There are many of yesterdays Cisco routers still available that are capable of serving the purpose of a home router. Benefits to this are:
- Get to use the familiar IOS used at work on your home network as well
- These routers are still more powerful than many of the new SOHO routers of today
- Can run modern IOS (12.3) with an easy flash/ram upgrade – allowing you to use many newer features.
- Can be purchased very cheaply – I’ve found them on Ebay for as little as $25.
This article focuses specifically on the Cisco 1605 router, because it has two Ethernet ports. One of the ports will be connected to the cable/dsl modem and the other to an internal switch. The 1605 router uses flash on a PCMCIA card. A 16mb card is all that is needed to hold the image and there is still room for crashdump and configuration file saves. The DRAM can be upgraded by placing a 32Mb chip in the single slot of these routers. I was able to upgrade my 1605 with a SIMM from a 2500 router (same memory).
Here is a show version of the 1605:
(Note: Although 12.3 is available for this device – I am running a 12.2 image to get the feature set needed with the amount of memory I have – only 16mb).
Router#sh ver Cisco Internetwork Operating System Software IOS (tm) 1600 Software (C1600-NOSY-M), Version 12.2(46a), RELEASE SOFTWARE (fc1) Copyright (c) 1986-2007 by cisco Systems, Inc. Compiled Wed 11-Jul-07 19:12 by pwade Image text-base: 0x02005000, data-base: 0x0293B3CC ROM: System Bootstrap, Version 11.1(12)XA, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1) ROM: 1600 Software (C1600-RBOOT-R), Version 11.1(12)XA, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1) Router uptime is 1 day, 6 hours, 26 minutes System returned to ROM by power-on System restarted at 13:50:23 CST Sat Nov 17 2007 System image file is "flash:c1600-nosy-mz.122-46a.bin" cisco 1605 (68360) processor (revision C) with 15470K/914K bytes of memory. Processor board ID 14431821, with hardware revision 00000000 Bridging software. X.25 software, Version 3.0.0. 2 Ethernet/IEEE 802.3 interface(s) System/IO memory with parity enabled 16384K bytes of DRAM on SIMM (On Board Memory disabled) System running from RAM 7K bytes of non-volatile configuration memory. 16384K bytes of processor board PCMCIA flash (Read/Write) Configuration register is 0x2102
The following is a working configuration that can be used in a home network environment:
version 12.2 service timestamps debug datetime localtime service timestamps log datetime localtime service password-encryption ! hostname Router ! aaa new-model aaa authentication login default local enable secret <secretpassword> ! username admin password <adminpw> clock timezone CST -6 ip subnet-zero ip domain-name xpresslearn.int ! ip dhcp pool home_lan network 192.168.200.0 255.255.255.0 default-router 192.168.200.1 dns-server <isp-dns-ip-1> isp-dns-ip-2> ! ! ! ! interface Ethernet0 description Attached to Cable Modem ip address dhcp ip nat outside ! interface Ethernet1 description Internal Network Default Gateway ip address 192.168.200.1 255.255.255.0 ip nat inside ! ip nat inside source list 100 interface Ethernet0 overload ip classless no ip http server ! access-list 1 remark Allowed telnet management sources access-list 1 permit 192.168.200.0 0.0.0.255 log access-list 1 deny any log access-list 100 remark Inside Source addresses for NAT Translation access-list 100 deny ip any host 192.168.200.1 access-list 100 permit ip 192.168.200.0 0.0.0.255 any ! line con 0 line vty 0 4 access-class 1 in ! ntp clock-period 17042421 ntp server 198.38.16.2 end
This configuration does the following:
- Enables AAA and sets the default authentication method to using the local defined username/password
- DHCP Server configured for assigning IP addresses to internal clients that are directly connected to the inside interface of the router
- Set’s the outside interface (connected to a cable modem) to DHCP
- Set’s the internal interface (connected to home switch) to 192.168.200.1
- Configures Port Addresses Translation (PAT) to nat the internal addresses behind the dynamically assigned Public IP assigned to the public interface
- Secures the router, so that only trusted IP source networks can telnet to the device
- Configured an ntp server (pool.ntp.org), so that the correct time can be kept up with on the router for logging purposes, etc…


Print This Post







February 20th, 2009 at 12:24 pm
Excellent article for CCNA learners like myself. I been trying to look for this config for a while but to no avail. Thank you
July 16th, 2009 at 7:51 pm
thanks for the config, any changes if you want to put it behind another router? My situation is this: i want to have a play router in a network and i want to forward ssh sessions to it, but i dont want to use that router as my primary. Are there any issues im going to run into having it beind nat?
-James
October 20th, 2009 at 7:38 pm
I just purchased a Cisco 2611XM for use on my home network and your config was extremely helpful. Do you have any tips for blocking ICMP on the outside interface (incoming)? Thanks.