2811 using sub-interfaces and PPPOE on ADSL

chrismic1995 · ‎04-27-2013

Hello everybody, I am trying to get my Cisco 2811 to authenticate four DSL connections and load balance them by attaching the four DSL to a switch (each DSL going to a seperate VLAN) and then trunking all four VLAN's to a ethernet interface on the 2811. My issue, I can not get more than one DSL to authenticate at a time, for example Dialer1 will connect and then it will disconnect and Dialer2 will connect, etc... I have the modems in bridge mode and I am using seperate user/pass for each DSL account and I have verified that the user/pass are correct.

Below is my config from the router and a couple of messages that came across the console.

Can I even do what I am trying to accomplish?

Thanks,

Chris

*Apr 27 01:12:11.915: %DIALER-6-UNBIND: Interface Vi2 unbound from profile Di1

*Apr 27 01:12:11.927: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to down

*Apr 27 01:12:11.931: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access2, changed state to down

*Apr 27 01:12:14.083: %DIALER-6-BIND: Interface Vi2 bound to profile Di2

*Apr 27 01:12:14.087: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up

*Apr 27 01:12:14.251: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access2, changed state to up

*Apr 27 01:12:32.139: %DIALER-6-UNBIND: Interface Vi2 unbound from profile Di2

*Apr 27 01:12:32.147: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to down

*Apr 27 01:12:32.151: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access2, changed state to down

*Apr 27 01:12:34.299: %DIALER-6-BIND: Interface Vi2 bound to profile Di1

*Apr 27 01:12:34.307: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up

*Apr 27 01:12:34.459: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access2, changed state to up

Router#show run

Building configuration...

Current configuration : 3648 bytes

!

version 15.1

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Router

!

boot-start-marker

boot-end-marker

!

no aaa new-model

!

dot11 syslog

ip source-route

!

ip cef

!

ip dhcp excluded-address 172.20.1.1

!

ip dhcp pool client

network 172.20.1.0 255.255.255.0

dns-server 8.8.8.8

default-router 172.20.1.1

!

no ipv6 cef

multilink bundle-name authenticated

!

voice-card 0

!

crypto pki token default removal timeout 0

!

license udi pid CISCO2811 sn FTX1041A1B5

username test privilege 15 secret 4 554Nq1aum3M01wRZ6FSR6rROZ6s/k8xo9EBYady0t6o

!

interface FastEthernet0/0

description LAN

ip address 172.20.1.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

duplex auto

speed auto

!

interface FastEthernet0/1

no ip address

duplex auto

speed auto

!

interface FastEthernet0/1.11

encapsulation dot1Q 11

pppoe enable group global

pppoe-client dial-pool-number 1

!

interface FastEthernet0/1.12

encapsulation dot1Q 12

pppoe enable group global

pppoe-client dial-pool-number 2

!

interface FastEthernet0/1.13

encapsulation dot1Q 13

pppoe enable group global

pppoe-client dial-pool-number 3

!

interface FastEthernet0/1.14

encapsulation dot1Q 14

pppoe enable group global

pppoe-client dial-pool-number 4

!

interface Dialer1

ip address negotiated

ip mtu 1452

ip nat outside

ip virtual-reassembly in

encapsulation ppp

ip tcp adjust-mss 1452

dialer pool 1

ppp authentication chap pap callin

ppp chap hostname XXXX

ppp chap password 0 XXXX

ppp pap sent-username XXXX password 0 XXXX

!

interface Dialer2

ip address negotiated

ip mtu 1452

ip nat outside

ip virtual-reassembly in

encapsulation ppp

ip tcp adjust-mss 1452

dialer pool 2

ppp authentication chap pap callin

ppp chap hostname XXXX

ppp chap password 0 XXXX

ppp pap sent-username XXXX password 0 XXXX

!

interface Dialer3

ip address negotiated

ip mtu 1452

ip nat outside

ip virtual-reassembly in

encapsulation ppp

ip tcp adjust-mss 1452

dialer pool 3

ppp authentication chap pap callin

ppp chap hostname XXXX

ppp chap password 0 XXXX

ppp pap sent-username XXXX password 0 XXXX

!

interface Dialer4

ip address negotiated

ip mtu 1452

ip nat outside

ip virtual-reassembly in

encapsulation ppp

ip tcp adjust-mss 1452

dialer pool 4

ppp authentication chap pap callin

ppp chap hostname XXXX

ppp chap password 0 XXXX

ppp pap sent-username XXXX password 0 XXXX

!

ip forward-protocol nd

no ip http server

no ip http secure-server

!

ip nat inside source route-map DIAL1 interface Dialer1 overload

ip nat inside source route-map DIAL2 interface Dialer2 overload

ip nat inside source route-map DIAL3 interface Dialer3 overload

ip nat inside source route-map DIAL4 interface Dialer4 overload

ip route 0.0.0.0 0.0.0.0 Dialer1

ip route 0.0.0.0 0.0.0.0 Dialer2

ip route 0.0.0.0 0.0.0.0 Dialer3

ip route 0.0.0.0 0.0.0.0 Dialer4

!

access-list 1 permit 172.20.1.0 0.0.0.255

!

route-map DIAL1 permit 10

match ip address 1

match interface Dialer1

!

route-map DIAL2 permit 10

match ip address 1

match interface Dialer2

!

route-map DIAL3 permit 10

match ip address 1

match interface Dialer3

!

route-map DIAL4 permit 10

match ip address 1

match interface Dialer4

!

control-plane

!

mgcp profile default

!

line con 0

line aux 0

line vty 0 4

login local

transport input all

!

scheduler allocate 20000 1000

end

Router#

paolo bevilacqua · ‎04-27-2013

Try updating IOS.

chrismic1995 · ‎04-28-2013

Paolo, does my config look correct? Is it possible to authenticate 4 DSL's on subinterfaces? Do you know what IOS works, I only have 256M or RAM, at this time I can not go to the lateset 15 IOS but I should be able to upgrade a couple small steps.

paolo bevilacqua · ‎04-28-2013

Report again when you have been able to update. You can easily add the needed memory.

chrismic1995 · ‎04-30-2013

I was wrong about the IOS, I am at the latest for the 2811? Anybody have any thougths on this, is it possible, is my config wrong?

Router#show version

Cisco IOS Software, 2800 Software (C2800NM-ENTSERVICESK9-M), Version 15.1(4)M6, RELEASE SOFTWARE (fc2)

Technical Support: _http://www.cisco.com/techsupport

Compiled Thu 14-Feb-13 04:14 by prod_rel_team

ROM: System Bootstrap, Version 12.4(1r) [hqluong 1r], RELEASE SOFTWARE (fc1)

Router uptime is 3 days, 23 hours, 41 minutes

System returned to ROM by reload at 00:15:02 UTC Sat Apr 27 2013

System image file is "flash:c2800nm-entservicesk9-mz.151-4.M6.bin"

Last reload type: Normal Reload

This product contains cryptographic features and is subject to United

States and local country laws governing import, export, transfer and

use. Delivery of Cisco cryptographic products does not imply

third-party authority to import, export, distribute or use encryption.

Importers, exporters, distributors and users are responsible for

compliance with U.S. and local country laws. By using this product you

agree to comply with applicable laws and regulations. If you are unable

to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:

_http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to

export@cisco.com.

Cisco 2811 (revision 1.0) with 249856K/12288K bytes of memory.

Processor board ID

2 FastEthernet interfaces

DRAM configuration is 64 bits wide with parity enabled.

239K bytes of non-volatile configuration memory.

62720K bytes of ATA CompactFlash (Read/Write)

Configuration register is 0x2102

Router#

paolo bevilacqua · ‎04-30-2013

It is latest.

Try pppoe config on a separate physical interface. It can co-exist with IP address and the interface working normally.

chrismic1995 · ‎04-30-2013

Sorry, I am trying to follow...

Do you want me to swap my LAN physical interface with my WAN (PPPOE) sub interface?

I do not have enough physical interfaces to do two PPPOE sessions and have a LAN physical interface at the same time, or do you want me to get rid of my LAN interface and use both physical interfaces (as a test) as the PPPOE dialer?

Just an FYI I am able to get one PPPOE session to work correctly on a sub-interface, when it is the only dialer built in the config.

Thanks for you help Paolo....

CM

paolo bevilacqua · ‎04-30-2013

What I'm saying is that you can try putting pppoe on two physical interfaces and that should allow you to have multiple sessions. The if that works you would need a 2 FE card to host 4 pppoe interfaces.

One inerface wil be shared with internal LAN, so you will have to use a switch for that.

Another possibility that will bring better results, is to use HWIC ADSL cards instead of external modems.