Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Bridge Mode

I'm currently after buying a Cisco 857 and putting it in bridge mode.

Does anyone have a basic config of how this would work.

I'm guessing the ppp authentication can still take place in bridge mode?

I want to plug a cisco ASA into it to terminate all the VPN'S and do the natting.

Thanks

  • WAN Routing and Switching
11 REPLIES
New Member

Bridge Mode

Hi, you want to terminate the dsl line in the router and to the pppoe on the firewall

on the atm bridge-group 1 (plus the pvc commands), on the vlan 1, bridge-group 1 and on global config bridge 1 protocol ieee

Kind regards

New Member

Bridge Mode

I'm currently testing on a cisco 837 here is my ADSL config without bridge mode. Yes i want the DSL to terminate on the router as shown below with dialer0 doing authentication. then would like to plug my ASA into the ethernet port with a public IP. obiously i will get rid of nat and the local IP. can you confirm the rest of the config i will need ?

interface Ethernet0

ip address 192.168.90.254 255.255.255.0

ip nat inside

ip virtual-reassembly

hold-queue 100 out

!

interface Ethernet2

no ip address

hold-queue 100 out

!

interface ATM0

ip address dhcp

no atm ilmi-keepalive

dsl operating-mode auto

pvc 0/38

  encapsulation aal5mux ppp dialer

  dialer pool-member 1

!

!

interface FastEthernet1

duplex auto

speed auto

!

interface FastEthernet2

duplex auto

speed auto

!

interface FastEthernet3

duplex auto

speed auto

!

interface FastEthernet4

duplex auto

speed auto

!

interface Dialer0

ip address negotiated

ip nat outside

ip virtual-reassembly

encapsulation ppp

dialer pool 1

dialer-group 1

ppp authentication chap callin

ppp chap hostname *****

ppp chap password 0 ****

!

ip route 0.0.0.0 0.0.0.0 Dialer0

!

ip http server

no ip http secure-server

!

ip nat inside source list 101 interface Dialer0 overload

!

!

!

!

New Member

Bridge Mode

also i have been reading it is pvc 8/35 not 0/38 is this correct and encapsulation aal5snap ??

New Member

Bridge Mode

Hi, this config is in routed mode. do you want the ASA to get the public IP address, then remove all pppoe commands and the dialer0 interface and bridge the wan and the E0 interfaces

interface Ethernet0 ! in case of 857 interface will be vlan 1

bridge group 1

!

interface ATM0

!ip address dhcp is wrong, it gets address with IPCP but if you want a bridge you don't need any ip address in here at all

no atm ilmi-keepalive

dsl operating-mode auto

bridge group 1

pvc 8/35

  encapsulation aal5snap

!

!

interface loopback 1

ip address 1.1.1.1 255.255.255.255

!this is just for management

!

bridge 1 protocol ieee

!

and then the ASA must do the PPPoE authentication and the NAT. Cisco router will be like a modem with the management ip address 1.1.1.1

Kind regards

New Member

Bridge Mode

Having a few issues here is my config below on the router.

hostname Router

!

boot-start-marker

boot-end-marker

!

no aaa new-model

!

ip cef

!

bridge irb

interface Loopback1

ip address 1.1.1.1 255.255.255.255

!

interface Ethernet0

no ip address

bridge-group1

hold-queue 100 out

!

interface Ethernet2

no ip address

shutdown

hold-queue 100 out

!

interface ATM0

no ip address

no atm ilmi-keepalive

dsl operating-mode auto

bridge-group 1

bridge-group 1 spanning-disabled

pvc 8/35

  encapsulation aal5snap

!

interface FastEthernet1

duplex auto

speed auto

!

interface FastEthernet2

duplex auto

speed auto

!

interface FastEthernet3

duplex auto

speed auto

!

interface FastEthernet4

duplex auto

speed auto

On my ASA which is configured into ethernet0 i have done some debugging and get the following.

ciscoasa(config)# PPPoE: send_padi:(Snd) Dest:ffff.ffff.ffff Src:7cad.746f.8bef

PPPoE: Ver:1 Type:1 Code:09=PADI Sess:0 Len:12

PPPoE: Type:0101:SVCNAME-Service Name Len:0

PPPoE: Type:0103:HOSTUNIQ-Host Unique Tag Len:4

PPPoE: 00000004

PPPoE: padi timer expired

Any idea what the above means?

New Member

Bridge Mode

hi, you need bridge 1 protocol ieee and you don't need ip routing so apply no ip routing  the rest of your config looks fine

check if the interfaces are bridging

R2#sh bridge 1

Total of 300 station blocks, 298 free

Codes: P - permanent, S - self

Bridge Group 1:

    Address       Action   Interface       Age   RX count   TX count

c200.1244.0000   forward   FastEthernet0/1   2          5          4

c202.1244.0001   forward   FastEthernet0/0   2          5          5

you should see your vlan 1 and the atm0

and remove the loopback ip and give it to the interface bvi1

http://www.cisco.com/en/US/tech/tk175/tk15/technologies_configuration_example09186a008071a78c.shtml

kind regards

New Member

Bridge Mode

Thanks for the reply. I will check this out and let you know how i get on. It will be monday now.

Thanks again.

New Member

Bridge Mode

Done the above and see this on the router.

Bridge Group 1:

    Address       Action   Interface       Age   RX count   TX count

7cad.746f.8bf2   forward   Ethernet0         0          9          0

Router#

Outside interface on ASA is set to PPOE with the correct username and password. Debug ppoe shows

padi timer expired. Do a debug ppp authentication shows nothing so i'm guessing it's not even hitting the ISP. problem could be on the bridged router.

New Member

Bridge Mode

Should i not see the atm0 interface when i do show bridge 1 ?

328
Views
0
Helpful
11
Replies
This widget could not be displayed.