Solved: Re:877w PPPoA issue

liamconnelly · ‎08-03-2013

Hi

Still studying my CCNA, so im using this router as a bit of a learning incentive. So far it looks like ive got all of the DHCP and wireless stuff working ok, but i cant seem to get it to hit my ISP which is TalkTalk (UK). Heres my current config,

urrent configuration : 2267 bytes

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R877W

!

boot-start-marker

boot-end-marker

!

no logging console

!

no aaa new-model

!

dot11 syslog

!

dot11 ssid lab

authentication open

authentication key-management wpa

guest-mode

wpa-psk ascii 0 ______________

!

ip cef

no ip dhcp use vrf connected

!

ip dhcp excluded-address 192.168.1.14 192.168.1.15

ip dhcp excluded-address 192.168.1.30 192.168.1.16

ip dhcp pool LAN

network 192.168.1.0 255.255.255.0

default-router 192.168.1.1

domain-name HomeLan

dns-server 62.24.139.8 62.24.202.70

!

ip dhcp pool Wlan

network 192.168.60.0 255.255.255.0

default-router 192.168.60.1

dns-server 62.24.139.8 62.24.202.70

!

ip name-server 62.24.139.8

ip name-server 62.24.202.70

!

username admin privilege 15 password 0 ______________

!

archive

log config

hidekeys

!

bridge irb

!

interface ATM0

description ADSL Connection

no ip address

no atm ilmi-keepalive

pvc 0/38

encapsulation aal5mux ppp dialer

dialer pool-member 1

!

dsl enable-training-log

dsl bitswap both

hold-queue 200 in

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

!

interface Dot11Radio0

ip address 192.168.60.1 255.255.255.0

ip nat inside

ip virtual-reassembly

no shutdown

!

encryption mode ciphers tkip

!

ssid Cisco

!

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0

channel 2447

station-role root

!

interface Vlan1

ip address 192.168.1.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

interface Dialer0

bandwidth inherit

ip address negotiated

ip nat outside

ip virtual-reassembly

encapsulation ppp

ip tcp header-compression iphc-format

ip tcp adjust-mss 1452

dialer pool 1

dialer-group 1

no cdp enable

ppp authentication pap chap callin

ppp chap hostname _______________________

ppp chap password _______________________

ppp ipcp dns request

ppp ipcp wins request

ip rtp header-compression iphc-format

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 Dialer0

!

ip http server

ip http authentication local

no ip http secure-server

ip nat inside source list 10 interface Dialer0 overload

!

access-list 10 permit any

!

control-plane

!

line con 0

logging synchronous

login local

no modem enable

line aux 0

password aux

login

line vty 0 4

password _____________

login

!

scheduler max-task-time 5000

end

I dont get any of the ADSL lights flashing at all, ive pieced this together from other configs posted on the web so there may be some glaring errors. Any help would be appreciated. Here is some of the current info from my isp

[img]http://imgur.com/WzX3LGq[/img]

Thanks
Liam

paul driver · ‎08-04-2013

hello

What authentication are.you using -PAP.or CHAP?

i think you only need chap username and password no need to.set callin.if anything it should be callout

if PAP i would try ppp pap sent-username xxx password xxx

also for your natting i would suggest to change your acl

no access-list 10
access-list 10 permit 192.168.1.0 0.0.0.255
res
paul

Sent from Cisco Technical Support Android App

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

paul driver · ‎08-04-2013

hello

What authentication are.you using -PAP.or CHAP?

i think you only need chap username and password no need to.set callin.if anything it should be callout

if PAP i would try ppp pap sent-username xxx password xxx

also for your natting i would suggest to change your acl

no access-list 10
access-list 10 permit 192.168.1.0 0.0.0.255
res
paul

Sent from Cisco Technical Support Android App

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

liamconnelly · ‎08-06-2013

Thanks Paul

That was a massive help! managed to get to get the dialer up and fix the NAT with your advice cheers. Ive tidied some bits up and got the wifi working so if any other TalkTalk PPPoA users need a config this should help you.

______________________

Current configuration : 3256 bytes

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname **************

!

boot-start-marker

boot-end-marker

!

logging message-counter syslog

enable password 7 *************

!

aaa new-model

!

aaa authentication login default local

aaa authorization exec default local

!

aaa session-id common

clock timezone GMT 0

clock summer-time BST recurring

!

dot11 syslog

!

dot11 ssid *********

vlan 1

authentication open

authentication key-management wpa

guest-mode

wpa-psk ascii 7 *******************

!

ip source-route

!

no ip dhcp use vrf connected

ip dhcp excluded-address 192.168.1.1 192.168.1.32

!

ip dhcp pool LAN

network 192.168.1.0 255.255.255.0

default-router 192.168.1.1

dns-server 4.2.2.2 4.2.2.3 8.8.8.8

!

ip cef

ip domain name **********

ip name-server 4.2.2.2

ip name-server 8.8.8.8

ip inspect name wan_inspect_out ftp timeout 30

ip inspect name wan_inspect_out tcp timeout 30

ip inspect name wan_inspect_out udp router-traffic timeout 15

ip inspect name wan_inspect_out icmp router-traffic timeout 15

no ipv6 cef

!

multilink bundle-name authenticated

!

username admin privilege 15 secret 5 ********************

!

archive

log config

hidekeys

!

ip ssh version 2

!

bridge irb

!

interface ATM0

no ip address

no ip mroute-cache

no atm ilmi-keepalive

pvc 0/38

encapsulation aal5mux ppp dialer

dialer pool-member 1

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

!

interface Dot11Radio0

no ip address

!

encryption mode ciphers tkip

!

encryption vlan 1 mode ciphers aes-ccm

!

ssid **************

!

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0

channel 2442

station-role root

world-mode dot11d country GB indoor

no cdp enable

!

interface Dot11Radio0.1

encapsulation dot1Q 1 native

ip virtual-reassembly

no cdp enable

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 spanning-disabled

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

!

interface Vlan1

no ip address

ip nat inside

ip virtual-reassembly

bridge-group 1

!

interface Dialer1

ip address negotiated

ip access-group wan_acl_in in

ip nat outside

ip inspect wan_inspect_out out

ip virtual-reassembly

encapsulation ppp

dialer pool 1

ppp chap hostname ******************@talktalk.net

ppp chap password ****************************

ppp pap sent-username **************@talktalk.net password ********************

!

interface BVI1

ip address 192.168.1.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 Dialer1

no ip http server

no ip http secure-server

!

ip dns server

ip nat inside source list INSIDE-NAT interface Dialer1 overload

!

ip access-list extended INSIDE-NAT

permit ip 192.168.1.0 0.0.0.255 any

ip access-list extended wan_acl_in

permit ip host ************** any

deny ip any any log

!

control-plane

!

bridge 1 protocol ieee

bridge 1 route ip

!

line con 0

logging synchronous

no modem enable

line aux 0

line vty 0 4

exec-timeout 0 0

transport input ssh

!

scheduler max-task-time 5000

end

___________________________________________

Ignore the extended WAN_ACL thats so i can connect from my workplace. But the rest is good , any ********* sections needs your input. There is also some DHCP exclude addresses you may want to delete, the wifi is bridged to VLAN1

Cheers

Liam

paul driver · ‎08-06-2013

Hello Liam,

Thanks for the rating much appreciated - and also for your feedback.

This is what CSC is all about, Assisting others and hopefully being able to look at older posts for a correct solution.

res

Paul

Please don't forget to rate any posts that have been helpful.

Thanks.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul