After some cisco help

Any cisco geeks out there?

I'm having great trouble in getting my wan port up (oo, err missus).
It should be I/f ge1 but whatever I configure, it is as if I've not got it plugged in.

The interface might be shutdown (disabled). Are you using the CLI to configure? If so, enter config mode, change to the relevant interface and issue the 'no shutdown' command.

If it works, don't forget to wr mem

Post a 'show run' if still no joy.

Well I've made a little progress since first posing the question.
But still I'm an out of my depth newbie.
I have the DSL port up, getting an IP okay but cannot ping out from the console (or any lan devices).
NB. I have never had this working on the wan port (gig1) and some remnants may be left over from when on adsl.
I *think* I'm missing a link from the switchports to the outside world.


Building configuration...
Current configuration : 6442 bytes
!
! Last configuration change at 17:32:21 PCTime Wed May 27 2015
! NVRAM config last updated at 17:25:10 PCTime Wed May 27 2015
! NVRAM config last updated at 17:25:10 PCTime Wed May 27 2015
version 15.1
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
no service password-encryption
service sequence-numbers
!
hostname Router1
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
enable secret 5 $1$4AiZ$ORrHvAcmFaXqoGI2wjJsR1
enable password yesyes
!
aaa new-model
!
!
aaa authorization exec default local
!
!
!
!
!
aaa session-id common
wan mode ethernet
clock timezone PCTime 0 0
clock summer-time PCTime date Mar 30 2003 1:00 Oct 26 2003 2:00
no ipv6 cef
no ip source-route
ip cef
!
!
!
ip dhcp excluded-address 192.168.1.100 192.168.1.210
ip dhcp excluded-address 192.168.1.1 192.168.1.19
ip dhcp excluded-address 192.168.1.211 192.168.1.254
!
ip dhcp pool dpool1
import all
network 192.168.1.0 255.255.255.0
default-router 192.168.1.230
lease 10
!
!
ip domain name supanetwork
ip host hub1 192.168.1.230
ip name-server 208.67.222.222
ip name-server 192.168.1.230
!
!
!
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-2087168011
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2087168011
revocation-check none
rsakeypair TP-self-signed-2087168011
!
!
crypto pki certificate chain TP-self-signed-2087168011
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32303837 31363830 3131301E 170D3135 30353132 31333138
30375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 30383731
36383031 3130819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100D3D2 EAE4B109 A6FDAEFC 9069CAB2 ECF3EC63 90B8DBBE FDD0CD34 7653D995
1BDCEAB9 FCA8140A B9B7629B 95874255 5B6FE825 B276642C 5D0EC5D4 95D3B9F1
ECFB3F6E B0E5CE07 A1DCD9B8 CA27B5A8 093297DA 09C10A0F F9F62443 359BF061
3D083167 E3B42407 93EABAF5 CA3FA01F 8335841B 70E0F777 1F8B42B9 8E065F8E
50450203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 143DB2D4 BB54C573 F563F3A6 794BC156 7432946E 40301D06
03551D0E 04160414 3DB2D4BB 54C573F5 63F3A679 4BC15674 32946E40 300D0609
2A864886 F70D0101 05050003 81810058 37D4DE79 0141537B 8F903846 3D05A91F
7A184C19 A3B499FE E671E69E D6657054 ADBF8B9C DBD26055 77F7AC03 F078211C
B7BBEB03 37F552B3 57D87F83 3834AE95 B8B97199 94E239A7 2AB454DA F84B00E3
3DDCC438 557BD19A EF495E03 9729D953 AC0B8B7A AE4E18BC 5AB4A14F 840A492A
0908E26E F4F96A85 73878B2E 24FC91
quit
!
!
username admin privilege 15 password 0 password
username user2 privilege 15 secret 4 YQa2Xx2FTZTxJSWdbplREbgJ0geCWCCAZXrFj3kG/y.
username view
!
!
controller VDSL 0
shutdown
!
ip tcp synwait-time 10
zone security in-zone
zone security out-zone
zone-pair security ccp-zp-self-out source self destination out-zone
zone-pair security ccp-zp-in-out source in-zone destination out-zone
zone-pair security ccp-zp-out-self source out-zone destination self
!
!
!
!
!
!
!
!
!
interface Loopback1
no ip address
!
interface Null0
no ip unreachables
!
interface ATM0
no ip address
no ip unreachables
ip virtual-reassembly in
shutdown
no atm ilmi-keepalive
!
interface Ethernet0
description $ETH-WAN$$FW_INSIDE$
no ip address
no ip unreachables
ip flow ingress
shutdown
!
interface FastEthernet0
no ip address
!
interface FastEthernet1
no ip address
!
interface FastEthernet2
no ip address
!
interface FastEthernet3
no ip address
!
interface GigabitEthernet0
no ip address
!
interface GigabitEthernet1
description GE1-WAN $ETH-WAN$
no ip address
no ip unreachables
ip flow ingress
ip nat outside
ip virtual-reassembly in
ip tcp adjust-mss 1412
duplex auto
speed auto
pppoe-client dial-pool-number 2
!
interface Vlan1
description $ETH_LAN$$FW_INSIDE$
ip address 192.168.1.230 255.255.255.0
no ip unreachables
ip nbar protocol-discovery
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1412
!
interface Async1
no ip address
no ip unreachables
encapsulation slip
!
interface Dialer0
description $FW_OUTSIDE$
mtu 1452
ip address negotiated
no ip unreachables
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 2
dialer-group 2
ppp authentication chap callin
ppp chap hostname [email protected]
ppp chap password 0 password
no cdp enable
!
router rip
redistribute connected
network 192.168.1.0
!
ip forward-protocol nd
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip http client username user1
ip http client password 0 password
!
ip flow-export destination 192.168.1.21 2055
!
ip nat pool pool1 192.168.1.0 192.168.1.255 netmask 255.255.252.0
ip nat inside source list 2 interface Dialer0 overload
ip nat inside source list 90 interface Dialer0 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet1
!
access-list 2 remark CCP_ACL Category=2
access-list 2 permit 192.168.1.0 0.0.0.255
access-list 90 remark new try again
access-list 90 deny 192.168.1.230
access-list 90 permit 192.168.1.0 0.0.0.255
access-list 100 remark CCP_ACL Category=128
access-list 100 permit ip 127.0.0.0 0.255.255.255 any
dialer-list 1 protocol ip permit
dialer-list 2 protocol ip permit
!
no cdp run
!
!
!
!
!
banner login ^CWelcome back Dr Falken ^C
!
line con 0
session-timeout 12
vacant-message ^CLine console 0 timed out or exit

^C
no modem enable
terminal-type word
transport preferred telnet
transport output telnet
line aux 0
terminal-type word
transport preferred telnet
transport output telnet
line vty 0 2
access-class 23 in
privilege level 15
password letmein
terminal-type word
transport preferred telnet
transport input telnet ssh
line vty 3 4
access-class 23 in
privilege level 15
password letmein
transport input telnet
!
scheduler allocate 60000 1000
ntp master
ntp update-calendar
ntp server ntp.homehub.btopenworld.com prefer
cns trusted-server all-agents 192.168.1.230
cns id hardware-serial
cns id hardware-serial event
cns id hardware-serial image
cns exec 80
end

The first thing that comes to mind is that as you're using PPPoE (and therefore a dialer interface) your default route should be pointing at this. So change

ip route 0.0.0.0 0.0.0.0 GigabitEthernet1

to

ip route 0.0.0.0 0.0.0.0 Dialer0

I can see that you have a VLAN for the LAN interfaces. Depending on the model, you may need to associate the LAN side interface you're using, with this VLAN:

interface FastEthernet 0
switchport access vlan 1

I think on the 850 series this is not required. Only 870's or above.

Thanks.

Changing that route (you know I had that in before but along with others) to the dialler only has let me ping the world from console and a lan pc.

I wrote the access line in for fe0 (only) but it doesn't show in the config list and fe0 and gi0 can also ping.

So that's a good step onwards. Can you advise on my dns - nothing is resolving. What I want, is for the ISP to give me the dns addresses (or I could enter them or others manually) but for the dhcp to chuck either these out or show the gateway (1.230) so it can. I think I have a bad conflict here. [EDIT: See new config below, PC getting IP4 dns now but still fails to resolve. I *can* resolve now from the console']

Later, much later, I'm up for some firwall and mac filtering tweaking !!

[edit2 config deleted]

EDIT2
Sorted dns by using IPCP.

PCs working - just need firwall & filtering. Taa.