1812 PPPoE problem

boborg.13 · ‎09-30-2011

hello!

i'm having a problem establishing a pppoe session with a 1812 router. i've tried everything i could find online, even contacted the isp (all they said was that the modem should be in bridge mode, which it is)...

debug information puts out only

Sep 30 19:51:32: padi timer expired

Sep 30 19:51:32: Sending PADI: Interface = FastEthernet1

Sep 30 19:51:32: pppoe_send_padi:

FF FF FF FF FF FF 00 16 C8 18 31 39 88 63 11 09

00 00 00 0C 01 01 00 00 01 03 00 04 85 14 0B 60 ...

show ver and show run from the router

Cisco IOS Software, C181X Software (C181X-ADVENTERPRISEK9-M), Version 12.4(15)T3, RELEASE SOFTWARE (fc1)

Technical Support: http://www.cisco.com/techsupport

Compiled Thu 24-Jan-08 13:05 by prod_rel_team

ROM: System Bootstrap, Version 12.3(8r)YH5, RELEASE SOFTWARE (fc1)

kronik uptime is 18 minutes

System returned to ROM by power-on

System restarted at 18:53:28 CET-SUMMER Fri Sep 30 2011

System image file is "flash:c181x-adventerprisek9-mz.124-15.T3.bin"

kronik#show run

Building configuration...

Current configuration : 5070 bytes

!

! Last configuration change at 19:09:57 CET-SUM Fri Sep 30 2011

! NVRAM config last updated at 19:11:18 CET-SUM Fri Sep 30 2011

!

version 12.4

service timestamps debug datetime localtime

service timestamps log datetime localtime

service password-encryption

!

hostname kronik

!

boot-start-marker

warm-reboot

boot-end-marker

!

security authentication failure rate 3 log

logging userinfo

logging buffered 30000

logging monitor warnings

!

no aaa new-model

clock timezone CET 1

clock summer-time CET-SUMMER recurring last Sun Mar 2:00 last Sun Oct 3:00

!

no ip gratuitous-arps

!

ip cef

no ip dhcp use vrf connected

ip dhcp excluded-address 10.6.66.1 10.6.66.20

!

ip dhcp pool ###LAN###

network 10.6.66.0 255.255.255.0

default-router 10.6.66.1

dns-server 195.29.150.3 213.147.96.3 4.2.2.2

lease infinite

!

no ip domain lookup

ip auth-proxy max-nodata-conns 3

ip admission max-nodata-conns 3

login block-for 120 attempts 3 within 30

login on-failure log

!

multilink bundle-name authenticated

!

spanning-tree vlan 1 priority 8192

spanning-tree vlan 666 priority 8192

!

archive

log config

hidekeys

!

bba-group pppoe global

!

interface FastEthernet0

no ip address

duplex auto

speed auto

no cdp enable

!

interface FastEthernet1

description ### WAN ###

no ip address

duplex auto

speed auto

pppoe enable group global

pppoe-client dial-pool-number 10

no cdp enable

!

interface BRI0

no ip address

encapsulation hdlc

shutdown

!

interface FastEthernet2

switchport access vlan 666

!

interface FastEthernet3

!

interface FastEthernet4

!

interface FastEthernet5

!

interface FastEthernet6

!

interface FastEthernet7

!

interface FastEthernet8

description ### LINK NA sw04 ###

switchport mode trunk

!

interface FastEthernet9

description ### LINK NA sw01 ###

switchport mode trunk

!

interface Vlan1

no ip address

shutdown

!

interface Vlan666

description LAN

ip address 10.6.66.1 255.255.255.0

ip helper-address 10.6.66.1

ip nat inside

ip virtual-reassembly

!

interface Dialer10

ip address negotiated

ip mtu 1492

ip nat outside

ip virtual-reassembly

encapsulation ppp

ip tcp adjust-mss 1400

dialer pool 10

dialer-group 10

no cdp enable

ppp authentication pap chap

ppp chap hostname xxxxxx

ppp chap password xxxxxx

ppp pap sent-username xxxxxx password xxxxxx

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 Dialer10

!

no ip http server

ip http secure-server

ip nat inside source list NAT_ADRESE interface Dialer10 overload

!

ip access-list extended NAT_ADRESE

permit ip any any log

!

dialer-list 10 protocol ip permit

!

control-plane

!

alias exec s show ip int brief

alias exec r show ip route

!

line con 0

privilege level 15

logging synchronous

line aux 0

line vty 0 4

privilege level 5

logging synchronous

login local

terminal-type monitor

transport input ssh

line vty 5 15

privilege level 5

logging synchronous

login local

terminal-type monitor

transport input ssh

!

ntp master

end

i am going crayz bit by bit....

Peter Paluch · ‎09-30-2011

Hello bobo,

Keep cool I hope we will get it going.

Can you please start by explaining in more detail how is the router connected to the PPPoE service? Is there an ADSL modem connected to your Fa1 interface? What kind of modem is it?

Best regards,

Peter

boborg.13 · ‎09-30-2011

yes, it is an ADSL modem (siemens gigaset sx 763), connected to fa1 on the 1812

Peter Paluch · ‎09-30-2011

Hello bobo,

The Gigaset SX 763, according to the manuals I have been able to find, is not an ADSL modem but rather a full ADSL router. Its internal Ethernet ports are routed and do not run PPPoE. If you want to access an ADSL service, you have to configure it on the SX. You do not even need the 1812 as the SX is already performing routing and NAT functions. If you still want to use the 1812, you will need to configure it for plaing IP routing without PPPoE.

I hope I have understood you correctly here - you want to connect over the 1812 and SX to an ADSL service. Is this correct?

Best regards,

Peter

boborg.13 · ‎10-01-2011

yes, you are correct, i want the 1812 to establish pppoe, perform nat and firewall functions, the sx should just be the bridge to the isp. i turned off all of those fuctions on the sx.

i can not find a combination that works, the router is not receiving pado from the isp...

now i just remembered, the sx has a pbr option, one can either turn it off, or set the fe ports for internet/voice/mgmnt. i haven't tried turning the pbr off. if that does not work i will contact the isp again....

Peter Paluch · ‎10-01-2011

Hello bobo,

I am afraid that you are trying something that is not supported by your SX. You see, the SX is already a (more or less) fully-fledged ADSL router. The PPPoE client is built into it and the entire SX is meant to provide ADSL/PPPoE connectivity without needing any other external device. What you are probably trying is to "degrade" the SX to a mere ADSL modem with Ethernet port on one end and ADSL port on the other. I am not sure if that is possible with the SX model you have. Please do have a very good look into the documentation before even wasting your time to do something that may not be possible with the SX at all.

Best regards,

Peter

boborg.13 · ‎10-05-2011

well, the mistery is finnaly solved!

there was an issue with the modem, not all of the ports were designated as "internet ports", 2 were meant to be used for iptv (which i don't use), even though one could not see this in the settings of the modem, they were all configured for internet. that was the first problem

after that i could not get the my router to authenicate to the isp, and the debug ppp authenentication gave me this

Oct 4 20:48:40: %DIALER-6-BIND: Interface Vi2 bound to profile Di10

Oct 4 20:48:40: Vi2 PPP: Using dialer call direction

Oct 4 20:48:40: Vi2 PPP: Treating connection as a callout

Oct 4 20:48:40: Vi2 PPP: Session handle[3000000B] Session id[0]

Oct 4 20:48:40: Vi2 PPP: Authorization required

so i google a little bit and found that that i should aply the ppp authentication pap callin command! so i did. and it works now!

it seems a bit unlogical to me because the isp does not have to authenticate to my router, but still, i'm a lot happier now!

thanks everyone for the help!