Remote network access via external analog modem

Unanswered Question
4rmorris Tue, 06/17/2008 - 17:44

You can configure an async interface for PPP and have a modem on the AUX port. I found this sample config online:

Do a "show line" to identify which async line number is assigned. For instance, in my lab router output below the aux line is Async 97:

lab-rtr#show line

Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int

* 0 CTY - - - - - 1 5 0/0 -

97 AUX 9600/9600 - inout - - - 0 0 0/0 -

98 VTY - - - - - 1 0 0/0 -

The "called router" in the above weblink config would be your router. You can assign IPs dynamically via PPP (preferred) or just assign the user an address for the PPP link. Once he has a PPP session with an IP address, he can access anything you give him access to.

Anyway, once you know the line # you can configure your async port for standard PPP like this:

Good luck,

Ryan Morris

Thank you sir very much for the prompt reply. I had previously set up the dialin like the instructions you pointed me to. But then I understand the requirement to be that the user must be authenticated by windows also Windows must supply the IP address. When I try to do that, the problems arise. Connectivity becomes sporadic and I cannot actually access network resources. Even though I get the dns address from windows, I cannot get to it or ping anything on the network.

hennigan Sun, 06/22/2008 - 14:52

You can configure the Windows box as a RADIUS server and allow it to manage the authentication and assign the address from a pool.

As this is for an actual network connection and not just managing the router, for reasonable performance, you'll probably want to change the serial line speed on the AUX port and modem to something higher than the default 9600. 115200 would be a good choice if both the modem and the router support it.

Thank you for your response. My main concern was whether it could be done at all. I have all the components configured but am getting some screwy results - not being able to hit the dns, or network addresses - so I wondered if it could be done at all. So now I think I just must have a routing issue or something is not configured properly. Thanks again.


This Discussion