configure ras dial up internet

Unanswered Question
Apr 22nd, 2010

I have an AS5300


Cisco Internetwork Operating System Software
IOS (tm) 5300 Software (C5300-I-M), Version 12.2(16), RELEASE SOFTWARE (fc3)

This is a machine that I inherited which allows users to dial a number which comes in to the Cisco via a PRI and gives them an IP address, allowing them internet access.

the problem I am having is that users can dial via their PC modem and they get an IP address assigned to them from the Cisco. But they have no internet connectivity at all. They are not even able to ping the Cisco.

I am pretty new to Cisco in general, so any kind of information would be useful, including debug methods and commands. Pointer to sample configurations would help out a lot as well. Below is my config

Current configuration : 8406 bytes
!
version 12.2
service nagle
service timestamps debug uptime
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname ras4.rb
!
logging queue-limit 100
aaa new-model
aaa authentication login default local
aaa authentication ppp default group radius
aaa authorization network default none
aaa accounting send stop-record authentication failure
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 0 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
aaa accounting network default start-stop group radius
aaa accounting system default start-stop group tacacs+
enable secret 5..............
!
!
spe 1/0 2/9
firmware location flash:mica-modem-pw_2_6_2_0.bin
!
!
resource-pool disable
!
clock summer-time BST recurring
no modem fast-answer
modem country mica united-kingdom
modem recovery action none
ip subnet-zero
no ip source-route
ip domain-name ipbill.com
ip name-server 217.73.64.5
!
async-bootp dns-server 217.73.64.5 217.73.64.6
isdn switch-type primary-net5
modemcap entry mica_28800:MSC=&FS29=0
!
controller E1 0
clock source line primary
pri-group timeslots 1-31
!
controller E1 1
clock source line secondary 1
pri-group timeslots 1-31
!
controller E1 2
clock source line secondary 2
pri-group timeslots 1-31
!
controller E1 3
clock source line secondary 3
pri-group timeslots 1-31
!
controller E1 4
clock source line secondary 4
!
controller E1 5
clock source line secondary 5
!
controller E1 6
clock source line secondary 6
!
controller E1 7
clock source line secondary 7
!
!
!
interface Loopback1
description Modem Pool-1 Default Gateway.
ip address 217.73.71.254 255.255.255.0
!
interface Ethernet0
description Temporary Management IP Address
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
keepalive 3
shutdown
no cdp enable
!

interface Serial0
no ip address
no ip mroute-cache
shutdown
no fair-queue
clockrate 2015232
no cdp enable
!
interface Serial1
no ip address
shutdown
no fair-queue
clockrate 2015232
no cdp enable
!
interface Serial2
no ip address
shutdown
no fair-queue
clockrate 2015232
no cdp enable
!
interface Serial3
no ip address
shutdown
no fair-queue
clockrate 2015232
no cdp enable
!
interface Serial0:15
no ip address
ip access-group 100 in
ip access-group 101 out
no ip redirects
no ip unreachables
no ip proxy-arp
encapsulation ppp
ip policy route-map REDIRECT_2_PROXY
no logging event link-status
dialer rotary-group 1
dialer-group 1
autodetect encapsulation ppp v120 lapb-ta
isdn switch-type primary-net5
isdn incoming-voice modem 64
isdn negotiate-bchan
no fair-queue
down-when-looped
no cdp enable
!
interface Serial1:15
no ip address
ip access-group 100 in
ip access-group 101 out
no ip redirects
no ip unreachables
no ip proxy-arp
encapsulation ppp
ip policy route-map REDIRECT_2_PROXY
no logging event link-status
dialer rotary-group 1
dialer-group 1
autodetect encapsulation ppp v120 lapb-ta
isdn switch-type primary-net5
isdn incoming-voice modem 64
isdn negotiate-bchan
no fair-queue
down-when-looped
no cdp enable
!
interface Serial2:15
no ip address
ip access-group 100 in
ip access-group 101 out
no ip redirects
no ip unreachables
no ip proxy-arp
encapsulation ppp
ip policy route-map REDIRECT_2_PROXY
no logging event link-status
dialer rotary-group 1
dialer-group 1
autodetect encapsulation ppp v120 lapb-ta
isdn switch-type primary-net5
isdn incoming-voice modem 64
isdn negotiate-bchan
no fair-queue
down-when-looped
no cdp enable
!
interface Serial3:15
no ip address
ip access-group 100 in
ip access-group 101 out
no ip redirects
no ip unreachables
no ip proxy-arp
encapsulation ppp
ip policy route-map REDIRECT_2_PROXY
no logging event link-status
dialer rotary-group 1
dialer-group 1
autodetect encapsulation ppp v120 lapb-ta
isdn switch-type primary-net5
isdn incoming-voice modem 64
isdn negotiate-bchan
no fair-queue
down-when-looped
no cdp enable
!

interface FastEthernet0
description Main LAN Connectivity
ip address 217.73.64.57 255.255.255.0
ip access-group 105 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip policy route-map REDIRECT_2_PROXY
keepalive 3
duplex auto
speed auto
no cdp enable
!
interface Group-Async1
ip unnumbered Loopback1
ip access-group 100 in
ip access-group 101 out
no ip redirects
no ip unreachables
no ip proxy-arp
no ip mroute-cache
no logging event link-status
dialer in-band
dialer rotary-group 1
dialer-group 1
autodetect encapsulation ppp lapb-ta
async mode dedicated
peer default ip address pool Pool-1
no fair-queue
group-range 1 240
!
interface Dialer1
ip unnumbered Loopback1
ip access-group 100 in
ip access-group 101 out
no ip redirects
no ip unreachables
no ip proxy-arp
encapsulation ppp
no ip mroute-cache
ip policy route-map REDIRECT_2_PROXY
no logging event link-status
dialer in-band
dialer idle-timeout 900
dialer-group 1
autodetect encapsulation ppp lapb-ta
peer default ip address pool Pool-1
no fair-queue
no cdp enable
ppp multilink
hold-queue 25 in
!
ip local pool Pool-1 217.73.71.1 217.73.71.253
ip classless
ip route 0.0.0.0 0.0.0.0 217.73.64.9
ip route 217.73.71.254 255.255.255.255 217.73.64.9
no ip http server
!
!

map-class dialer 56k
dialer isdn speed 56
access-list 90 remark Allow SNMP Access from WATCHER Only.
access-list 90 permit 217.73.64.38
access-list 90 deny   any log
access-list 99 permit 217.73.64.94
access-list 99 remark Allow Privilaged IPz Only.
access-list 99 permit 213.123.206.128
access-list 99 permit 217.73.64.38
access-list 99 deny   any log
access-list 100 remark Allowed Dialup Ranges and virus stoppers
access-list 100 deny   ip host 217.73.71.254 any log
access-list 100 permit ip 217.73.71.0 0.0.0.255 any
access-list 100 deny   tcp any eq 4444 any
access-list 100 deny   tcp any eq 69 any
access-list 100 deny   tcp any eq 135 any
access-list 100 deny   ip any any
access-list 101 remark Deny All RFC1918 Addresses.
access-list 101 deny   ip 10.0.0.0 0.255.255.255 any
access-list 101 deny   ip 172.16.0.0 0.15.255.255 any
access-list 101 deny   ip 192.168.0.0 0.0.255.255 any
access-list 101 permit ip any any
access-list 177 permit icmp any any
dialer-list 1 protocol ip permit
no cdp run
route-map REDIRECT_2_PROXY permit 10
match ip address 100
set ip next-hop 217.73.64.9
!

!
line con 0
exec-timeout 9 0
transport output none
line 1 240
no flush-at-activation
modem Dialin
modem autoconfigure type mica_28800
transport input all
autoselect during-login
autoselect ppp
line aux 0
line vty 0 4
exec-timeout 9 0
transport input telnet
!
ntp clock-period 17180112
ntp peer 217.73.64.5
ntp peer 217.73.64.6
end

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Athiqur Rahman Thu, 04/22/2010 - 08:20

Ok, i managed to get it to work. When setting up the pptp adapter on my windows xp I checked the box 'Negotiate multi-link for single link connections'.

However I still don't understand how this makes the connection work. I am not using multi link.

Could this be anything to do with the fact that I am not doing any form of authentication and authorization? It is a open RAS where any one can connect so long as they dial the right number.

Actions

This Discussion

Related Content