Hi all,
I am trying to configure 'HWIC-3G-HSPA-G' card in a 1921 router, using a UK Vodafone SIM card. I have a client connected to the GE 0/0 interface and I am trying to access the web from that client.
Connected to the console port on the 1921 I can see the profile is active because the sim has received an ip address from the carrier. From the console I can ping successfully any website. My problem is I cannot perform the same ping from the client connected to GE 0/0 therefore I suspect a problem with the NAT configuration on the router. From the client I can ping the GE 0/0 interface so traffic is getting to that point. Please find below my config, an suggestions much appreciated.
xxxxxx-3G>en
Password:
xxxxxx-3G#terminal length 0
xxxxxx-3G#show run
xxxxxx-3G#show running-config
Building configuration...
Current configuration : 3030 bytes
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service internal
!
hostname xxxxxx-3G
!
boot-start-marker
boot-end-marker
!
!
no logging console
enable secret 5 $1$kyqx$97rcnl5lUDphCrVkO1lcW/
!
aaa new-model
!
!
aaa authentication login default local
aaa authorization network hw-client-groupname local
!
!
!
!
!
aaa session-id common
!
!
no ipv6 cef
ip source-route
ip cef
!
!
!
!
!
ip domain name xxxxxx-Group.com
ip inspect WAAS flush-timeout 10
ip inspect max-incomplete low 250
ip inspect udp idle-time 20
ip inspect tcp idle-time 1800
ip inspect tcp synwait-time 20
ip inspect tcp max-incomplete host 75 block-time 1
ip inspect name xxxxxx-cbac ftp timeout 30
ip inspect name xxxxxx-cbac tcp timeout 3600
ip inspect name xxxxxx-cbac udp timeout 30
ip inspect name xxxxxx-cbac http timeout 30
ip inspect name xxxxxx-cbac icmp timeout 30
ip inspect name xxxxxx-cbac smtp
!
multilink bundle-name authenticated
!
chat-script gsm "" "ATD*99***1#" TIMEOUT 60 "CONNECT"
crypto pki token default removal timeout 0
!
!
license udi pid CISCO1921/K9 sn FCZ152671HE
!
!
username nxo-support privilege 15 password 7 002A0B56055F065701
username cisco privilege 15 password 7 080048470D18164E4B
username adimobile privilege 15 password 7 0025170F005A185F56
!
redundancy
!
!
!
!
controller Cellular 0/0
!
!
crypto isakmp invalid-spi-recovery
crypto isakmp keepalive 12 10 periodic
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description *** LAN Connection to 1921 Router ***
ip address 10.106.103.1 255.255.255.128
no ip proxy-arp
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Cellular0/0/0
description *** WAN 3G Internet Connection ***
ip address negotiated
no ip redirects
no ip proxy-arp
ip nat outside
ip inspect xxxxxx-cbac out
ip virtual-reassembly in
encapsulation ppp
dialer in-band
dialer idle-timeout 3600 either
dialer string gsm
dialer-group 1
async mode interactive
ppp chap hostname xxxxxx-3G
ppp chap password 7 110A1016141D582B
ppp ipcp dns request
!
interface Cellular0/0/1
no ip address
encapsulation ppp
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip nat inside source list NAT interface Cellular0/0/0 overload
ip route 0.0.0.0 0.0.0.0 Cellular0/0/0
!
ip access-list extended NAT
permit ip 10.106.103.0 0.0.0.255 any
!
dialer-list 1 protocol ip permit
!
!
!
!
!
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line 0/0/0
exec-timeout 0 0
script dialer gsm
modem InOut
no exec
rxspeed 7200000
txspeed 2000000
line 0/0/1
no exec
rxspeed 7200000
txspeed 2000000
line vty 0 4
exec-timeout 0 0
transport input ssh
!
scheduler allocate 20000 1000
end
xxxxxx-3G#exit
