Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

NEWBIE NEEDS HELP

Hello all,

So new to cisco it's not funny! I can cli configure ip and route and flash ios and not a whole lot else. I have seen some configurations for connecting wic-1enet to pppoe session for dsl, but these are all captures of their startup config if I'm not mistaken. I guess my question is, is what I see in the startup-config's the actuall commands I would need to type in cli? I keep seeing something about a tool that you can make the config and upload it to the router tftp? anyone know what it's called and where I might be able to download it?

Thank you

18 REPLIES
New Member

Re: NEWBIE NEEDS HELP

well, I figured out i could edit in wordpad, and copied a working script from a site and modified for me...won't work though, and i don't know anyway (commands) to troubleshoot to figure out what part isn't working. currently running c1700-sy7-mz.122-4.XL3 and have c1700-k9o3sy7-mz.123-13 that i can throw on it if it is a simple matter of features. Anyway...here is script...let me know if i messed something up please:

!

! NVRAM config last updated at 23:53:50 Central Sat Apr 12 2008

!

version 12.2

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname SANDBOX_1751

!

!

memory-size iomem 20

clock timezone Central -6

mmi polling-interval 60

no mmi auto-configure

no mmi pvc

mmi snmp-timeout 180

ip subnet-zero

!

!

ip name-server 64.91.3.46 (DSL DNS SERVER IP?)

ip name-server 64.91.3.60 (DSL DNS SERVER IP?)

vpdn enable

!

vpdn-group 1

request-dialin

protocol pppoe

!

!

!

interface FastEthernet0/0

description Lan

ip address 1.1.1.3 255.255.255.0

ip nat inside

speed auto

full-duplex

!

interface Ethernet0/0

description iburst

no ip address

ip nat outside

ip tcp adjust-mss 1452

full-duplex

pppoe enable

pppoe-client dial-pool-number 1

no cdp enable

!

interface Dialer1

ip address negotiated

ip mtu 1492

ip nat outside

encapsulation ppp

ip route-cache flow

ip tcp adjust-mss 1452

no ip mroute-cache

dialer pool 1

dialer-group 1

no cdp enable

ppp authentication chap pap callin

ppp chap password 0 pass

ppp pap sent-username XXXX password 0 XXXXX

!

ip classless

ip route 0.0.0.0 0.0.0.0 Dialer1

no ip http server

ip nat inside source list 1 interface Dialer1 overload

!

ip pim bidir-enable

!

!

access-list 1 permit any

access-list 1 permit 1.1.1.0 0.0.0.255

dialer-list 1 protocol ip permit

!

!

!

!

!

!

line con 0

line aux 0

line vty 0 4

login

!

no scheduler allocate

end

Hall of Fame Super Silver

Re: NEWBIE NEEDS HELP

Mark

Without some indication of what is not working it is hard to give you good advice. I have looked at the config and the things that most often cause problems seem to be reasonable:

- there is a static default route, so routing is taken care of.

- you have configured address translation. Though I would ask you to make 1 change in it. Instead of this version of access list

access-list 1 permit any

access-list 1 permit 1.1.1.0 0.0.0.255

please make this the access list

access-list 1 permit 1.1.1.0 0.0.0.255

I have seen some issues where the access list for address translation uses permit any.

Other than this can you tell us how you are testing the router and what is not working? Does it connect to a provider device? Does it get assigned an IP address on the dialer interface?

HTH

Rick

New Member

Re: NEWBIE NEEDS HELP

so just take out the "permit any"? Are my versions of the ios compatible? I just flashed to the 12.3(13) k9 version last night and it didn't seem to make any difference.

I really don't know a whole bunch of commands being so new (and it's kind of hard searching the internet for this stuff), so the only thing I did try was show ip on the dialer 1 (which I can't even remember the full command for right now), and all it said was something to the effect of IP address would be assigned by the ppp or something instead of showing the actual ip. If someone could show me some commands to find out wether or not the dialer is actually making a connection, or wether the pppoe login isn't getting authenticated or what would be really helpful.

Thank you,

Mark

Hall of Fame Super Silver

Re: NEWBIE NEEDS HELP

Mark

Yes just take out the permit any.

I am not sure what you are asking about IOS compatible. For what you are trying to do so far I believe that either of them would work. In the long term I believe that you are better off using the 12.3(13)k9.

I would probably use commands like show ip interface brief or show ip route and see if they show addresses or routes on the dialer.

HTH

Rick

New Member

Re: NEWBIE NEEDS HELP

Thanks. I will try that when I get home tonight.

So, "show ip dialer 1 brief" would be the command I want to use to see if the dialer 1 interface has gotten an ip from the PPPoE server? What about authentication. Can we take it back a step and use a command to see wether or not the PPPoE session even made contact out of the wic-1enet card?

New Member

Re: NEWBIE NEEDS HELP

No Go. See if this means anything to you.

Capture Attached

Hall of Fame Super Silver

Re: NEWBIE NEEDS HELP

Mark

I see the line protocol on interface ethernet 0/0 go to up. So it is connected to something. But it looks like the ppp negotiation is not taking place. Can you clarify what you are connected to on interface ethernet 0/0?

I would suggest that perhaps the next step is to run some debugs. I would probably start with debug ppp negotiation and perhaps debug ppp authentication. run these debugs and post any output. You might want to configure a somewhat larger logging buffer to contain the debug output. Perhaps something like logging buffer 32768. Then you can use the show log command to see the output in the logging buffer on the router. You can also see the debug output on the console port if you are connected on the console. Or if you telnet into the router then use the terminal monitor to see the debug output on your terminal.

HTH

Rick

New Member

Re: NEWBIE NEEDS HELP

Rick,

eth 0/0 is patched to a westell (I think 5104 or 6104) dsl modem/router that is in bridge mode so my cisco can hold the pppoe login and session. I can't figure out where I saw this in another forum, but some said that the authentication might need to be changed from chap/pap whatever to something else....not totally sure, and again, I am very much new to ios commands, although I'm learning a lot.

I set the eth 0/0 for full duplex, just because I read somewhere that the wic-1enet card won't auto-neg and my linksys router always showed a full duplex connection when it was hooked up to the dsl modem. If it helps, my carrier is Centurytel.

I'll try my best to issue the debug commands, pretty sure I can do that, but finding the info to capture might take me a little to figure out, unless everything will be displayed with the "show log" command.

Thank you,

Mark

Hall of Fame Super Silver

Re: NEWBIE NEEDS HELP

Mark

The show log command is the easy way to get all the debug output.

HTH

Rick

New Member

Re: NEWBIE NEEDS HELP

Oh, forgot to mention it'll be a couple of hours before I'm at that location to hook up the dsl to it and run a debug. Any specific time that this should be in debug mode or does the debug commands only run for whatever data is already there to be logged? If it is a simple switch command, I assume no debug .... would be the off switch for that command?

Thank you,

Mark

Hall of Fame Super Silver

Re: NEWBIE NEEDS HELP

Mark

debug runs in real time and reflects activity that occurs while it is running. I would suggest turn on the debug and after it is running go into config mode to the ethernet interface and do a shutdown, wait a bit, then do a no shutdown. This should initiate activity on the interface for the debug to process.

Yes no debug ... is the way to turn it off.

HTH

Rick

New Member

Re: NEWBIE NEEDS HELP

Rick,

I don't know if I gave it enough time or what; just seems like not much info to me. Here it is:

SANDBOX_1751#show log

Syslog logging: enabled (0 messages dropped, 1 messages rate-limited, 0 flushes, 0 overruns, xml disabled)

Console logging: level debugging, 32 messages logged, xml disabled

Monitor logging: level debugging, 0 messages logged, xml disabled

Buffer logging: level debugging, 1 messages logged, xml disabled

Logging Exception size (4096 bytes)

Count and timestamp logging messages: disabled

Trap logging: level informational, 37 message lines logged

Log Buffer (32768 bytes):

20:14:17: %SYS-5-CONFIG_I: Configured from console by console

SANDBOX_1751#debug ppp negotiation

PPP protocol negotiation debugging is on

SANDBOX_1751#debug ppp authentication

PPP authentication debugging is on

SANDBOX_1751#config term

Enter configuration commands, one per line. End with CNTL/Z.

SANDBOX_1751(config)#int eth 0/0

SANDBOX_1751(config-if)#shutdown

SANDBOX_1751(config-if)#

20:16:00: %LINK-5-CHANGED: Interface Ethernet0/0, changed state to administratively down

20:16:01: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, changed state to down

SANDBOX_1751(config-if)#no shutdown

SANDBOX_1751(config-if)#

20:16:28: %LINK-3-UPDOWN: Interface Ethernet0/0, changed state to up

20:16:29: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, changed state to up

SANDBOX_1751(config-if)#^Z

SANDBOX_1751#

20:16:40: %SYS-5-CONFIG_I: Configured from console by console

SANDBOX_1751#show log

Syslog logging: enabled (0 messages dropped, 1 messages rate-limited, 0 flushes, 0 overruns, xml disabled)

Console logging: level debugging, 37 messages logged, xml disabled

Monitor logging: level debugging, 0 messages logged, xml disabled

Buffer logging: level debugging, 6 messages logged, xml disabled

Logging Exception size (4096 bytes)

Count and timestamp logging messages: disabled

Trap logging: level informational, 42 message lines logged

Log Buffer (32768 bytes):

20:14:17: %SYS-5-CONFIG_I: Configured from console by console

20:16:00: %LINK-5-CHANGED: Interface Ethernet0/0, changed state to administratively down

20:16:01: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, changed state to down

20:16:28: %LINK-3-UPDOWN: Interface Ethernet0/0, changed state to up

20:16:29: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, changed state to up

20:16:40: %SYS-5-CONFIG_I: Configured from console by console

SANDBOX_1751#

Hall of Fame Super Silver

Re: NEWBIE NEEDS HELP

Mark

The debug seems to show that there is no ppp negotiation or authentication.

HTH

Rick

New Member

Re: NEWBIE NEEDS HELP

ok. I kind of figured that was the case. How do I make it? Different authent method or something?

Hall of Fame Super Silver

Re: NEWBIE NEEDS HELP

Mark

A different authentication method would only help if there was negotiation and authentication going on. First we need to figure out why there does not appear to be any negotiation or authentication. Since the router does appear to be correctly configured to do negotiation and no negotiation is happening I would wonder if there is some issue on the DSL modem side. Are you sure that the DSL modem is set up correctly for the router to negotiate?

As a check on that I wonder if it would be worth it to change the router configuration so that the Ethernet interface was set for a DHCP address (address negotiated) instead of a dialer? I wonder if it would connect to the DSL modem in that case?

HTH

Rick

New Member

Re: NEWBIE NEEDS HELP

Rick,

Strange; I didn't get an e-mail for your response. Anyway...that sounds like it to me. Our DSL service in bridge mode to a router still needs to hand out a public ip to the router via DHCP. Even our static IP services are really just static DHCP. How do I change that? What command? You see, I just copied that script from another cisco forum that said it worked for them, and I really don't know all of the commands it took to make that config.

Side question: Are there 10/100Mb ethernet wan interfaces for this router? Our DSL speeds are about to hit 15Mb.

Thank you,

Mark

Hall of Fame Super Silver

Re: NEWBIE NEEDS HELP

Mark

I would remove these lines from the Ethernet interface:

pppoe enable

pppoe-client dial-pool-number 1

I would remove:

interface Dialer 1

and I would move this line from the dialer to the Ethernet interface:

ip address negotiated

As far as I know the 1751 supports only a single 10/100 Ethernet interface (the built in interface) and the Ethernet card that goes into the slot is a 10 Mb card (which I assume you already have one of). If you need your LAN to be 100 Mb and you want your WAN to also be 100 Mb then I believe that the 1751 is not the right platform for you. If you move up to an 1841 you get 2 built in 10/100 interfaces plus 2 card slots for additional modules if you need them. But the 1700s are limited in that respect.

HTH

Rick

New Member

Re: NEWBIE NEEDS HELP

wouldn't removing the pppoe feat. be taking the ability for the router to hold the pppoe session and login?

The way I have my DSL setup right now, is that my DSL modem is in bridge mode and passes the pppoe login session to my router. My router needs to perform the pppoe login and optain a DHCP address from my provider.

139
Views
0
Helpful
18
Replies