877 - DSL config

Answered Question

Hi Guys


Couldn't find any answer to this anywhere so hope someone can help.


We are trying to connect our 877 DSL router to Verizon DSL. Of course they are no help at all as once you tell them you are using a Cisco router you may as well admit to having the Ebola virus!


I know the PVC settings are 0/35 from the previous router. I'm not sure about the encapulsation type. The last router had it as "routed bridge". I therefore presume that it should be RFC 1483 (aal5snap)?


Nothing is going on though. Here is the ATM config:


Interface ATM0

no ip address

no ip-route cache

no atm ilmi-keepalive

dsl operating-mode auto


interface ATM0.1 point-to-point

ip address xxxxx

ip nat outside

ip virtual-reassembly

no ip route-cache

pvc 0/35

encapsulation aal5snap


I have tried a few encapsulation types but with no luck. I can't ping the DSL gateway, also I can't ping the local ATM0.1 interface! is this normal.


Anyway - any help appreciated.


Dan

Correct Answer by paolo bevilacqua about 9 years 1 month ago

Hi, you have:


no ip routing


please re-enable ip routing, ip cef, and ip route-cache on applicable interfaces.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
paolo bevilacqua Thu, 06/19/2008 - 08:28
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

There are two techniques. One is the one you found. The other use a BVI interface and is more common in configuration examples.

Thanks for the reply. I am now having a problem with PAT! Would you be able to help with this - or should I start a new thread? The NAT/PAT below looks OK to me - but no joy. The router can get out to the internet it just isn't translating inside packets to get outside ie a PC with IP 192.168.2.8 with gateway 192.168.2.1. NB I have not set the wireless up yet.


!

no ip routing

no ip cef

no ip dhcp use vrf connected

ip dhcp excluded-address 192.168.2.1 192.168.2.9

ip dhcp excluded-address 192.168.2.51 192.168.2.254

!

ip dhcp pool sdm-pool1

network 192.168.2.0 255.255.255.0

dns-server xxxxxxxxx

default-router 192.168.2.1

!

!

ip auth-proxy max-nodata-conns 3

ip admission max-nodata-conns 3

!

archive

log config

hidekeys

!

bridge irb

!

interface ATM0

no ip address

no ip route-cache

no atm ilmi-keepalive

dsl operating-mode auto

!

interface ATM0.1 point-to-point

ip address xxxxxxxxx 255.255.255.0

ip nat outside

ip virtual-reassembly

no ip route-cache

atm route-bridged ip

pvc 0/35

encapsulation aal5snap

!

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

!

interface Dot11Radio0

no ip address

no ip route-cache

shutdown

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0

station-role root

!

interface Vlan1

no ip address

no ip route-cache

bridge-group 8

!

interface BVI8

ip address 192.168.2.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 xxxxxxxxxx

!

ip http server

no ip http secure-server

ip nat inside source list 1 interface ATM0.1 overload

!

access-list 1 remark INSIDE_IF=Vlan1

access-list 1 remark SDM_ACL Category=2

access-list 1 permit 192.168.2.0 0.0.0.255

!

control-plane

!

bridge 8 protocol ieee

bridge 8 route ip


paolo bevilacqua Thu, 06/19/2008 - 08:57
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

Seems fine to me. I would set "ip route cache" back on the other hand that cannot be causing the problem.

Take a traceroute from the PC and check that too.

paolo bevilacqua Thu, 06/19/2008 - 10:17
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

Please send "show ip nat translations" when pinging from PC.

Also, xxxx in ip route 0.0.0.0 0.0.0.0, is that the IP address of the default GW, same that you're pinging ?

thotsaphon Thu, 06/19/2008 - 10:31
User Badges:
  • Gold, 750 points or more

DAN,

I would know that you are trying to connect to your ISP with "route mode" or "bridge mode"

If you're trying to use the bridge mode then I haven't seen the bridge group mapping on the ATM interface.Let's ask your ISP to make life a bit easy.


HTH

Thot

paolo bevilacqua Thu, 06/19/2008 - 10:34
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

Thot,


he has "atm route-bridged ip" and can ping from router. Likely an issue with the PC.

Thanks - I think I just lost a whole post so hopefully this isn't a repeat.


Yes, it looks likely to be a problem behind the router. I can ping the gateway (yes that is the xxxx in the route). I can also ping outside the gateway. I can also ping the ATM interface from another router on a different external network.


I'll try the show ip nat translations when pinging. When I looked at it previously everything was still 0. I tried debug ip nat - but didn't get anything.


I'll try tommorow (I'm in the UK and the router is in the US)


Thanks for your help.


Dan

I rebuilt the NAT on VLAN1. The entire config is below. Still no translations taking place from inside to outside.


Where can I go from here? May have to admit defeat and raise a TAC!


!version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname xxxxxx

!

boot-start-marker

boot-end-marker

!

logging buffered 4096

enable secret 5 $xxxx

enable password xxxxxx

!

no aaa new-model

!

!

no ip routing

no ip cef

no ip dhcp use vrf connected

ip dhcp excluded-address 192.168.2.1 192.168.2.9

ip dhcp excluded-address 192.168.2.51 192.168.2.254

!

ip dhcp pool sdm-pool1

network 192.168.2.0 255.255.255.0

dns-server 71.x.x.12

default-router 192.168.2.1

!

!

ip auth-proxy max-nodata-conns 3

ip admission max-nodata-conns 3

!

!

!

!

!

archive

log config

hidekeys

!

!

!

!

!

interface ATM0

no ip address

no ip route-cache

no atm ilmi-keepalive

dsl operating-mode auto

!

interface ATM0.1 point-to-point

ip address xxxxxx 255.255.255.0

ip nat outside

ip virtual-reassembly

no ip route-cache

atm route-bridged ip

pvc 0/35

encapsulation aal5snap

!

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

!

interface Dot11Radio0

no ip address

no ip route-cache

shutdown

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0

station-role root

!

interface Vlan1

ip address 192.168.2.1 255.255.255.0

ip nat inside

ip virtual-reassembly

no ip route-cache

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 xxxxxx

!

ip http server

no ip http secure-server

ip nat inside source list 1 interface ATM0.1 overload

!

access-list 1 remark SDM_ACL Category=2

access-list 1 permit 192.168.2.0 0.0.0.255

!

!

!

control-plane

!

!

line con 0

no modem enable

line aux 0

line vty 0 4

password xxxxxxx

login

!

scheduler max-task-time 5000

end

Correct Answer
paolo bevilacqua Fri, 06/20/2008 - 03:50
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

Hi, you have:


no ip routing


please re-enable ip routing, ip cef, and ip route-cache on applicable interfaces.



paolo bevilacqua Fri, 06/20/2008 - 05:05
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

1. Indeed.

2. SDM often do wrong things. Avoid using it.

3. There is no relationship. Routing needs to be enabled.


Thanks for the appreciation and good luck!


Actions

This Discussion