ASK THE EXPERT- TROUBLESHOOTING ACCESS SERVER CONNECTIVITY ISSUES

Unanswered Question
Jan 30th, 2004
User Badges:
  • Gold, 750 points or more

Welcome to the Cisco Networking Professionals Ask the Expert conversation. This is an opportunity to discuss Troubleshooting Access Server Connectivity Issues with Cisco expert Mak Chitale. Mak is a Customer Support Engineer at the Technical Assistance Center - TAC in San Jose. His current responsibilities include escalations in which he troubleshoots complex issues, provides training, and authors documentation. His areas of expertise are Configuration and Troubleshooting of Access Servers such as PPP and VPDN. Makarand is a CCIE 7071 for ISP Dial. He is the World Wide SME (Subject Matter Expert) for Access technology which involves improving the web documentation. Makarand holds a Bachelor Degree in Marine Engineering (Mechanical / Electrical & Telecommunication Engineering). Remember to use the rating system to let Mak know if you have received an adequate response.


Mak might not be able to answer each question due to the volume expected during this event. Our moderators will post many of the unanswered questions in other discussion forums shortly after the event. This event lasts through February 13. Visit this forum often to view responses to your questions and the questions of other community members.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
kfsaini Sun, 02/01/2004 - 18:57
User Badges:

Hi, I am trying to config WIC 1DSU 56k on 2621. Can you please tell me how i would be able to config the router so it has dedicated access to internet thru the local ISP using the 56k module.


thanks,


Singh

makchitale Mon, 02/02/2004 - 22:56
User Badges:
  • Silver, 250 points or more

The below link has useful info on how to configure the 2600 router with WIC-DSU-56k card,


http://cisco.com/en/US/products/hw/routers/ps233/products_tech_note09186a0080093c56.shtml


For additional info on this card:

http://cisco.com/en/US/products/hw/modules/ps3129/products_tech_note09186a00800a99cc.shtml


Please let me know if that helps or else I will create a config for you & post the same.


Thanks, Mak.

PAUL TRIVINO Mon, 02/02/2004 - 15:56
User Badges:
  • Bronze, 100 points or more

I'm not clear on how the "Ask the Expert" event is supposed to work. I have a Post "Windows TERMINAL Screen garbage - PPP Dialin" on the Remote Access forum, one gentleman posted a reply asking for more info, but that's it. Am I supposed to post queries for the Event under this thread? Or will Mak be looking at all issues on the Forum? Could you clarify this?

makchitale Mon, 02/02/2004 - 23:17
User Badges:
  • Silver, 250 points or more

Under the interface Group-async 1 we have "asyn mode dedicated"... since we are using a post dialup window setting on the client end please change the same to "asyn mode interactive". When we configure for dedicated that means we will start a PPP session (vs a exec session followed by the PPP)...the garbage we see on client screen is the LCP packets from the Cisco3700. NOTE: unless we authenticate or hit the DONE button or type PPP we have not transferred the PPP stack to the client OS (XP/2k etc).


interface Group-Async1

async mode dedicated <==change to async mode interactive

group-range 65 88


line 65 88

autoselect during-login

autoselect ppp


Coming to on how the "Ask the Expert" event is supposed to work. ...all questions posted under this event will be answered by me, other are most welcome to do so too. In short questions posted here will get a response from me if it lies in my field of expertise.


Thanks, Mak.

PAUL TRIVINO Tue, 02/03/2004 - 12:21
User Badges:
  • Bronze, 100 points or more

OK, Mak, here's my question, copied from its separate posting:


Following the "Cfg'ing a C3600 Rtr w/T1/E1 and Digital Modem Net Mod" document, I'm trying to configure a C3725MBUNDLE-24DM box for dialin Remote Access. Basic config is fine:


version 12.2

service timestamps debug datetime localtime

service timestamps log datetime localtime

service password-encryption

!

hostname NETWRZ01

!

logging buffered 65535 debugging

logging monitor informational

enable secret 5

enable password 7

!

username xxxx password xxxx

!

! password is 'user'

!

!

clock timezone PST -8

clock summer-time PDT recurring

ip subnet-zero

!

!

!

async-bootp dns-server 10.8.236.22

async-bootp nbns-server 10.8.236.22

isdn switch-type primary-ni

!

!

controller T1 1/0

framing esf

linecode b8zs

pri-group timeslots 1-24

!

!

!

interface FastEthernet0/0

ip address 10.15.254.120 255.255.255.0

speed 100

full-duplex

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface Serial1/0:23

no ip address

encapsulation ppp

isdn switch-type primary-ni

isdn incoming-voice modem

!

interface Group-Async1

ip unnumbered FastEthernet0/0

encapsulation ppp

dialer in-band

dialer idle-timeout 300

dialer-group 1

async mode dedicated

peer default ip address pool ras-pool

no keepalive

ppp authentication chap pap

group-range 65 88

!

router eigrp 110

network 10.15.254.0 0.0.0.255

no auto-summary

!

ip local pool ras-pool 10.15.254.121 10.15.254.144

ip classless

ip default-network 0.0.0.0

ip http server

!

!

dialer-list 1 protocol ip permit

snmp-server community RW

snmp-server enable traps tty

!

line con 0

exec-timeout 15 0

password 7

login

line 65 88

no flush-at-activation

modem InOut

transport input all

autoselect during-login

autoselect ppp

line aux 0

line vty 0 4

exec-timeout 15 0

password 7

login

!

ntp server x.x.x.x

ntp server x.x.x.x prefer

end


The Windows Dial Up Networking profile specifies to "Show Terminal Window" on connect, which it does, but the terminal window shows garbage. BUT, I type the userid, Enter, and password and Enter, and the connection is established fine. For our users, I need the Terminal Window to work correctly, plus we have a script which waits for "ogin:" and enters the users LoginID, etc. etc.


The clients are XP laptops. We're trying to make a seamless switch from a Lucent/Ascend MAX unit to the C3725. Further information: the "garbage" on the screen *looks like* a data/stops bits mismatch (E/7/1 vs N/8/1) - I say this because the same patter of characters repeats, as if it's a repeating prompt. But I haven't the foggiest idea how to fix that in this scenario. No one in the Laptop or Desktop support groups (at my company) can tell me what kind of terminal is emulated by this window, nor does the Windows XP "Help" have information on it (surprise, surprise!).

makchitale Tue, 02/03/2004 - 14:44
User Badges:
  • Silver, 250 points or more

I went through the thread before responding earlier..resending the same:


Under the interface Group-async 1 we have "asyn mode dedicated"... since we are using a post dialup window setting on the client end please change the same to "asyn mode interactive". When we configure for dedicated that means we will start a PPP session (vs a exec session followed by the PPP)...the garbage we see on client screen is the LCP packets from the Cisco3700.


interface Group-Async1

async mode dedicated <==change to async mode interactive

group-range 65 88


line 65 88

autoselect during-login

autoselect ppp


Thanks, Mak.

PAUL TRIVINO Wed, 02/04/2004 - 15:05
User Badges:
  • Bronze, 100 points or more

Mak, that worked a treat. I had this before but when I saw the "NETWRZ01>" prompt, I thought I could only access the router itself - I did not understand that I could enter "ppp" and get the session started. Thanx!

josephqiu Tue, 02/03/2004 - 07:21
User Badges:

Hi, I have a question about AS5200. We use an AS5200 as RA server for dial-up connections. There is only 1 Ethernet port on the server, which is an AUI port. The server is connected to a Catalyst switch and the link between them is running 10MB and Half-duplex. Recently we found the server performance is not good. Dial-up users complain about slow response although they're just using Telnet terminals. Telneting from campus network to AS5200 itself is also very slow. Sometimes it takes upto 30 seconds to see the content of "sh int e0" command. There's about 14% packet loss from campus network to that server. But no packet loss is detected upto that Catalyst switch.


Actually, we only have 10 users dialing up at peak hours. Ethernet port traffic is only around 400Kbps on average. Average CPU usage is around 25% with peak 35-40%. Memory usage is about 55%. There're some collisions and deferred packets in Ethernet output traffic. But I believe it's just because we're running half-duplex.


So, please advice what's the possible reason for the bad performance of this AS5200, even all users are just using Telnet sessions.


By the way, IOS version: 11.2(10)P.


Thanks a lot!


-Joseph-

makchitale Tue, 02/03/2004 - 15:11
User Badges:
  • Silver, 250 points or more

From the descrition above it appears that it's not just an issue with dialup users but even users telnetting into the as5200 through the LAN side, correct?

If the CPU looks ok then we could be seeing some memory related issue, that is, memory leak/ memory allocation failures etc.


"show log" should give us some indication of the same. I wouldn't suspect an ethernet issue but it's always good to see if changing the cabling or port on the switch changes any thing performance wise.


I would also recommend upgrading to a 11.3/12.0 image depending on the flash/DRAM onboard.


Thanks, Mak.



hgru Thu, 02/05/2004 - 04:56
User Badges:

Hi,


We are working her with ACS 3.0. It has always been working fine but all 221 users where in one group.

Now we decided to create one group per department with the same group settings as the currect group of 221 users and move the users to there own department groups.

After doing so the users cannot logging (via dailup) until there password is reset. This is no workable since they cannot change their password from a remote location.

We are using the Windows NT/2000 to authenicate.



Any ideas?


Hans



makchitale Thu, 02/05/2004 - 11:34
User Badges:
  • Silver, 250 points or more

What kind of databse are we using, ACS or Windows databse?

If ACS database, moving between group from the GUI should not be an issue.

If using windows they we simply delete the users in ACS and it will dynamically created mapping once again when the request is forwarded from ACS to Win.


Thanks, Mak.

hgru Fri, 02/06/2004 - 01:01
User Badges:

Hi,


We are using the windows database.


You mean that if I delete the user in ACS it will re-create the user when the user is doing a dailup. I would say it would fail then. Otherwise every user of the windows environment is automaticly allowed to dailin. And even if this would work how would they end up in the right ACS group?


Hans



makchitale Fri, 02/06/2004 - 13:28
User Badges:
  • Silver, 250 points or more

You need to use the feature of database group mapping.


External user database->Database group mapping --> Windows Database -->Configure --> Select the domain --> Select the AD group --> Add mapping --> map the different groups in your organization to different ACS group.


Remaining group which you do not want to give dialin access at all can be mapped to "No Access" group.


Before you do make these changes, the users must be deleted from ACS database.


http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/csnt30/user/q.htm#56814


Thanks, Mak.

fdiaz83 Thu, 02/05/2004 - 20:29
User Badges:

Hey I was wondering if you knew anybody that could help me with this problem. Both of my routers hang when they should be booting up to the prompt.


Please keep in mind that I will not let me break (yes I am using the proper break sequence for my terminal emulator) and will not go to ROMMON or a Router> prompt.


System Bootstrap, Version 5.2(8a), RELEASE SOFTWAREVersion 2.0, NET2, BFE and GOSIP compliant.


Copyright (c) 1986-1995 by cisco Systems


1 Token Ring/IEEE 802.5 interf


2500 processor with 14336 Kbytes of main memoryial network interface(s)



F3: 7370472+108420+286116 at 0x3000060ration memory.



Restricted Rights Legendrocessor board System flash (Read ONLY



Use, duplication, or disclosure by the Government is




subject to restrictions as set forth in subparagraph


(c) of the Commercial Computer Software - Restricted


Rights clause at FAR sec. 52.227-19 and subparagraph


(c) (1) (ii) of the Rights in Technical Data and Computer


Software clause at DFARS s


San Jose, California 95134-1706





Cisco Internetwork Operating System Software


IOS (tm) 2500 Software (C2500-AINR-L), Version 11.2(17), RELEASE SOFTWARE (fc1)


Copyright (c) 1986-1999 by cisco Systems, Inc.


Compiled Mon 04-Jan-99 17:55 by ashah


Image text-base: 0x03038204, data-base: 0x00001000



cisco 2500 (68030) processor (revision L) with 14336K/2048K bytes of memory.


Processor board ID 02968667, with hardware revision 00000000


Bridging software.


X.25 software, Version 2.0, NET2, BFE and GOSIP compliant.


1 Token Ring/IEEE 802.5 interface(s)


2 Serial network interface(s)


32K bytes of non-volatile configuration memory.


8192K bytes of processor board System flash (Read ONLY)





Press RETURN to get started!




%LINK-3-UPDOWN: Interface Serial0, changed state to down


%LINK-3-UPDOWN: Interface Serial1, changed state to down


%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up


%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down


%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1, changed state to down


%LINEPROTO-5-UPDOWN: Line protocol on Interface TokenRing0, changed state to dow


n


%SYS-5-CONFIG_I: Configured from memory by console


%SYS-5-RESTART: System restarted --


Cisco Internetwork Operating System Software


IOS (tm) 2500 Software (C2500-AINR-L), Version 11.2(17), RELEASE SOFTWARE (fc1)


Copyright (c) 1986-1999 by cisco Systems, Inc.


Compiled Mon 04-Jan-99 17:55 by ashah


%LINK-5-CHANGED: Interface Serial1, changed state to administratively down


%LINK-5-CHANGED: Interface TokenRing0, changed state to administratively down


makchitale Fri, 02/06/2004 - 09:43
User Badges:
  • Silver, 250 points or more

I have seen this issue in the past where after reloading the router the console messages would stop showing up after the interface status are seen. I got around it by pressing the Function keys (F1...etc) on my laptop.

From the bootsequence it appears that the routers are actually up (off course could become unresponsive later due to memory issues or CPU spike). Can you telnet into them?

Can you try the same using another PC/ laptop?


I would like to know a little more on the sequence of events...where they working before, were any changes made prior to this behaviour.


Just a reference doc regarding the break sequence:

http://cisco.com/en/US/products/hw/routers/ps133/products_tech_note09186a0080174a34.shtml


Thanks, Mak.


fdiaz83 Sat, 02/07/2004 - 18:21
User Badges:

Mak,

Even after using another PC it still locks up after it boots, never going to the router prompt, even after pressing the fuction keys. I am only able to connect to the router via its console port.

I know that they were working prior to me receiving them, but since they are essentially a "hand me down" from someone studying for their CCNA I can not inform you of any changes made between the time they were working to the time I recieved them.

hgru Sun, 02/08/2004 - 11:24
User Badges:

Hi,


When you do a "show version" what is teh setting of the config-register?


Hans

fdiaz83 Sun, 02/08/2004 - 17:35
User Badges:

Hans,

I can not even "break" into ROMMON. It seems that it will not accept any keystrokes. I know it is not the cable or the RJ45-DB9 adapter (they've been tested) and it's not the terminal settings because I've checked them. So right now I'm thoroughly stumped. I can't get into ROMMON and it seems as if it won't respond to the keystrokes. Any suggestions? Thanks.

hgru Mon, 02/09/2004 - 01:28
User Badges:

Hi,


Oh sorry I was under the impression that it would boot normally. So you don't get a prompt after booting up and hitting the enter key.


Hmm, eh terminal emulation? Set it to vt1000 Wild guess. Also some terminal emulation programs do not support the CTRL-break properly. Do you have an onld dumb terminal available.


Hans


hgru Tue, 02/10/2004 - 02:57
User Badges:

Hi,


Just wondering can you type any character so that you know your console cable and setiing are correct.


If not:

- Make sure that you are using the right serial port on your PC and that you are using the console connection.

- Try a different console cable

- Is you serial port enabled in the BIOS setup of you PC?

- Keep in mind that some of models of the lager switches uses different console cables.


Just some basic thoughts




igoneal Fri, 02/06/2004 - 04:16
User Badges:

pls my access-server with Async modules gives the result shown below

what is wrong in the configuration?

ACCESS-SERVER#show line 0 7

Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int

0 CTY - - - - - 0 0 0/0 -


Line(s) not in async mode -or- with no hardware support:

1-7

Async33 is up (spoofing), line protocol is up (spoofing)

modem(slot/port):1/0, csm_state:IDLE_STATE,

bchan_num:-1 csm_status(0): CSM_STATUS_UNLOCKED


Hardware is MCOM Integrated Modem Controller

Interface is unnumbered. Using address of Loopback0 (192.168.0.253)

MTU 1500 bytes, BW 9 Kbit, DLY 100000 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation PPP, loopback not set

Keepalive not set

DTR is pulsed for 5 seconds on reset

LCP Closed, multilink Closed

Closed: IPCP

Last input never, output never, output hang never

Last clearing of "show interface" counters 01:07:00

Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

Queueing strategy: fifo

Output queue: 0/10 (size/max)

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

0 packets input, 0 bytes, 0 no buffer

Received 0 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort

Current configuration : 1468 bytes

!

version 12.2

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname ACCESS-SERVER

!

enable secret 5

enable password

!

username igoneal password 0

ip subnet-zero

!

!

!

!

!

!

interface Loopback0

ip address 192.168.0.253 255.255.255.0

!

interface FastEthernet0/0

ip address 81.199.6.148 255.255.255.0

speed 100

full-duplex

!

interface Serial0/0

no ip address

shutdown

clockrate 2000000

!

interface Group-Async1

ip unnumbered Loopback0

encapsulation ppp

dialer in-band

dialer idle-timeout 14400

dialer-group 1

async mode interactive

peer default ip address pool DIALIN

no fair-queue

ppp authentication chap

ppp multilink

group-range 33 40

!

interface Group-Async2

ip unnumbered Loopback0

encapsulation ppp

dialer in-band

dialer idle-timeout 14400

dialer-group 2

async mode interactive

peer default ip address pool DIALIN

no fair-queue

ppp authentication chap

ppp multilink

group-range 65 72

!

ip local pool DIALIN 81.199.6.150 81.199.6.253

ip classless

no ip http server

!

!

line con 0

line 33 40

no flush-at-activation

modem InOut

transport input all

autoselect during-login

line con 0

line 33 40

no flush-at-activation

modem InOut

transport input all

autoselect during-login

autoselect ppp

flowcontrol hardware

line 65 72

no flush-at-activation

modem InOut

transport input all

autoselect during-login

autoselect ppp

flowcontrol hardware

line aux 0

line vty 0 4

password

login

!

end


idoje Fri, 02/06/2004 - 06:37
User Badges:

Pls can someone help with the result I want the TTY to be in async mode, what do I do to this config? pls help


find the new config made some amendments but the tty is not in async mode ye what could be wrong



Current configuration : 3462 bytes

!

version 12.2

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname ACCESS-SERVER

!

enable secret xxxxx

enable password xxxxx

!

username xxxx password xxxx

username test password 0 test

ip subnet-zero

!

!

!

!

!

!

interface Loopback0

ip address 192.168.0.253 255.255.255.0

!

interface FastEthernet0/0

ip address 81.199.6.148 255.255.255.0

speed 100

full-duplex

!

interface Serial0/0

no ip address

shutdown

clockrate 2000000

!

interface Async33

ip unnumbered Loopback0

encapsulation ppp

async mode interactive

peer default ip address pool DIALIN

ppp authentication chap

!

interface Async34

ip unnumbered Loopback0

encapsulation ppp

async mode interactive

peer default ip address pool DIALIN

ppp authentication chap

!

interface Async35

ip unnumbered Loopback0

encapsulation ppp

async mode interactive

peer default ip address pool DIALIN

ppp authentication chap

!

interface Async36

ip unnumbered Loopback0

encapsulation ppp

async mode interactive

peer default ip address pool DIALIN

ppp authentication chap

!

interface Async37

ip unnumbered Loopback0

encapsulation ppp

async mode interactive

peer default ip address pool DIALIN

ppp authentication chap

!

interface Async38

ip unnumbered Loopback0

interface Async39

ip unnumbered Loopback0

encapsulation ppp

async mode interactive

peer default ip address pool DIALIN

ppp authentication chap

!

interface Async40

ip unnumbered Loopback0

encapsulation ppp

async mode interactive

peer default ip address pool DIALIN

ppp authentication chap

!

interface Async65

ip unnumbered Loopback0

encapsulation ppp

async mode interactive

peer default ip address pool DIALIN

no fair-queue

ppp authentication chap

!

interface Async69

ip unnumbered Loopback0

encapsulation ppp

async mode interactive

peer default ip address pool DIALIN

no fair-queue

ppp authentication chap

!

interface Async70

ip unnumbered Loopback0

encapsulation ppp

async mode interactive

peer default ip address pool DIALIN

no fair-queue

ppp authentication chap

!

interface Async71

ip unnumbered Loopback0

encapsulation ppp

async mode interactive

peer default ip address pool DIALIN

no fair-queue

ppp authentication chap

!

interface Async72

ip unnumbered Loopback0

encapsulation ppp

async mode interactive

peer default ip address pool DIALIN

no fair-queue

ppp authentication chap

!

ip local pool DIALIN 81.199.6.150 81.199.6.253

ip classless

no ip http server

!

!

line con 0

line 33 40

no flush-at-activation

modem InOut

transport input all

autoselect during-login

autoselect ppp

flowcontrol hardware

!

line con 0

line 33 40

no flush-at-activation

modem InOut

transport input all

autoselect during-login

autoselect ppp

flowcontrol hardware

line 65 72

no flush-at-activation

modem InOut

transport input all

autoselect during-login

autoselect ppp

flowcontrol hardware

line aux 0

line vty 0 4

password xxxx

login

!

end







makchitale Fri, 02/06/2004 - 10:09
User Badges:
  • Silver, 250 points or more

Not sure what problem you are trying to report...the config is in async mode.

If you look at "sh line" it should say that the lines are in TTY mode & the interfaces them selves are seen as "interface asyn x".


Router1#sh line

Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int

* 0 CTY - - - - - 0 0 0/0 -

33 TTY - inout - - - 0 0 0/0 -

34 TTY - inout - - - 0 0 0/0 -

35 TTY - inout - - - 0 0 0/0 -

36 TTY - inout - - - 0 0 0/0 -


Are you running into connectivity issue or any other issue?


Thanks, Mak.

makchitale Fri, 02/06/2004 - 10:00
User Badges:
  • Silver, 250 points or more

There is nothing wrong with the config but we are looking at the wrong line numbers. This is a modular router & the line numbers/ interface numbers are based on which slot in the chassis the card is inserted (show diag will give that info)

In our case the modems are in slot 1 & 2 (thus the line numbers 33-40 & 65-72). Show line will give us the lines.

So the output for line 1-7 will correctly give the above output.


http://cisco.com/en/US/products/hw/routers/ps274/products_tech_note09186a00801ca70b.shtml


sh line 33 40 or sh line 65 72 should work just fine.


Thanks, Mak.


makchitale Fri, 02/06/2004 - 10:11
User Badges:
  • Silver, 250 points or more

There is nothing wrong with the config but we are looking at the wrong line numbers. This is a modular router & the line numbers/ interface numbers are based on which slot in the chassis the card is inserted (show diag will give that info)

In our case the modems are in slot 1 & 2 (thus the line numbers 33-40 & 65-72). Show line will give us the lines.

So the output for line 1-7 will correctly give the above output.


http://cisco.com/en/US/products/hw/routers/ps274/products_tech_note09186a00801ca70b.shtml


sh line 33 40 or sh line 65 72 should work just fine.


Thanks, Mak.


idoje Tue, 02/10/2004 - 05:59
User Badges:

Mak,

thanks for your help, but when I dial into the router the call doesnot get there and I tried using the phone to call a normal line its working, from sh interface see the result below, what does spoofing mean in the sh interface result?

Async33 is up (spoofing), line protocol is up (spoofing)

modem(slot/port):1/0, csm_state:IDLE_STATE,

bchan_num:-1 csm_status(0): CSM_STATUS_UNLOCKED


Hardware is MCOM Integrated Modem Controller

Interface is unnumbered. Using address of Loopback0 (192.168.0.253)

MTU 1500 bytes, BW 9 Kbit, DLY 100000 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation PPP, loopback not set

Keepalive not set

DTR is pulsed for 5 seconds on reset

LCP Closed

Closed: IPCP

Last input never, output never, output hang never

Last clearing of "show interface" counters 00:21:53

Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

Queueing strategy: weighted fair

Output queue: 0/1000/64/0 (size/max total/threshold/drops)

Conversations 0/0/16 (active/max active/max total)

Reserved Conversations 0/0 (allocated/max allocated)

Available Bandwidth 6 kilobits/sec

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

0 packets input, 0 bytes, 0 no buffer

Received 0 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort

0 packets output, 0 bytes, 0 underruns

0 output errors, 0 collisions, 0 interface resets

0 output buffer failures, 0 output buffers swapped out

0 carrier transitions

my calla are not entering the modem, what could cause this?


waiting for any help


thanks


Godwin

makchitale Tue, 02/10/2004 - 17:10
User Badges:
  • Silver, 250 points or more

This being a DDR (dial on demand) interface it will show a status of UP/UP(spoofing) without any active call on the asyn interface.


NOTE:an asyn interface is not a DDR interface by default, but adding the "dialer in-band" will make it one....this is typically required for making calls OUT. Without the dialer in-band the interface status will be down/down (w/o an active call) so basically with the DDR command we are trying to tell IOS that this interface is UP & can make a call out (with the same in down state, no call will be attempted or no route out will be validated)


Coming to the call failure:

1)Can you reverse telnet into the modem & make a ATDTxxxxxxx call out?

2)For incoming calls, deb modem / deb ppp nego will be useful.


Thanks, Mak.

e-alvarez Fri, 02/06/2004 - 18:30
User Badges:

Hi,

Does anyone know how to stop or kill a CPU process on a 1760 router?

After configuring a "modem autoconfigure discovery" on an Asnyc line, and

removing the line, the router keeps the process running,

consuming a lot of resources. The only way I know to stop this is to

reload the router.


This is the output from the router shwoing this:


Router config:


interface Async5

description ENLACE-ASYNC

bandwidth 28

ip address 180.1.160.94 255.255.0.0

encapsulation ppp

no ip mroute-cache

dialer in-band

dialer idle-timeout 60

dialer enable-timeout 10

dialer wait-for-carrier-time 60

dialer string 018006857522

dialer watch-group 1

dialer-group 1

async default routing

async mode dedicated

priority-group 3

pulse-time 1

ppp authentication chap


line aux 0

script dialer reduno

modem InOut

transport input all

stopbits 1

speed 38400

flowcontrol hardware

line vty 0 4

password 7 13061E010803


show outputs:


S0113MTSTAFE#sh line aux 0

Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int

* 5 AUX 38400/38400 - inout - - - 2 0 56/0 -

Ready, Carrier Dropped


Line 5, Location: "ENLACE-ASYNC", Type: ""

Length: 24 lines, Width: 80 columns

Baud rate (TX/RX) is 38400/38400, no parity, 1 stopbits, 8 databits

Status: Ready, Active, No Exit Banner, Rcvd BREAK, CTS Raised

Modem Configuring, Autoconfig Running

Capabilities: Hardware Flowcontrol In, Hardware Flowcontrol Out

Modem Callout, Modem RI is CD, Line is permanent async interface

Modem state: Ready, Carrier Dropped

Modem hardware state: CTS* noDSR DTR RTS

TTY NUMBER 5

Parity Error = 0 Framing Error = 4806 Receive Error = 4807 Overrun = 56

Outcount = 0 totalout = 2249 incount = 108 totalin = 22676


Special Chars: Escape Hold Stop Start Disconnect Activation

^^x none - - none

Timeouts: Idle EXEC Idle Session Modem Answer Session Dispatch

00:10:00 never none not set

Idle Session Disconnect Warning

never

Login-sequence User Response

00:00:30

Autoselect Initial Wait

not set

Modem type is unknown.

Session limit is not set.

Time since activation: never

Editing is enabled.

History is enabled, history size is 10.

DNS resolution in show commands is enabled

Full user help is disabled

Allowed input transports are pad udptn telnet rlogin.

Allowed output transports are pad telnet rlogin.

Preferred transport is telnet.

No output characters are padded

No special data dispatching characters



S0113MTSTAFE#sh proc cpu

CPU utilization for five seconds: 25%/0%; one minute: 23%; five minutes: 21%

PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process

81 913259913282105538 27 22.52% 22.61% 20.00% 5 Modem Autoconfig



I have tried, clearing the line aux, disconnecting the modem, resetting the modem,

clearing the dialer and none of these things has worked so far.

Even though reloading the router clears the problem, it is time consuming since the

reloading has to be done late at night, so I would like to just kill the stuck process.


I have searched Cisco website and the Internet on how to do this, but have not found

the answer yet.


Any help will be greatly appreciated.


Thanks


Eduardo.


makchitale Mon, 02/09/2004 - 14:24
User Badges:
  • Silver, 250 points or more

This surely is a bug. What IOS image are you running on the c1760?

CSCds47583 "Modem Autoconfig process stuck and using 2% CPU"


Unfortunately there is no way to kill the process thru CLI, try upgrading the IOS or open a TAC case for early resolution.


Thanks, Mak.

agis.lan21 Mon, 02/09/2004 - 04:12
User Badges:

Problem: simultaneous connection setup


R1(7120)-|SW|--R3(5300)--(ISDN )------- 600x

:::::::::::::::::::|35|::::::::::::::::::::::( 6xPRI )-------- Telecommuters

R2(7120)-|12|---R4(5300)--(same MSN)--- with Cisco803

:::::::::::::::::::(NetA)::::::::::::::::::(NetB=ClientBRI)::(NetC=Client-LAN)



_____________________________________________________

R1/R2:


router ospf 1

log-adjacency-changes

summary-address 255.255.0.0

summary-address 255.255.0.0

redistribute connected metric 1000 subnets

redistribute static metric 1000 subnets

____________________________________________________


R3/R4:

...

sgbp group SGBP-GROUP

sgbp member R4(R3)

sgbp ppp-forward

sgbp dial-bids

isdn switch-type primary-net5

...

int dialerX

dialer map ip name

ip route 255.255.255.248

dialer caller

....

router ospf 1

router-id

log-adjacency-changes

redistribute connected subnets

redistribute static

network 0.0.0.255 area 0

____________________________________________________


IOS (tm) 5300 Software (C5300-IS-M), Version 12.2(12a)

IOS (tm) EGR Software (C7100-IK9S-M), Version 12.2(21a)

IOS (tm) C800 Software (C800-Y6-MW), Version 12.1(9)


R3 - HSRP -activ, R4 - HSRP -standby

R3+R4 -SGBP member


We have a problem with our Telecommuters which dial-in, using ISDN BRI-line.

If they come in at R4(standby HSRP), R3 establishes a second (outbound) connection within 2-5 seconds.


Any hints and tricks are welcome!

Thanks, Alex








makchitale Tue, 02/10/2004 - 17:12
User Badges:
  • Silver, 250 points or more

Sorry Alex, I could not figure out how the setup is...if you could explain the same it will help.


Thanks, Mak.

makchitale Wed, 02/11/2004 - 17:24
User Badges:
  • Silver, 250 points or more

Looking at the topology sketch here is what I understand:


1)When a remote 803 calls in to say R4 & connects, the R4 will have a host route (let's assume that the 803 comes with static ip address 1.1.1.1) in the routing table (1.1.1.1/32).

OSPF is supposed to distribute this as an routing update to the remaining routers.

2) In R3, show ip route 1.1.1.1 will show it's learnt via R4 as next hop with an admin value 110.....but in fact when R3 needs to send a packet to 1.1.1.1 it will see the static route with lower admin dist & actually make a call OUT.


Try increasing the admin distance on the static route on the R3:

no ip route 255.255.255.248

ip route 255.255.255.248 200 <===add 200 at the end


Now the point arises is that why did the other routers send packet destined for 1.1.1.1 to R3 instead of R4 (since they should have learnt that thru ospf). It will be interesting to see what the "sh ip route" shows on the remaining routers. Surely SGBP should not cause it, not sure if HSRP is causing it.


Please let me know if increasing the admin value fixes it....


Thanks, Mak.

cusao Thu, 02/12/2004 - 01:41
User Badges:

Hi, My network is a hub and spoke arrangement with some servers at the hubs so it is necessary to sometimes route spoke-hub-spoke. Main connection is T1 to all spokes and working fine. I'm trying to put in ISDN as backup and extra bandwidth. Seems easy enough with backup interface and threshold commands but I'm guessing it is a bad idea to configure these at both ends of the link? yet if at spoke only how does hub know to reserve BRI as backup only. I have EIGRP marked as uninteresting but concerned that ISDN will dial needlesly.

makchitale Thu, 02/12/2004 - 12:39
User Badges:
  • Silver, 250 points or more

With the backup command configured & the primary link still up the DDR interface will be in standby mode, until & unless router sees line protocol go to down state it will not change to UP/UP(spoofing). In case of a T1 it will not really matter of you have the backup command on either end since the p2p DOWN T1 will get the DDR interfaces out of the standby mode.


Thanks, Mak.

cusao Fri, 02/13/2004 - 01:37
User Badges:

Thanks Mak, I understand how the DDR will come out of standby if the T1 is down but do the routers communicate about standby status? If not my concern remains that the end without the backup interface command will attempt to use the DDR when T1 is up unless I command it not to. The same question then applies to the backup load command. Do I actually cause a problem by configuring both ends?


best regards

makchitale Fri, 02/13/2004 - 09:44
User Badges:
  • Silver, 250 points or more

You have a valid concern when using both the backup interface & backup load commands under the T1 interface, I will trying out the same in my lab to see if the load itself brings the DDR interface out of the standby mode (you can ping me off-line at [email protected]).

The end without the backup command will not use the DDR interface if we have the interesting traffic correctly defined....NOTE: when using the backup method (backup command or floating static or dialer watch) a careful evaluation needs to be made of which best suits your environment & requirements. Please refer the below URL for the same:

http://www.cisco.com/en/US/tech/tk801/tk133/technologies_tech_note09186a008009457d.shtml


Thanks, Mak.

makchitale Fri, 02/13/2004 - 10:14
User Badges:
  • Silver, 250 points or more

You have a valid concern when using both the backup interface & backup load commands under the T1 interface, I will trying out the same in my lab to see if the load itself brings the DDR interface out of the standby mode (you can ping me off-line at [email protected]).

The end without the backup command will not use the DDR interface if we have the interesting traffic correctly defined....NOTE: when using the backup method (backup command or floating static or dialer watch) a careful evaluation needs to be made of which best suits your environment & requirements. Please refer the below URL for the same:

http://www.cisco.com/en/US/tech/tk801/tk133/technologies_tech_note09186a008009457d.shtml


Thanks, Mak.

michael.wilkerson Fri, 02/13/2004 - 07:22
User Badges:

I am using a 3640 for dial-up connectivity for my RAS. Question I have is when I set of the local IP pool for the interfaces, is there a way to force the IPs to go in order instead of first available. I would like to start at the first IP assigned and toggle through all in the range before coming back to the first. The command I have in at this point is:

ip local pool dialup xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx.


Is there something that gets added to this command to force IP selceltion in sequence?

makchitale Fri, 02/13/2004 - 10:18
User Badges:
  • Silver, 250 points or more

Assigning the first IP address & going thru the complete range before going back to the first is the default behaviour..I just tried out the same & see it happen. I tried with 12.2 mainline image, what image are you running on the 3640? Can you try playing around with the cache-size at the end of the local pool command to see if that works.


Thanks,Mak.

michael.wilkerson Fri, 02/13/2004 - 11:47
User Badges:

I am currently running 11.3T(10)


Here are the pertinent commands for the dialup pool:


interface Group-Async1

ip unnumbered Ethernet3/0

no ip directed-broadcast

encapsulation ppp

async mode interactive

peer default ip address pool dialup

no cdp enable

group-range 33 56

!

interface Group-Async2

ip unnumbered Ethernet3/0

no ip directed-broadcast

encapsulation ppp

async mode interactive

peer default ip address pool dialup

no cdp enable

group-range 65 88

!

ip local pool dialup 131.15.160.50 131.15.160.120


Is the cache size a feature with a different IOS?


dmillsom Fri, 02/13/2004 - 08:15
User Badges:

I am having problems getting the AUS port on my 3640 to talk ppp. I have a Hayes Accura v.92 modem

connected.

If I dial up the line using hyperterm I get a username prompt and can log in successfully.

If I enter ppp it says ppp is not permitted on this line.

Here is some of the conficuration:

line aux 0

exec-timeout 0 0

modem InOut

modem autoconfigure discovery

exec prompt timestamp

transport preferred lat pad v120 lapb-ta mop telnet rlogin udptn nasi ssh

autoselect arap

autoselect during-login

speed 57600

flowcontrol hardware



...


pagemill#sho running in async129

Building configuration...


Current configuration : 276 bytes

!

interface Async129

description AUX

ip unnumbered Loopback3

encapsulation ppp

ip tcp header-compression

autodetect encapsulation ppp lapb-ta

peer ip address forced

peer default ip address pool dialup

no keepalive

ppp authentication chap ms-chap ms-chap-v2 pap

end




makchitale Fri, 02/13/2004 - 10:22
User Badges:
  • Silver, 250 points or more

Please try the following:

conf t

int a129

asyn mode interactive


line aux 0

autoselect ppp


Thanks, Mak.

rhegde Fri, 02/13/2004 - 09:47
User Badges:

I have AS5350 . How do I fix the modem speed to 9600 bps on group of 20 digital modems ?

Actions

This Discussion