cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
701
Views
0
Helpful
18
Replies

NEWBIE NEEDS HELP

sandman420
Level 1
Level 1

Hello all,

So new to cisco it's not funny! I can cli configure ip and route and flash ios and not a whole lot else. I have seen some configurations for connecting wic-1enet to pppoe session for dsl, but these are all captures of their startup config if I'm not mistaken. I guess my question is, is what I see in the startup-config's the actuall commands I would need to type in cli? I keep seeing something about a tool that you can make the config and upload it to the router tftp? anyone know what it's called and where I might be able to download it?

Thank you

18 Replies 18

sandman420
Level 1
Level 1

well, I figured out i could edit in wordpad, and copied a working script from a site and modified for me...won't work though, and i don't know anyway (commands) to troubleshoot to figure out what part isn't working. currently running c1700-sy7-mz.122-4.XL3 and have c1700-k9o3sy7-mz.123-13 that i can throw on it if it is a simple matter of features. Anyway...here is script...let me know if i messed something up please:

!

! NVRAM config last updated at 23:53:50 Central Sat Apr 12 2008

!

version 12.2

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname SANDBOX_1751

!

!

memory-size iomem 20

clock timezone Central -6

mmi polling-interval 60

no mmi auto-configure

no mmi pvc

mmi snmp-timeout 180

ip subnet-zero

!

!

ip name-server 64.91.3.46 (DSL DNS SERVER IP?)

ip name-server 64.91.3.60 (DSL DNS SERVER IP?)

vpdn enable

!

vpdn-group 1

request-dialin

protocol pppoe

!

!

!

interface FastEthernet0/0

description Lan

ip address 1.1.1.3 255.255.255.0

ip nat inside

speed auto

full-duplex

!

interface Ethernet0/0

description iburst

no ip address

ip nat outside

ip tcp adjust-mss 1452

full-duplex

pppoe enable

pppoe-client dial-pool-number 1

no cdp enable

!

interface Dialer1

ip address negotiated

ip mtu 1492

ip nat outside

encapsulation ppp

ip route-cache flow

ip tcp adjust-mss 1452

no ip mroute-cache

dialer pool 1

dialer-group 1

no cdp enable

ppp authentication chap pap callin

ppp chap password 0 pass

ppp pap sent-username XXXX password 0 XXXXX

!

ip classless

ip route 0.0.0.0 0.0.0.0 Dialer1

no ip http server

ip nat inside source list 1 interface Dialer1 overload

!

ip pim bidir-enable

!

!

access-list 1 permit any

access-list 1 permit 1.1.1.0 0.0.0.255

dialer-list 1 protocol ip permit

!

!

!

!

!

!

line con 0

line aux 0

line vty 0 4

login

!

no scheduler allocate

end

Mark

Without some indication of what is not working it is hard to give you good advice. I have looked at the config and the things that most often cause problems seem to be reasonable:

- there is a static default route, so routing is taken care of.

- you have configured address translation. Though I would ask you to make 1 change in it. Instead of this version of access list

access-list 1 permit any

access-list 1 permit 1.1.1.0 0.0.0.255

please make this the access list

access-list 1 permit 1.1.1.0 0.0.0.255

I have seen some issues where the access list for address translation uses permit any.

Other than this can you tell us how you are testing the router and what is not working? Does it connect to a provider device? Does it get assigned an IP address on the dialer interface?

HTH

Rick

HTH

Rick

so just take out the "permit any"? Are my versions of the ios compatible? I just flashed to the 12.3(13) k9 version last night and it didn't seem to make any difference.

I really don't know a whole bunch of commands being so new (and it's kind of hard searching the internet for this stuff), so the only thing I did try was show ip on the dialer 1 (which I can't even remember the full command for right now), and all it said was something to the effect of IP address would be assigned by the ppp or something instead of showing the actual ip. If someone could show me some commands to find out wether or not the dialer is actually making a connection, or wether the pppoe login isn't getting authenticated or what would be really helpful.

Thank you,

Mark

Mark

Yes just take out the permit any.

I am not sure what you are asking about IOS compatible. For what you are trying to do so far I believe that either of them would work. In the long term I believe that you are better off using the 12.3(13)k9.

I would probably use commands like show ip interface brief or show ip route and see if they show addresses or routes on the dialer.

HTH

Rick

HTH

Rick

Thanks. I will try that when I get home tonight.

So, "show ip dialer 1 brief" would be the command I want to use to see if the dialer 1 interface has gotten an ip from the PPPoE server? What about authentication. Can we take it back a step and use a command to see wether or not the PPPoE session even made contact out of the wic-1enet card?

No Go. See if this means anything to you.

Capture Attached

Mark

I see the line protocol on interface ethernet 0/0 go to up. So it is connected to something. But it looks like the ppp negotiation is not taking place. Can you clarify what you are connected to on interface ethernet 0/0?

I would suggest that perhaps the next step is to run some debugs. I would probably start with debug ppp negotiation and perhaps debug ppp authentication. run these debugs and post any output. You might want to configure a somewhat larger logging buffer to contain the debug output. Perhaps something like logging buffer 32768. Then you can use the show log command to see the output in the logging buffer on the router. You can also see the debug output on the console port if you are connected on the console. Or if you telnet into the router then use the terminal monitor to see the debug output on your terminal.

HTH

Rick

HTH

Rick

Rick,

eth 0/0 is patched to a westell (I think 5104 or 6104) dsl modem/router that is in bridge mode so my cisco can hold the pppoe login and session. I can't figure out where I saw this in another forum, but some said that the authentication might need to be changed from chap/pap whatever to something else....not totally sure, and again, I am very much new to ios commands, although I'm learning a lot.

I set the eth 0/0 for full duplex, just because I read somewhere that the wic-1enet card won't auto-neg and my linksys router always showed a full duplex connection when it was hooked up to the dsl modem. If it helps, my carrier is Centurytel.

I'll try my best to issue the debug commands, pretty sure I can do that, but finding the info to capture might take me a little to figure out, unless everything will be displayed with the "show log" command.

Thank you,

Mark

Mark

The show log command is the easy way to get all the debug output.

HTH

Rick

HTH

Rick

Oh, forgot to mention it'll be a couple of hours before I'm at that location to hook up the dsl to it and run a debug. Any specific time that this should be in debug mode or does the debug commands only run for whatever data is already there to be logged? If it is a simple switch command, I assume no debug .... would be the off switch for that command?

Thank you,

Mark

Mark

debug runs in real time and reflects activity that occurs while it is running. I would suggest turn on the debug and after it is running go into config mode to the ethernet interface and do a shutdown, wait a bit, then do a no shutdown. This should initiate activity on the interface for the debug to process.

Yes no debug ... is the way to turn it off.

HTH

Rick

HTH

Rick

Rick,

I don't know if I gave it enough time or what; just seems like not much info to me. Here it is:

SANDBOX_1751#show log

Syslog logging: enabled (0 messages dropped, 1 messages rate-limited, 0 flushes, 0 overruns, xml disabled)

Console logging: level debugging, 32 messages logged, xml disabled

Monitor logging: level debugging, 0 messages logged, xml disabled

Buffer logging: level debugging, 1 messages logged, xml disabled

Logging Exception size (4096 bytes)

Count and timestamp logging messages: disabled

Trap logging: level informational, 37 message lines logged

Log Buffer (32768 bytes):

20:14:17: %SYS-5-CONFIG_I: Configured from console by console

SANDBOX_1751#debug ppp negotiation

PPP protocol negotiation debugging is on

SANDBOX_1751#debug ppp authentication

PPP authentication debugging is on

SANDBOX_1751#config term

Enter configuration commands, one per line. End with CNTL/Z.

SANDBOX_1751(config)#int eth 0/0

SANDBOX_1751(config-if)#shutdown

SANDBOX_1751(config-if)#

20:16:00: %LINK-5-CHANGED: Interface Ethernet0/0, changed state to administratively down

20:16:01: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, changed state to down

SANDBOX_1751(config-if)#no shutdown

SANDBOX_1751(config-if)#

20:16:28: %LINK-3-UPDOWN: Interface Ethernet0/0, changed state to up

20:16:29: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, changed state to up

SANDBOX_1751(config-if)#^Z

SANDBOX_1751#

20:16:40: %SYS-5-CONFIG_I: Configured from console by console

SANDBOX_1751#show log

Syslog logging: enabled (0 messages dropped, 1 messages rate-limited, 0 flushes, 0 overruns, xml disabled)

Console logging: level debugging, 37 messages logged, xml disabled

Monitor logging: level debugging, 0 messages logged, xml disabled

Buffer logging: level debugging, 6 messages logged, xml disabled

Logging Exception size (4096 bytes)

Count and timestamp logging messages: disabled

Trap logging: level informational, 42 message lines logged

Log Buffer (32768 bytes):

20:14:17: %SYS-5-CONFIG_I: Configured from console by console

20:16:00: %LINK-5-CHANGED: Interface Ethernet0/0, changed state to administratively down

20:16:01: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, changed state to down

20:16:28: %LINK-3-UPDOWN: Interface Ethernet0/0, changed state to up

20:16:29: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, changed state to up

20:16:40: %SYS-5-CONFIG_I: Configured from console by console

SANDBOX_1751#

Mark

The debug seems to show that there is no ppp negotiation or authentication.

HTH

Rick

HTH

Rick

ok. I kind of figured that was the case. How do I make it? Different authent method or something?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco