Hey,

I'm using AT&T.  I just tried to use ppp, which is one of the choices.  It accepts it but then says: 

*Mar 2 20:12:39.115: Cellular0/2/0: Unsupported encap type

Could I have a bad initial config somewhere?

Hello,

you could use SLIP on the physical cellular interface, bind it to a dialer interface, and use PPP on the dialer, as in the example below:

interface Cellular0/0/0

ip address negotiated

ip nat outside

ip virtual-reassembly in

encapsulation slip

dialer in-band

dialer pool-member 1

dialer-group 1

async mode interactive

routing dynamic

!

interface Dialer1

ip address negotiated

ip nat outside

ip virtual-reassembly in

encapsulation ppp

dialer pool 1

dialer idle-timeout 0

dialer string lte

dialer persistent

dialer-group 1

ppp authentication pap callin

ppp pap sent-username yourusername password 0 yourpassoword

ppp ipcp dns request

Hey George,

This is how I configured my int as it stands right now.  So when I tried to encapsulate here it didn't give me the SLIP option.  Are you saying I do need the username and password I was under the impression that since AT&T sent the SIM card unlocked that wouldn't be necessary.

interface Cellular0/2/0
description INET4G FAILOVER VPN
bandwidth 2000
ip address negotiated
no ip unreachables
ip access-group ACL-INET-PUBLIC-4G in
shutdown
dialer in-band
dialer idle-timeout 30
dialer watch-group 1
pulse-time 1
ip virtual-reassembly

Hello,

I assume the 'shutdown' is not in your active config ?

Can you post the full config, as well as the output of 'debug ppp negotiation' ?

Haven't set up the DMVPN yet and I probably have some holes somewhere else to but I got a little turned around with the docs I read.  Also if my data pool is coming from a dhcp server in another location do I need to set up a pool on the router or would the ip helper suffice?

Current configuration : 6004 bytes
!
! Last configuration change at 14:27:28 CDT Fri Mar 2 2018 by admin
!
version 15.5
service timestamps debug datetime msec
service timestamps log datetime msec
no platform punt-keepalive disable-kernel-core
!
hostname LENA_LAPORTE_WAN_RTR01
!
boot-start-marker
boot-end-marker
!
!
vrf definition IWAN-TRANSPORT-5
!
address-family ipv4
exit-address-family
!
vrf definition Mgmt-intf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
! card type command needed for slot/bay 0/1
!
aaa new-model
!
!
aaa group server tacacs+ TAC_PLUS
server name AUTH
!
aaa authentication login default group AUTH local
aaa authorization console
aaa authorization exec default group AUTH local
!
!
!
!
!
!
aaa session-id common
clock timezone CDT -6 0
clock summer-time CDT recurring
!

!
!
!

no ip domain lookup
ip domain name le.grp
ip dhcp excluded-address 10.217.255.1 10.217.255.10
!
ip dhcp pool VOICE
network 10.217.255.0 255.255.255.128
default-router 10.217.255.1
domain-name name.name
option 150 ip 10.217.245.20
!
!
!
!
!
!
!
!
!
!
subscriber templating
!
multilink bundle-name authenticated
!
flow record NetFlow-to-Orion
match ipv4 tos
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
match interface input
collect interface output
collect counter bytes long
collect counter packets long
!
!
flow exporter NewFlow-to-Orion
destination 10.62.80.52
source GigabitEthernet0/0/0
transport udp 2055
!
!
flow monitor NetFlow-to-Orion
cache timeout active 60
record NetFlow-to-Orion
!
!
!
!
!
chat-script script LTE "" "AT!CALL1" TIMEOUT 30 "OK"
!
!
!
!
!
!
!
!
!
!
!
voice-card 0/4
no watchdog
!
license udi pid ISR4451-X/K9 sn FOC214675UN
!
spanning-tree extend system-id
!
username admin privilege 15 secret 5 $1$O9k1$ZfXH7/DQAyBRW2yVodQrH1
!
redundancy
mode none
!
!
!
!
controller Cellular 0/2/0
lte modem link-recovery rssi onset-threshold -110
lte modem link-recovery monitor-timer 20
lte modem link-recovery wait-timer 10
lte modem link-recovery debounce-count 6
!
!
vlan internal allocation policy ascending
!
!
!
!
!
!
!
crypto isakmp policy 10
encr aes 256
hash sha512
authentication pre-share
group 16
crypto isakmp key (key string) address (Pub add.) INET-PUB no-xauth
!
!
crypto ipsec transform-set LE_LAN_VPN esp-aes 256
mode tunnel
no crypto ipsec nat-transparency udp-encapsulation
!
!
!
crypto map LE_LAN_VPN 10 ipsec-isakmp
! Incomplete
set peer (Pub add.)
! access-list has not been configured yet
set transform-set LE_LAN_VPN
match address VPN-GRE
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
description GRE LOOPBACK FOR CRYPTO BINDING
ip address 10.69.248.9 255.255.255.255
ip pim sparse-mode
!
interface Tunnel1
description GRE over VPN to TULSA
bandwidth 2000
ip address 10.69.253.69 255.255.255.252
no ip redirects
ip mtu 1400
ip nhrp authentication (shared key)
ip nhrp network-id 1
ip nhrp holdtime 600
ip nhrp nhs 10.69.253.70 nbma (Pub add.) multicast
ip nhrp registration no-unique
ip nhrp shortcut
ip tcp adjust-mss 1360
if-state nhrp
tunnel source Cellular0/2/0
tunnel mode gre multipoint
tunnel key 2
tunnel vrf IWAN-TRANSPORT-5
!
interface GigabitEthernet0/0/0
description LAPORTE LINK TO CORE
no ip address
media-type sfp
negotiation auto
!
interface GigabitEthernet0/0/0.10
encapsulation dot1Q 10
ip address 10.69.127.1 255.255.255.0
!
interface GigabitEthernet0/0/0.20
encapsulation dot1Q 20
ip address 10.217.255.1 255.255.255.128
!
interface GigabitEthernet0/0/1
description LENA WAN UPLINK
no ip address
negotiation auto
!
interface GigabitEthernet0/0/1.800
description LENA REGIONAL - COX TAG 800
encapsulation dot1Q 800
ip address 10.69.250.8 255.255.255.0
no cdp enable
!
interface GigabitEthernet0/0/2
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0/0/3
no ip address
shutdown
negotiation auto
!
interface Cellular0/2/0
description INET4G FAILOVER VPN
bandwidth 2000
ip address negotiated
no ip unreachables
ip access-group ACL-INET-PUBLIC-4G in
shutdown
dialer in-band
dialer idle-timeout 30
dialer watch-group 1
pulse-time 1
ip virtual-reassembly
!
interface Cellular0/2/1
no ip address
!
interface Service-Engine0/4/0
!
interface GigabitEthernet0
vrf forwarding Mgmt-intf
no ip address
shutdown
negotiation auto
!
interface Vlan1
no ip address
shutdown
!
!
router eigrp 100
network 10.69.127.0 0.0.0.255
network 10.69.250.0 0.0.0.255
redistribute static
!
ip forward-protocol nd
no ip http server
no ip http secure-server
ip tftp source-interface GigabitEthernet0
ip route vrf IWAN-TRANSPORT-5 0.0.0.0 0.0.0.0 Cellular0/2/0
ip ssh version 2
ip scp server enable
!
!
ip access-list extended ACL-INET-PUBLIC-4G
permit udp any any eq non500-isakmp
permit udp any any eq isakmp
permit esp any any
permit udp any any eq bootpc
permit icmp any any echo
permit icmp any any echo-reply
permit icmp any any ttl-exceeded
permit icmp any any port-unreachable
permit udp any any gt 1023 ttl eq 1
ip access-list extended VPN-GRE
!
access-list 99 permit 10.62.80.52
access-list 99 deny any log
dialer watch-list 1 ip 127.0.0.255 255.255.255.255
dialer watch-list 1 delay route-check initial 60
dialer watch-list 1 delay connect 1
!
snmp-server community LE-Solarwinds RO 99

snmp-server host 10.62.80.52 version 2c LE-Solarwinds
!
tacacs-server directed-request
tacacs server AUTH
address ipv4 10.62.80.250
!
!
!
control-plane
!
!
!
!
!
!
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
!
mgcp profile default
!
!
!
!
!
!
line con 0
password 
logging synchronous
stopbits 1
line aux 0
stopbits 1
line vty 0 4
password
transport input all
line vty 5 15
transport input all
!
!
end

Hello,

I have added a few things to your config (in bold) which are necessary for your 4G to work:

Current configuration : 6004 bytes
!
! Last configuration change at 14:27:28 CDT Fri Mar 2 2018 by admin
!
version 15.5
service timestamps debug datetime msec
service timestamps log datetime msec
no platform punt-keepalive disable-kernel-core
!
hostname LENA_LAPORTE_WAN_RTR01
!
boot-start-marker
boot-end-marker
!
vrf definition IWAN-TRANSPORT-5
!
address-family ipv4
exit-address-family
!
vrf definition Mgmt-intf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
! card type command needed for slot/bay 0/1
!
aaa new-model
!
aaa group server tacacs+ TAC_PLUS
server name AUTH
!
aaa authentication login default group AUTH local
aaa authorization console
aaa authorization exec default group AUTH local
!
aaa session-id common
clock timezone CDT -6 0
clock summer-time CDT recurring
!
no ip domain lookup
ip domain name le.grp
ip dhcp excluded-address 10.217.255.1 10.217.255.10
!
ip dhcp pool VOICE
network 10.217.255.0 255.255.255.128
default-router 10.217.255.1
domain-name name.name
option 150 ip 10.217.245.20
!
subscriber templating
!
multilink bundle-name authenticated
!
flow record NetFlow-to-Orion
match ipv4 tos
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
match interface input
collect interface output
collect counter bytes long
collect counter packets long
!
!
flow exporter NewFlow-to-Orion
destination 10.62.80.52
source GigabitEthernet0/0/0
transport udp 2055
!
flow monitor NetFlow-to-Orion
cache timeout active 60
record NetFlow-to-Orion
!
chat-script script LTE "" "AT!CALL1" TIMEOUT 30 "OK"
!
voice-card 0/4
no watchdog
!
license udi pid ISR4451-X/K9 sn FOC214675UN
!
spanning-tree extend system-id
!
username admin privilege 15 secret 5 $1$O9k1$ZfXH7/DQAyBRW2yVodQrH1
!
redundancy
mode none
!
controller Cellular 0/2/0
lte modem link-recovery rssi onset-threshold -110
lte modem link-recovery monitor-timer 20
lte modem link-recovery wait-timer 10
lte modem link-recovery debounce-count 6
!
vlan internal allocation policy ascending
!
crypto isakmp policy 10
encr aes 256
hash sha512
authentication pre-share
group 16
crypto isakmp key (key string) address (Pub add.) INET-PUB no-xauth
!
!
crypto ipsec transform-set LE_LAN_VPN esp-aes 256
mode tunnel
no crypto ipsec nat-transparency udp-encapsulation
!
crypto map LE_LAN_VPN 10 ipsec-isakmp
! Incomplete
set peer (Pub add.)
! access-list has not been configured yet
set transform-set LE_LAN_VPN
match address VPN-GRE
!
interface Loopback0
description GRE LOOPBACK FOR CRYPTO BINDING
ip address 10.69.248.9 255.255.255.255
ip pim sparse-mode
!
interface Tunnel1
description GRE over VPN to TULSA
bandwidth 2000
ip address 10.69.253.69 255.255.255.252
no ip redirects
ip mtu 1400
ip nhrp authentication (shared key)
ip nhrp network-id 1
ip nhrp holdtime 600
ip nhrp nhs 10.69.253.70 nbma (Pub add.) multicast
ip nhrp registration no-unique
ip nhrp shortcut
ip tcp adjust-mss 1360
if-state nhrp
tunnel source Cellular0/2/0
tunnel mode gre multipoint
tunnel key 2
tunnel vrf IWAN-TRANSPORT-5
!
interface GigabitEthernet0/0/0
description LAPORTE LINK TO CORE
no ip address
media-type sfp
negotiation auto
!
interface GigabitEthernet0/0/0.10
encapsulation dot1Q 10
ip address 10.69.127.1 255.255.255.0
!
interface GigabitEthernet0/0/0.20
encapsulation dot1Q 20
ip address 10.217.255.1 255.255.255.128
!
interface GigabitEthernet0/0/1
description LENA WAN UPLINK
no ip address
negotiation auto
!
interface GigabitEthernet0/0/1.800
description LENA REGIONAL - COX TAG 800
encapsulation dot1Q 800
ip address 10.69.250.8 255.255.255.0
no cdp enable
!
interface GigabitEthernet0/0/2
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0/0/3
no ip address
shutdown
negotiation auto
!
interface Cellular0/2/0
description INET4G FAILOVER VPN
bandwidth 2000
ip address negotiated
no ip unreachables
ip access-group ACL-INET-PUBLIC-4G in
dialer string LTE
dialer in-band
dialer idle-timeout 30
dialer watch-group 1
async mode interactive
pulse-time 1
ip virtual-reassembly
!
interface Cellular0/2/1
no ip address
!
interface Service-Engine0/4/0
!
interface GigabitEthernet0
vrf forwarding Mgmt-intf
no ip address
shutdown
negotiation auto
!
interface Vlan1
no ip address
shutdown
!
router eigrp 100
network 10.69.127.0 0.0.0.255
network 10.69.250.0 0.0.0.255
redistribute static
!
ip forward-protocol nd
no ip http server
no ip http secure-server
ip tftp source-interface GigabitEthernet0
ip route vrf IWAN-TRANSPORT-5 0.0.0.0 0.0.0.0 Cellular0/2/0
ip ssh version 2
ip scp server enable
!
ip access-list extended ACL-INET-PUBLIC-4G
permit udp any any eq non500-isakmp
permit udp any any eq isakmp
permit esp any any
permit udp any any eq bootpc
permit icmp any any echo
permit icmp any any echo-reply
permit icmp any any ttl-exceeded
permit icmp any any port-unreachable
permit udp any any gt 1023 ttl eq 1
ip access-list extended VPN-GRE
!
access-list 99 permit 10.62.80.52
access-list 99 deny any log
dialer watch-list 1 ip 127.0.0.255 255.255.255.255
dialer watch-list 1 delay route-check initial 60
dialer watch-list 1 delay connect 1
!
snmp-server community LE-Solarwinds RO 99
snmp-server host 10.62.80.52 version 2c LE-Solarwinds
!
tacacs-server directed-request
tacacs server AUTH
address ipv4 10.62.80.250
!
control-plane
!
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
!
mgcp profile default
!
line con 0
password
logging synchronous
stopbits 1
line aux 0
stopbits 1
line vty 0 4
password
transport input all
line vty 5 15
transport input all
!
line 0/2/0
exec-timeout 0 0
script dialer LTE
login
modem InOut
end

Yes the one you added in bold were also unavailable for me to add.  There was no string command after dialer and async wasn't an option under my int cell0/2/0....When putting the line command in I get this: 

No physical hardware support for line 26

Hello,

can you post the output of 'sh ver', or do you know which 4G NIM you have ?

It's a 4G LTE-NA.  Sorry still new trying to learn trial by fire sort of.

Cisco IOS XE Software, Version 03.16.04b.S - Extended Support Release
Cisco IOS Software, ISR Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 15.5(3)S4b, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2016 by Cisco Systems, Inc.
Compiled Mon 17-Oct-16 20:23 by mcpre

Cisco IOS-XE software, Copyright (c) 2005-2016 by cisco Systems, Inc.
All rights reserved. Certain components of Cisco IOS-XE software are
licensed under the GNU General Public License ("GPL") Version 2.0. The
software code licensed under GPL Version 2.0 is free software that comes
with ABSOLUTELY NO WARRANTY. You can redistribute and/or modify such
GPL code under the terms of GPL Version 2.0. For more details, see the
documentation or "License Notice" file accompanying the IOS-XE software,
or the applicable URL provided on the flyer accompanying the IOS-XE
software.

ROM: IOS-XE ROMMON

LE_WAN_RTR01 uptime is 6 days, 21 hours, 55 minutes
Uptime for this control processor is 6 days, 21 hours, 56 minutes
System returned to ROM by reload
System image file is "bootflash:isr4400-universalk9.03.16.04b.S.155-3.S4b-ext.SPA.bin"
Last reload reason: PowerOn

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

Suite License Information for Module:'esg'

--------------------------------------------------------------------------------
Suite Suite Current Type Suite Next reboot
--------------------------------------------------------------------------------
FoundationSuiteK9 None None None
securityk9
appxk9

AdvUCSuiteK9 None None None
uck9
cme-srst
cube

Technology Package License Information:

-----------------------------------------------------------------
Technology Technology-package Technology-package
Current Type Next reboot
------------------------------------------------------------------
appxk9 None None None
uck9 uck9 Permanent uck9
securityk9 securityk9 Permanent securityk9
ipbase ipbasek9 Permanent ipbasek9

cisco ISR4451-X/K9 (2RU) processor with 1648789K/6147K bytes of memory.
Processor board ID FJC2202D10A
4 Gigabit Ethernet interfaces
2 Cellular interfaces
32768K bytes of non-volatile configuration memory.
4194304K bytes of physical memory.
7057407K bytes of flash memory at bootflash:.

Configuration register is 0x2102

Hello,

I 'll have a further look  will get back with you. I am in GMT +1, so bear with me...

Totally understandable.  You're doing me a solid so thanks for the help.

Also while I'm thinking about it let me explain what I'm trying to do.  I have dual ISP with my primary already set up and using EIGRP.  My secondary is the 4G which I want to set up as the backup with dmvpn running with EIGRP also.....as I'm looking at this card and comparing to illustrations I am noticing I have a red indicator for the RSSI  and it's at -128 dbm also no antennas just the dust caps.  Could that be the problem?