11-23-2018 02:16 AM - edited 11-23-2018 02:21 AM
Dear Cisco Community,
I‘m working in a small business and where we just replaced our old IT infrastructure with newer and faster devices from cisco (namely a router (C1111-4P) and a switch) and I naively accepted to setting the system up yet I’m having a small problem that I hope you might be able o help me.
My Problem is a not working connection between our router and our ISP. (The routing within our network including multiple vlans is working fine, router and switch are already configured and working properly.)
As for our hardware setup; our Internet connection (ADSL) essentially goes into an ADSL-Modem and from there on goes into our Router. To write you this Message, I used another router from Asus (Model name: RT-N12EC1) and connected the outgoing Cable from the Modem to its WAN Port. The WAN configurations on the Asus router are fairly simple. All selections that I made were: “WAN-Connection type” : “PPPoE” and “PPP username & Password” : Username and Password given by ISP . Besides that there are some default configurations that I haven’t touched (NAT activated, WAN-IP automatic, UpnP activated, Internet Detection: PPP Echo). This Asus router wasn’t provided by our ISP, I use it just to test the Internet connection, which is working fine by the way, so my problem doesn’t seem to lie here.
Going on to the Cisco Router, I first tried to configure the Router via the serial connection using some suggested configurations that I found online. I tried multiple different configurations without fully understanding them so my Problem will likely be a result of these initial attempts to setting up the internet connection.
Eventually, I switched to the WEB-UI (Version: 16.9.1) which I found quite convenient for a non professional like myself.
When plugging in the Internet cable from the Modem, the “Operational Status” of the Adapter becomes green (in the serial interface it also states the the “Line Protocol is up”), yet no IP is assigned.
When clicking on the WAN-Port (GigabitEthernet0/0/1 in our case), another window opens to configuring the connection as seen below.
There, I enable PPPoE, select IPv4 (the Asus router also had only a IPv4 WAN-Address) and enter my username and my password (just as on the Asus router). I wasn’t sure whether I should select “PAP”, “CHAP” or both so I tried all 3 variants but none of them worked.
I also noticed that when selecting “Configure as LAN of WAN: WAN”, the WEBUI seems to automatically create a logical “Dialer 1” interface. So there seems to already be some automation working for the user.
For completeness, here is the relevant part (I think) from the “running-configuration” when selecting only “PAP” as connection type:
!
subscriber templating
multilink bundle-name authenticated
vpdn enable
!
vpdn-group 1
request-dialin
protocol pppoe
!
!
interface GigabitEthernet0/0/1
description DSL
no ip address
ip mtu 1492
ip nat outside
ip tcp adjust-mss 1412
negotiation auto
pppoe enable group global
pppoe-client dial-pool-number 1
!
interface GigabitEthernet0/0/1.1
encapsulation dot1Q 1 native
ip address 192.168.1.254 255.255.255.0
!
!
interface Vlan1
no ip address
!
interface Dialer1
ip address negotiated
ip nat outside
encapsulation ppp
ip tcp adjust-mss 1412
dialer pool 1
dialer idle-timeout 0
dialer persistent
dialer-group 1
ppp mtu adaptive
ppp authentication pap callin
ppp pap sent-username ar3330410844 password 0 ruqs9fpb
ppp ipcp dns request
!
ip nat inside source route-map track-primary-if interface Dialer1 overload
ip nat inside source list allow-nat interface GigabitEthernet0/0/1 overload
ip forward-protocol nd
ip http server
ip http authentication aaa
ip http secure-server
ip http tls-version TLSv1.0
ip route 0.0.0.0 0.0.0.0 192.168.1.1
ip route 0.0.0.0 0.0.0.0 Dialer1
ip ssh version 2
!
!
ip access-list extended allow-nat
permit ip any any
!
dialer-list 1 protocol ip permit
!
!
route-map track-primary-if permit 1
match ip address 197
set interface GigabitEthernet0/0/1 Dialer1
!
I don't know if this is the right place to ask this kind of question.
I'm also well aware that it would be smarter to hire a professional to help setting up our system but sadly this is not possible right know.
Does anyone have a suggestion what I might try to get the internet connection working?
As I mention before, there might be some configurations from previous attempts which cause the internet connection to fail. E.g. I don’t know if the “vpdn-group” is necessary and if not, how to delete it.
Is there a way to reset a specific Port ( 0/0/0 in this case), the Dialer and the dialer-group, without resetting the entire router?
(This would help me to test different configurations without having to worry that previous configurations interfere with my current one.
In any case I would like to thank you in advance for your time even if you cannot help me with my problem.
regards
Tobias
11-24-2018 11:55 AM
Hello,
your configuration would be fine if:
1. you would not use the ADSL modem at all, but connect the Cisco directly to the ISP line
2. you would put the ADSL modem in bridge mode (which model do you have ?)
As it is now, all your NAT and PPP will be done on the ADSL, so your configuration can be greatly simplified to the one below, which basically makes your router another LAN client, and performs what is called double NAT (NAT on your router and then NAT on the ADSL modem):
interface GigabitEthernet0/0/1
description DSL
ip address dhcp
ip mtu 1492
ip nat outside
ip tcp adjust-mss 1412
!
interface GigabitEthernet0/0/1.1
encapsulation dot1Q 1 native
ip address 192.168.1.254 255.255.255.0
ip nat inside
!
ip nat inside source list 1 interface GigabitEthernet0/0/1 overload
!
ip forward-protocol nd
ip http server
ip http authentication aaa
ip http secure-server
ip http tls-version TLSv1.0
!
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0/1 dhcp
!
access-list 1 permit 192.168.1.0
ip ssh version 2
11-28-2018 07:06 AM - edited 11-28-2018 07:12 AM
First of all, thank you for your help!
Sadly tho, wasn't able to connect the router to the Internet yet.
1.
Not using the ADSL Modem and connecting the Cisco router directly to the ISP did not work. When doing so, in the webui it states that the "operational status" of the port is down, the optical lights of the port are off and in the serial terminal it also states that the "line protocol" is off.
I'd like to mention that in an official prospect from Cisco (Link: https://www.cisco.com/c/en/us/products/collateral/routers/1000-series-integrated-services-routers-isr/datasheet-c78-739512.pdf , page 8/22) it says that for our Model , the C1111-4P, the ADSL2 module would be Not Available. So I'm not sure if this would work anyway.
2.
Our Modem is a little bit older, it's an "Arcor-DSL Speed-Modem 200". I wasn't able to get a data sheet for it but from some older posts I found out that it is apparently unmanaged, and I believe that it doesn't have an IP address or any configurations that can be changed.
While experimenting with our other router, I also didn't find any feature that the modem has or does with the ISP line. The internet access and IP negotiation seems to be done exclusively on the router. When selecting something different that the automated PPPoE option (with username and password), there was no IP assigned to the Router.
A new problem I encountered is that even when connecting the cisco Router to our other router and change the adapters IP to DHCP, it still doesn't assign an IP to the Port and a computer connected to the cisco router can't reach the "outer" network. Even tho the router can be reached from the other router / outer network (via the IP of the vlan of the WAN port, 0/0/1.1). Even more so, the port the also has the operational status "down" and doesn't light up while being connected to the other router.
Maybe this is related to my Internet problem!? Why won't the cisco router assign the 0/0/1 Port any IP address? And why is the port the status "down" while being connected? Does it need to be switched "up" manually somehow? And is there maybe a more extensive manual that I could look into?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide