubleshooting information available for this configuration.

Related Information

Updated: Feb 26, 2008
Document ID: 12825