Announcement

Collapse
No announcement yet.

Cisco 877 adsl Router config problem (PPPoA ADSL).

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Cisco 877 adsl Router config problem (PPPoA ADSL).

    Basic 877 config for BT broadband? Hi, I am trying to get a 877 running on BT broadband but struggling to get it to on line. I have tried numerous config posted on the net which supposedly work but they yield the same result. Let me explain, I have resolved my router DNS issue's and configured DHCP. when I configured Cisco ADSL 877 however I'm having a bit of a nightmare setting it up to talk to my ISP (BT)...wondered if you could help? This should have been the easy bit! So set up the ATM port as PPPoA AAL5MUX 0/38, CHAP with my (BT) username etc. Diag report for IP neg indicates that the ATM got an IP address - good, but checking and ping fine to the outside on the other hand, when I enter all the above commands manually using the command-line in a Hyper Terminal session instead of using the SDM, please see config I have attached, with any sensitive bits changed (username, password, etc)I cannot seem to find how to do this and am a little lost feeling slightly stupid now, but any suggestions on what to try any ideas?

  • #2
    Re: Cisco 877 adsl Router config problem (PPPoA ADSL).

    My current 877 config is below. Not BT broadband but still on the BT network. This was entered via command line - I don't use SDM. Compare your config (not attached to your post) with mine and look for obvious differences. There's stuff in mine that you won't need of course, but hopefully you can pick out the right bits.

    Shout if you get stuck.


    Jim

    Code:
    !
    version 12.4
    no service pad
    service timestamps debug datetime msec localtime
    service timestamps log datetime msec localtime
    service password-encryption
    service internal
    !
    hostname Cisco877
    !
    boot-start-marker
    boot system flash:c870-advipservicesk9-mz.124-24.T4.bin
    boot-end-marker
    !
    logging message-counter syslog
    logging buffered 16386
    logging rate-limit 100 except warnings
    no logging console
    no logging monitor
    enable secret 5 
    !
    aaa new-model
    !
    !
    aaa authentication login default local
    aaa authentication ppp default local
    !
    !
    aaa session-id common
    clock timezone GMT 0
    clock summer-time GMT recurring
    !
    !
    dot11 syslog
    ip source-route
    !
    !
    !
    !
    no ip cef
    ip domain name XXXX.local
    ip inspect log drop-pkt
    ip inspect name firewall tcp timeout 3600
    ip inspect name firewall udp timeout 3600
    login block-for 180 attempts 3 within 180
    login on-failure log
    login on-success log
    no ipv6 cef
    !
    multilink bundle-name authenticated
    !
    vpdn enable
    !
    vpdn-group 1
    ! Default PPTP VPDN group
     accept-dialin
      protocol pptp
      virtual-template 1
    !
    !
    !
    object-group network og-L1-Allow-NTP 
     description Allow NTP from these hosts
     host XX.X.XX.XX
    !
    object-group network og-L2-Allow-SSH 
     description Allow SSH from these hosts
     192.168.1.0 255.255.255.0
    !
    username X-X password 7 XX
    username X-X password 7 XX
    username X privilege 15 secret 5 XX
    ! 
    !
    !
    archive
     log config
      hidekeys
    !
    !
    ip ssh version 2
    
    track 10 ip sla 10 reachability
     delay down 180 up 10
    !
    track 20 ip sla 20 reachability
     delay down 180 up 10
    !
    !
    !
    interface ATM0
     description ADSL Connection
     no ip address
     no atm ilmi-keepalive
     pvc 0/38 
      encapsulation aal5mux ppp dialer
      dialer pool-member 1
     !
     dsl enable-training-log 
     dsl bitswap both
     hold-queue 200 in
    !
    interface FastEthernet0
    !
    interface FastEthernet1
    !
    interface FastEthernet2
    !
    interface FastEthernet3
    !
    interface Virtual-Template1
     ip unnumbered Vlan1
     ip nat inside
     ip virtual-reassembly
     peer default ip address pool VPNPOOL
     no keepalive
     ppp encrypt mppe auto required
     ppp authentication ms-chap-v2
    !
    interface Vlan1
     description  LAN
     ip address 192.168.1.1 255.255.255.0
     ip nat inside
     ip nat enable
     ip inspect firewall in
     ip virtual-reassembly
     ip tcp adjust-mss 1452
     hold-queue 100 in
     hold-queue 100 out
    !
    interface Dialer0
     bandwidth inherit
     ip address negotiated
     ip access-group acl-EXT-IN in
     ip access-group acl-EXT-OUT out
     ip nat outside
     ip virtual-reassembly
     encapsulation ppp
     ip tcp header-compression iphc-format
     ip tcp adjust-mss 1452
     dialer pool 1
     dialer-group 1
     no cdp enable
     ppp authentication pap chap callin
     ppp chap hostname [email protected]
     ppp chap password 7 XX
     ppp ipcp dns request
     ppp ipcp wins request
     ip rtp header-compression iphc-format
    !
    ip local pool VPNPOOL 192.168.1.251 192.168.1.253
    ip forward-protocol nd
    ip route 0.0.0.0 0.0.0.0 Dialer0
    no ip http server
    no ip http secure-server
    !
    !
    ip dns server
    no ip nat service sip udp port 5060
    ip nat inside source static tcp 192.168.1.50 25 interface Dialer0 25
    ip nat inside source static tcp 192.168.1.50 80 interface Dialer0 80
    ip nat inside source static tcp 192.168.1.50 443 interface Dialer0 443
    ip nat inside source static tcp 192.168.1.50 XX interface Dialer0 XX
    ip nat inside source static tcp 192.168.1.50 XX interface Dialer0 XX
    ip nat inside source static tcp 192.168.1.50 20 interface Dialer0 20
    ip nat inside source static tcp 192.168.1.50 21 interface Dialer0 21
    ip nat inside source static tcp 192.168.1.20 XX interface Dialer0 XX
    ip nat inside source static tcp 192.168.1.65 XX interface Dialer0 XX
    ip nat inside source list acl-NAT-Ranges interface Dialer0 overload
    !
    ip access-list standard acl-Allow-SNMP
     permit XX.XX.XX.XX
     permit XX.XX.XX.XX
     permit 192.168.1.0 0.0.0.255
     deny   any
    ip access-list standard acl-NAT-Ranges
     remark Define NAT internal ranges
     permit 192.168.1.0 0.0.0.255
    !
    ip access-list extended acl-EXT-IN
     remark Inbound external interface
     remark The below set the rfc1918 private exclusions
     deny   ip 192.168.0.0 0.0.255.255 any
     deny   ip 10.0.0.0 0.255.255.255 any
     remark Allow established sessions back in
     permit tcp any any established
     remark Any new ports opened in the IP NAT INSIDE SOURCE STATIC lines should also be added here
     permit tcp any any eq smtp
     permit tcp any any eq www
     permit udp object-group og-L1-Allow-NTP any eq ntp
     permit tcp object-group og-L2-Allow-SSH any eq 22 log
     permit tcp any any eq 443
     permit tcp any any eq XX
     permit tcp any any eq XX
     permit tcp any any eq XX
     permit tcp any any eq XX
     permit tcp any any eq ftp
     permit tcp any any eq ftp-data
     remark Passive FTP ports matching FTP Server config
     permit tcp any any range 50000 50050
     permit tcp any any eq 54321
     permit gre any any
     permit udp any eq domain any
     remark Standard acceptable icmp rules
     permit icmp any any echo
     permit icmp any any echo-reply
     permit icmp any any source-quench
     permit icmp any any packet-too-big
     permit icmp any any time-exceeded
     deny   ip any any
    ip access-list extended acl-EXT-OUT
     remark Allow all outbound IP
     permit ip any any
    !
    ip sla 10
     icmp-echo 8.8.8.8 source-interface Vlan1
     threshold 3000
     timeout 3000
     frequency 10
    ip sla schedule 10 life forever start-time now
    ip sla 20
     icmp-echo 208.67.222.222 source-interface Vlan1
     threshold 3000
     timeout 3000
     frequency 10
    ip sla schedule 20 life forever start-time now
    !
    ip access-list logging interval 10
    logging trap debugging
    logging facility local6
    logging 192.168.1.50
    dialer-list 1 protocol ip permit
    !
    !
    !
    !
    snmp-server community XX RO acl-Allow-SNMP
    !
    control-plane
    !
    !
    line con 0
     exec-timeout 0 0
     no modem enable
     transport output all
    line aux 0
     transport output all
    line vty 0 4
     exec-timeout 0 0
     privilege level 15
     length 40
     width 160
     transport input ssh
     transport output all
    !
    scheduler max-task-time 5000
    scheduler allocate 20000 1000
    ntp master
    ntp server 129.6.15.28
    event manager applet ema-ADSL-Down 
     event tag PingDown1 track 10 state down
     event tag PingDown2 track 20 state down
     trigger
      correlate event PingDown1 and event PingDown2
     action 10 syslog msg "********** WARNING! ADSL Line Down! **********"
     action 20 reload
    event manager applet ema-ADSL-Up 
     event tag PingUp1 track 10 state up
     event tag PingUp2 track 20 state up
     trigger
      correlate event PingUp1 or event PingUp2
     action 10 syslog msg "********** ADSL Line UP **********"
    !
    end
    Last edited by jimwillsher; 13th January 2011, 15:05.

    Comment


    • #3
      Re: Cisco 877 adsl Router config problem (PPPoA ADSL).

      Thanks for the reply, Iíll it Later and let you know .

      Comment


      • #4
        Re: Cisco 877 adsl Router config problem (PPPoA ADSL).

        Now then, hope youíre well

        Connectivity issues Sorted it now, FYI I have used the config you have post was entered via command line and for added security I've restricted the access to my own IP address...I suspect something on my firewall is blocking it, but I couldnít spot the problem I cannot seem to find how to do this and am a little lost but
        with your config I did Many Thanks you very much appreciated.

        Comment

        Working...
        X