Still after I shut down the interface dialer 1 and then typing the "dialer-group 1" command i get this error.

I alse tried to shut down the cellular interface and got this error

Any suggestions?

Hello,

I looked at the config again: your cellular interface is configured with 'dialer pool-member 1' and your interface Dialer 1 with 'dialer pool 1. That means that the cellular interface is bound to the dialer interface, and interesting traffic is set by the dialer interface.

For the cellular interface to accept the dialer-group command, you need to remove the dialer pool-member 1' configuration.

I was removed the dialer pool-member 1 command from the interface cellular 1

I was succeeded to enter the "dialer-group 1" command but now the interface dialer 1 doesn't get an ip address.

interface Cellular0
 no ip address
 ip virtual-reassembly in
 zone-member security Untrust
 encapsulation ppp
 dialer in-band
 dialer-group 1
 async mode interactive
 no ppp lcp fast-start
end

I looked on another router in my network and I noticed that int the cellular interface there is those two commands. The "dialer-group 1" AND the "dialer pool-member 1"

Now when I trying to enter the "dialer pool-member 1"  comman i get another error:

%Remove Legacy DDR Configuration first

What does it mean?

How do I solve it?

Hello,

what are you trying to accomplish ? Your original configuration was fine. The dialer-group is just to define interesting traffic. You either use it on the physical interface, or you bind the physical interface to the logical dialer interface.

Hi gpauwen,

As you know that the physical interface is the cellular0 and the logical interface is the dialer1.

What I'm trying to do is to bind the cellular interface to the dialer interface.

How should I configure it?

Hello,

can you post the full configuration of your router ?

Current configuration : 17131 bytes
!
! Last configuration change at 17:56:10 GMT Tue Nov 15 2016 by 305677296
version 15.1
no service pad
service timestamps debug datetime msec
service timestamps log datetime localtime
service password-encryption
!
hostname xxxxx
boot-start-marker
boot-end-marker
!
!
logging buffered 100000
!
aaa new-model
!
!
aaa group server tacacs+ Tacgroup
 server xxxxx
!
aaa authentication login default group Tacgroup local
aaa authentication login console local
aaa authorization exec default group Tacgroup local
aaa authorization commands 15 default group Tacgroup local
aaa accounting exec default start-stop group Tacgroup
aaa accounting commands 15 default start-stop group Tacgroup
!
!
!
!
!
aaa session-id common
!
clock timezone GMT 2 0
clock summer-time GMT recurring 1 Fri Apr 2:00 1 Sun Oct 2:00
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-xxxxxxx
!
!
crypto pki certificate chain TP-self-signed-xxxxxxx
!
!         
!
no ip dhcp conflict logging
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 8.203.68.170 8.203.68.190
!
ip dhcp pool ccp-pool
 import all
 network 10.10.10.0 255.255.255.248
 default-router 10.10.10.1
 lease 0 2
!
ip dhcp pool LAN
 network 8.203.68.160 255.255.255.224
 domain-name hot.net.il
 default-router 8.203.68.190
 dns-server 8.203.68.190
!
!
ip cef
ip domain retry 1
ip domain timeout 1
ip domain name xxxxxx
ip host xxxx
ip host xxxx
ip name-server xxxx
ip name-server xxxx
no ipv6 cef
!
!
multilink bundle-name authenticated
chat-script xxx ""  "xxxxx" TIMEOUT 30 "CONNECT"
license udi pid C881G-U-K9 sn FTX161387H9
!
!
object-group network Streamers
 description Streamers
 host xxx
 host xxx
 host xxx
!
username xxxxx privilege xx secret xxxxx
!
!
!
!
controller Cellular 0
!
ip ftp source-interface Vlan2
ip tftp source-interface Vlan2
ip ssh logging events
ip ssh version 2
!
track 10 ip sla 10 reachability
!
class-map type inspect match-all ccp-cls--1
 match access-group name Mall-To-YKM
class-map match-all Video-class
 match access-group name Video-acl
class-map type inspect match-all ccp-cls--2
 match access-group name YKM-To-Mall
class-map type inspect match-any http
 match protocol http
class-map type inspect match-all ccp-cls-ccp-policy-ccp-cls--2-2
 match class-map http
 match access-group name Dtail-To-Streamers
class-map type inspect match-all ccp-cls-ccp-policy-ccp-cls--2-1
 match access-group name SSL-To-Mall
!
!
policy-map shape-2M
 class class-default
  shape average 5120000
policy-map shape-2m-child
 class Video-class
  police rate 1536000
   conform-action transmit
   exceed-action drop
  bandwidth 1536
policy-map type inspect ccp-policy-ccp-cls--1
 class type inspect ccp-cls--1
  inspect
 class class-default
  drop
policy-map type inspect ccp-policy-ccp-cls--2
 class type inspect ccp-cls--2
  inspect
 class type inspect ccp-cls-ccp-policy-ccp-cls--2-1
  inspect
 class type inspect ccp-cls-ccp-policy-ccp-cls--2-2
  inspect
 class class-default
  drop
!
zone security Trust
zone security Untrust
zone-pair security sdm-zp-Trust-Untrust source Trust destination Untrust
 service-policy type inspect ccp-policy-ccp-cls--1
zone-pair security sdm-zp-Untrust-Trust source Untrust destination Trust
 service-policy type inspect ccp-policy-ccp-cls--2
!
!
crypto isakmp policy 10
 xxxx
 authentication xxxx
 group xxx
crypto isakmp xxxxxx x.x.x.x
crypto isakmp xxxxxx x.x.x.x
crypto isakmp xxxxxx x.x.x.x
crypto isakmp xxxxxx x.x.x.x
crypto isakmp keepalive 10
!
crypto ipsec security-association replay disable
!
crypto ipsec transform-set xxxxxx
 mode transport
crypto ipsec df-bit clear
!
crypto ipsec profile VPN-Profile
 set transform-set xxxx
!
!
!
!
!
!
interface Tunnel1
 ip address 10.255.1.150 255.255.255.252
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip mtu 1400
 ip flow ingress
 zone-member security Untrust
 ip tcp adjust-mss 1360
 load-interval 30
 delay 10000
 qos pre-classify
 tunnel source 192.168.16.194
 tunnel destination x.x.x.x
 tunnel protection ipsec profile VPN-Profile
 service-policy output shape-2M
!
interface Tunnel2
 ip address 10.255.2.150 255.255.255.252
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip mtu 1400
 ip flow ingress
 zone-member security Untrust
 ip tcp adjust-mss 1360
 load-interval 30
 delay 100000
 qos pre-classify
 tunnel source 192.168.16.194
 tunnel destination x.x.x.x
 tunnel protection ipsec profile VPN-Profile
 service-policy output shape-2M
!
interface Tunnel1001
 ip address 10.255.100.38 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip mtu 1400
 ip flow ingress
 ip nhrp authentication bynet
 ip nhrp map multicast dynamic
 ip nhrp map 10.255.100.254 x.x.x.x
 ip nhrp network-id xxx
 ip nhrp holdtime 300
 ip nhrp nhs 10.255.100.254
 zone-member security Untrust
 ip tcp adjust-mss 1360
 load-interval 30
 delay 1000000
 qos pre-classify
 tunnel source Dialer1
 tunnel destination x.x.x.x
 tunnel key xxx
 tunnel protection ipsec profile VPN-Profile
!
interface Tunnel1002
 ip address 10.255.200.38 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip mtu 1400
 ip flow ingress
 ip nhrp authentication bynet
 ip nhrp map multicast dynamic
 ip nhrp map 10.255.200.254 x.x.x.x
 ip nhrp network-id xxx
 ip nhrp holdtime 300
 ip nhrp nhs 10.255.200.254
 zone-member security Untrust
 ip tcp adjust-mss 1360
 load-interval 30
 delay 10000000
 qos pre-classify
 tunnel source Dialer1
 tunnel destination x.x.x.x
 tunnel key xxx
 tunnel protection ipsec profile VPN-Profile
!
interface FastEthernet0
 switchport access vlan 2
 no ip address
!         
interface FastEthernet1
 no ip address
 shutdown
!
interface FastEthernet2
 no ip address
 shutdown
!
interface FastEthernet3
 no ip address
 shutdown
!
interface FastEthernet4
 ip address 192.168.16.194 255.255.255.252
 ip nat outside
 ip virtual-reassembly in
 zone-member security Untrust
 duplex auto
 speed auto
!
interface Cellular0
 no ip address
 ip virtual-reassembly in
 zone-member security Untrust
 encapsulation ppp
 dialer in-band
 dialer-group 1
 async mode interactive
 no ppp lcp fast-start
!
interface Vlan1
 no ip address
!
interface Vlan2
 ip address 8.203.68.190 255.255.255.224
 ip nat inside
 ip virtual-reassembly in
 zone-member security Trust
 ip tcp adjust-mss 1360
!
interface Dialer1
 ip address negotiated
 ip nat outside
 ip virtual-reassembly in
 zone-member security Untrust
 encapsulation ppp
 dialer pool 1
 dialer idle-timeout 0
 dialer string hot
 dialer-group 1
 no ppp lcp fast-start
 ppp chap refuse
 ppp pap sent-username xxx password 7 xxx
 no cdp enable
!
!
router eigrp 10
 default-metric 64 2000 255 1 1400
 network 8.203.68.160 0.0.0.31
 network 10.255.1.148 0.0.0.3
 network 10.255.2.148 0.0.0.3
 network 10.255.100.0 0.0.0.255
 network 10.255.200.0 0.0.0.255
 passive-interface Vlan2
 eigrp router-id 8.203.64.190
 eigrp stub connected summary
!
ip forward-protocol nd
ip http server
ip http authentication local
no ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
ip dns view default
 domain timeout 1
 domain retry 1
 dns forwarding retry 1
 dns forwarder xxxx
 dns forwarder xxxx
ip dns server
ip nat translation timeout 3
ip nat translation icmp-timeout 3
ip nat inside source list NAT_TVSP interface FastEthernet4 overload
ip route xxxx 255.255.255.255 192.168.16.193 100 name SSL-Thorw-TVSP-WIth-CHeck-REACH track 10
ip route xxxx 255.255.255.255 192.168.16.193 name To-Vlan200Nat-WIth-CHeck-REACH track 10
ip route xxxx 255.255.255.255 192.168.16.193 name VL202+203-ICMP-REACH
ip route xxxx 255.255.255.255 192.168.16.193 name FOR-TVSP-REACHABILITY
ip route xxxx 255.255.255.255 192.168.16.193 name TVSP-R1
ip route xxxx 255.255.255.255 192.168.16.193 name TVSP-R2
ip route xxxx 255.255.255.255 192.168.16.245 name SSL-Haifa-Over-TVSP
ip tacacs source-interface Vlan2
!
!
!
ip sla 10
 icmp-echo xxx source-ip 192.168.16.194
 tag For-TVSP-Reachbility
 frequency 5
ip sla schedule 10 life forever start-time now
ip sla 100
 icmp-echo xxx
 tag Just-For-Traffic-Thorw-Celluar
 threshold 3000
 timeout 3000
 frequency 3
ip sla schedule 100 life forever start-time now
ip sla 101
 icmp-echo xxx
 tag Just-For-Traffic-Thorw-Celluar
 threshold 3000
 timeout 3000
 frequency 3
ip sla schedule 101 life forever start-time now
logging source-interface Vlan2
logging 8.200.4.5
dialer-list 1 protocol ip permit
no cdp run
!
!
!
!
snmp-server trap-source Vlan2
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps vrrp
snmp-server enable traps flowmon
snmp-server enable traps call-home message-send-fail server-fail
snmp-server enable traps tty
snmp-server enable traps eigrp
snmp-server enable traps ospf state-change
snmp-server enable traps ospf errors
snmp-server enable traps ospf retransmit
snmp-server enable traps ospf lsa
snmp-server enable traps ospf cisco-specific state-change nssa-trans-change
snmp-server enable traps ospf cisco-specific state-change shamlink interface
snmp-server enable traps ospf cisco-specific state-change shamlink neighbor
snmp-server enable traps ospf cisco-specific errors
snmp-server enable traps ospf cisco-specific retransmit
snmp-server enable traps ospf cisco-specific lsa
snmp-server enable traps license
snmp-server enable traps ethernet cfm cc mep-up mep-down cross-connect loop config
snmp-server enable traps ethernet cfm crosscheck mep-missing mep-unknown service-up
snmp-server enable traps flash insertion removal
snmp-server enable traps adslline
snmp-server enable traps vdsl2line
snmp-server enable traps envmon
snmp-server enable traps c3g
snmp-server enable traps isdn call-information
snmp-server enable traps isdn layer2
snmp-server enable traps isdn chan-not-avail
snmp-server enable traps isdn ietf
snmp-server enable traps mac-notification
snmp-server enable traps energywise
snmp-server enable traps cef resource-failure peer-state-change peer-fib-state-change inconsistency
snmp-server enable traps aaa_server
snmp-server enable traps atm subif
snmp-server enable traps bfd
snmp-server enable traps bgp
snmp-server enable traps memory bufferpeak
snmp-server enable traps cnpd
snmp-server enable traps config-copy
snmp-server enable traps config
snmp-server enable traps config-ctid
snmp-server enable traps entity
snmp-server enable traps fru-ctrl
snmp-server enable traps resource-policy
snmp-server enable traps event-manager
snmp-server enable traps hsrp
snmp-server enable traps ipmulticast
snmp-server enable traps msdp
snmp-server enable traps mvpn
snmp-server enable traps pim neighbor-change rp-mapping-change invalid-pim-message
snmp-server enable traps cpu threshold
snmp-server enable traps rsvp
snmp-server enable traps ipsla
snmp-server enable traps syslog
snmp-server enable traps l2tun session
snmp-server enable traps l2tun pseudowire status
snmp-server enable traps vtp
snmp-server enable traps pw vc
snmp-server enable traps firewall serverstatus
snmp-server enable traps ipmobile
snmp-server enable traps nhrp nhs
snmp-server enable traps nhrp nhc
snmp-server enable traps nhrp nhp
snmp-server enable traps nhrp quota-exceeded
snmp-server enable traps isakmp policy add
snmp-server enable traps isakmp policy delete
snmp-server enable traps isakmp tunnel start
snmp-server enable traps isakmp tunnel stop
snmp-server enable traps ipsec cryptomap add
snmp-server enable traps ipsec cryptomap delete
snmp-server enable traps ipsec cryptomap attach
snmp-server enable traps ipsec cryptomap detach
snmp-server enable traps ipsec tunnel start
snmp-server enable traps ipsec tunnel stop
snmp-server enable traps ipsec too-many-sas
snmp-server enable traps vrfmib vrf-up vrf-down vnet-trunk-up vnet-trunk-down
snmp-server host 8.200.60.160 version 2c hotro
snmp-server host 8.201.252.121 version 2c hotro
!
!
!
control-plane
!
privilege exec level 9 terminal monitor
privilege exec level 9 terminal
privilege exec level 9 show configuration
privilege exec level 9 show logging
privilege exec level 9 show
!
line con 0
 logging synchronous
line aux 0
line 3
 exec-timeout 0 0
 password 7 xxx
 script dialer hot
 modem InOut
 no exec
 transport input all
 transport output all
 rxspeed 7200000
 txspeed 5760000
line vty 0 4
 access-class Admins in
 exec-timeout 40 0
 privilege level 15
 logging synchronous
 login authentication TacGroup
 transport input ssh
!
ntp server 8.204.97.1 prefer source Vlan2
ntp server 8.204.97.2 source Vlan2
event manager applet Track-Tvsp-SSLVPN-UP
 event syslog pattern "10 ip sla 10 reachability Down->Up"
 action 2.0 cli command "enable"
 action 2.1 cli command "conf t"
 action 2.2 cli command "logg buff 100000"
 action 2.5 cli command " do clear ip nat tr *"
 action 2.7 cli command "no ip nat inside source list NAT_TVSP interface dialer1 overload"
 action 2.8 cli command "y"
 action 2.9 cli command "ip nat inside source list NAT_TVSP interface fastEthernet 4 overload"
 action 3.0 cli command "end"
event manager applet Track-Tvsp-SSLVPN-Down
 event syslog pattern "10 ip sla 10 reachability Up->Down"
 action 1.0 cli command "enable"
 action 1.1 cli command "conf t"
 action 1.2 cli command "do clear ip nat tra *"
 action 1.3 cli command "no ip nat inside source list NAT_TVSP interface fastEthernet 4 overload"
 action 1.4 cli command "y"
 action 1.5 cli command "ip nat inside source list NAT_TVSP interface dialer1 overload"
 action 1.6 cli command "end"
!
end

This is my full configuration

Thanks in advance

Hello,

I'll have a look, will get back to you...

Hello,

I have made a few adjustments, the most important one being that you did not have the access list configured that was referenced in the ip nat inside source statement. Also, I don't see any routes out Dialer 1 or FastEthernet4, other than x.x.x.x. I have added a static default for FastEthernet4 and a floating static route pointing to Dialer1:

Current configuration : 17131 bytes
!
! Last configuration change at 17:56:10 GMT Tue Nov 15 2016 by 305677296
version 15.1
no service pad
service timestamps debug datetime msec
service timestamps log datetime localtime
service password-encryption
!
hostname xxxxx
boot-start-marker
boot-end-marker
!
!
logging buffered 100000
!
aaa new-model
!
!
aaa group server tacacs+ Tacgroup
server xxxxx
!
aaa authentication login default group Tacgroup local
aaa authentication login console local
aaa authorization exec default group Tacgroup local
aaa authorization commands 15 default group Tacgroup local
aaa accounting exec default start-stop group Tacgroup
aaa accounting commands 15 default start-stop group Tacgroup
!
!
!
!
!
aaa session-id common
!
clock timezone GMT 2 0
clock summer-time GMT recurring 1 Fri Apr 2:00 1 Sun Oct 2:00
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-xxxxxxx
!
!
crypto pki certificate chain TP-self-signed-xxxxxxx
!
!
!
no ip dhcp conflict logging
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 8.203.68.170 8.203.68.190
!
ip dhcp pool ccp-pool
import all
network 10.10.10.0 255.255.255.248
default-router 10.10.10.1
lease 0 2
!
ip dhcp pool LAN
network 8.203.68.160 255.255.255.224
domain-name hot.net.il
default-router 8.203.68.190
dns-server 8.203.68.190
!
!
ip cef
ip domain retry 1
ip domain timeout 1
ip domain name xxxxxx
ip host xxxx
ip host xxxx
ip name-server xxxx
ip name-server xxxx
no ipv6 cef
!
!
multilink bundle-name authenticated
chat-script xxx "" "xxxxx" TIMEOUT 30 "CONNECT"
license udi pid C881G-U-K9 sn FTX161387H9
!
!
object-group network Streamers
description Streamers
host xxx
host xxx
host xxx
!
username xxxxx privilege xx secret xxxxx
!
!
!
!
controller Cellular 0
!
ip ftp source-interface Vlan2
ip tftp source-interface Vlan2
ip ssh logging events
ip ssh version 2
!
track 10 ip sla 10 reachability
!
class-map type inspect match-all ccp-cls--1
match access-group name Mall-To-YKM
class-map match-all Video-class
match access-group name Video-acl
class-map type inspect match-all ccp-cls--2
match access-group name YKM-To-Mall
class-map type inspect match-any http
match protocol http
class-map type inspect match-all ccp-cls-ccp-policy-ccp-cls--2-2
match class-map http
match access-group name Dtail-To-Streamers
class-map type inspect match-all ccp-cls-ccp-policy-ccp-cls--2-1
match access-group name SSL-To-Mall
!
!
policy-map shape-2M
class class-default
shape average 5120000
policy-map shape-2m-child
class Video-class
police rate 1536000
conform-action transmit
exceed-action drop
bandwidth 1536
policy-map type inspect ccp-policy-ccp-cls--1
class type inspect ccp-cls--1
inspect
class class-default
drop
policy-map type inspect ccp-policy-ccp-cls--2
class type inspect ccp-cls--2
inspect
class type inspect ccp-cls-ccp-policy-ccp-cls--2-1
inspect
class type inspect ccp-cls-ccp-policy-ccp-cls--2-2
inspect
class class-default
drop
!
zone security Trust
zone security Untrust
zone-pair security sdm-zp-Trust-Untrust source Trust destination Untrust
service-policy type inspect ccp-policy-ccp-cls--1
zone-pair security sdm-zp-Untrust-Trust source Untrust destination Trust
service-policy type inspect ccp-policy-ccp-cls--2
!
!
crypto isakmp policy 10
xxxx
authentication xxxx
group xxx
crypto isakmp xxxxxx x.x.x.x
crypto isakmp xxxxxx x.x.x.x
crypto isakmp xxxxxx x.x.x.x
crypto isakmp xxxxxx x.x.x.x
crypto isakmp keepalive 10
!
crypto ipsec security-association replay disable
!
crypto ipsec transform-set xxxxxx
mode transport
crypto ipsec df-bit clear
!
crypto ipsec profile VPN-Profile
set transform-set xxxx
!
!
!
!
!
!
interface Tunnel1
ip address 10.255.1.150 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1400
ip flow ingress
zone-member security Untrust
ip tcp adjust-mss 1360
load-interval 30
delay 10000
qos pre-classify
tunnel source 192.168.16.194
tunnel destination x.x.x.x
tunnel protection ipsec profile VPN-Profile
service-policy output shape-2M
!
interface Tunnel2
ip address 10.255.2.150 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1400
ip flow ingress
zone-member security Untrust
ip tcp adjust-mss 1360
load-interval 30
delay 100000
qos pre-classify
tunnel source 192.168.16.194
tunnel destination x.x.x.x
tunnel protection ipsec profile VPN-Profile
service-policy output shape-2M
!
interface Tunnel1001
ip address 10.255.100.38 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1400
ip flow ingress
ip nhrp authentication bynet
ip nhrp map multicast dynamic
ip nhrp map 10.255.100.254 x.x.x.x
ip nhrp network-id xxx
ip nhrp holdtime 300
ip nhrp nhs 10.255.100.254
zone-member security Untrust
ip tcp adjust-mss 1360
load-interval 30
delay 1000000
qos pre-classify
tunnel source Dialer1
tunnel destination x.x.x.x
tunnel key xxx
tunnel protection ipsec profile VPN-Profile
!
interface Tunnel1002
ip address 10.255.200.38 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1400
ip flow ingress
ip nhrp authentication bynet
ip nhrp map multicast dynamic
ip nhrp map 10.255.200.254 x.x.x.x
ip nhrp network-id xxx
ip nhrp holdtime 300
ip nhrp nhs 10.255.200.254
zone-member security Untrust
ip tcp adjust-mss 1360
load-interval 30
delay 10000000
qos pre-classify
tunnel source Dialer1
tunnel destination x.x.x.x
tunnel key xxx
tunnel protection ipsec profile VPN-Profile
!
interface FastEthernet0
switchport access vlan 2
no ip address
!
interface FastEthernet1
no ip address
shutdown
!
interface FastEthernet2
no ip address
shutdown
!
interface FastEthernet3
no ip address
shutdown
!
interface FastEthernet4
ip address 192.168.16.194 255.255.255.252
ip nat outside
ip virtual-reassembly in
zone-member security Untrust
duplex auto
speed auto
!
interface Cellular0
no ip address
ip virtual-reassembly in
zone-member security Untrust
encapsulation ppp
dialer in-band
dialer pool-member 1
dialer-group 1
async mode interactive
no ppp lcp fast-start
!
interface Vlan1
no ip address
!
interface Vlan2
ip address 8.203.68.190 255.255.255.224
ip nat inside
ip virtual-reassembly in
zone-member security Trust
ip tcp adjust-mss 1360
!
interface Dialer1
ip address negotiated
ip nat outside
ip virtual-reassembly in
zone-member security Untrust
encapsulation ppp
dialer pool 1
dialer idle-timeout 0
dialer string hot
dialer-group 1
dialer persistent
no ppp lcp fast-start
ppp chap refuse
ppp pap sent-username xxx password 7 xxx
no cdp enable
!
!
router eigrp 10
default-metric 64 2000 255 1 1400
network 8.203.68.160 0.0.0.31
network 10.255.1.148 0.0.0.3
network 10.255.2.148 0.0.0.3
network 10.255.100.0 0.0.0.255
network 10.255.200.0 0.0.0.255
passive-interface Vlan2
eigrp router-id 8.203.64.190
eigrp stub connected summary
!
ip forward-protocol nd
ip http server
ip http authentication local
no ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
ip dns view default
domain timeout 1
domain retry 1
dns forwarding retry 1
dns forwarder xxxx
dns forwarder xxxx
ip dns server
ip nat translation timeout 3
ip nat translation icmp-timeout 3
ip nat inside source list NAT_TVSP interface FastEthernet4 overload

ip route 0.0.0.0 0.0.0.0 FastEthernet4

ip route 0.0.0.0 0.0.0.0 Dialer1 250

ip route xxxx 255.255.255.255 192.168.16.193 100 name SSL-Thorw-TVSP-WIth-CHeck-REACH track 10
ip route xxxx 255.255.255.255 192.168.16.193 name To-Vlan200Nat-WIth-CHeck-REACH track 10
ip route xxxx 255.255.255.255 192.168.16.193 name VL202+203-ICMP-REACH
ip route xxxx 255.255.255.255 192.168.16.193 name FOR-TVSP-REACHABILITY
ip route xxxx 255.255.255.255 192.168.16.193 name TVSP-R1
ip route xxxx 255.255.255.255 192.168.16.193 name TVSP-R2
ip route xxxx 255.255.255.255 192.168.16.245 name SSL-Haifa-Over-TVSP
ip tacacs source-interface Vlan2
!
access-list NAT_TVSP permit ip 8.203.68.160 0.0.0.31 any
!
!
ip sla 10
icmp-echo xxx source-ip 192.168.16.194
tag For-TVSP-Reachbility
frequency 5
ip sla schedule 10 life forever start-time now
ip sla 100
icmp-echo xxx
tag Just-For-Traffic-Thorw-Celluar
threshold 3000
timeout 3000
frequency 3
ip sla schedule 100 life forever start-time now
ip sla 101
icmp-echo xxx
tag Just-For-Traffic-Thorw-Celluar
threshold 3000
timeout 3000
frequency 3
ip sla schedule 101 life forever start-time now
logging source-interface Vlan2
logging 8.200.4.5
dialer-list 1 protocol ip permit
no cdp run
!
!
!
!
snmp-server trap-source Vlan2
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps vrrp
snmp-server enable traps flowmon
snmp-server enable traps call-home message-send-fail server-fail
snmp-server enable traps tty
snmp-server enable traps eigrp
snmp-server enable traps ospf state-change
snmp-server enable traps ospf errors
snmp-server enable traps ospf retransmit
snmp-server enable traps ospf lsa
snmp-server enable traps ospf cisco-specific state-change nssa-trans-change
snmp-server enable traps ospf cisco-specific state-change shamlink interface
snmp-server enable traps ospf cisco-specific state-change shamlink neighbor
snmp-server enable traps ospf cisco-specific errors
snmp-server enable traps ospf cisco-specific retransmit
snmp-server enable traps ospf cisco-specific lsa
snmp-server enable traps license
snmp-server enable traps ethernet cfm cc mep-up mep-down cross-connect loop config
snmp-server enable traps ethernet cfm crosscheck mep-missing mep-unknown service-up
snmp-server enable traps flash insertion removal
snmp-server enable traps adslline
snmp-server enable traps vdsl2line
snmp-server enable traps envmon
snmp-server enable traps c3g
snmp-server enable traps isdn call-information
snmp-server enable traps isdn layer2
snmp-server enable traps isdn chan-not-avail
snmp-server enable traps isdn ietf
snmp-server enable traps mac-notification
snmp-server enable traps energywise
snmp-server enable traps cef resource-failure peer-state-change peer-fib-state-change inconsistency
snmp-server enable traps aaa_server
snmp-server enable traps atm subif
snmp-server enable traps bfd
snmp-server enable traps bgp
snmp-server enable traps memory bufferpeak
snmp-server enable traps cnpd
snmp-server enable traps config-copy
snmp-server enable traps config
snmp-server enable traps config-ctid
snmp-server enable traps entity
snmp-server enable traps fru-ctrl
snmp-server enable traps resource-policy
snmp-server enable traps event-manager
snmp-server enable traps hsrp
snmp-server enable traps ipmulticast
snmp-server enable traps msdp
snmp-server enable traps mvpn
snmp-server enable traps pim neighbor-change rp-mapping-change invalid-pim-message
snmp-server enable traps cpu threshold
snmp-server enable traps rsvp
snmp-server enable traps ipsla
snmp-server enable traps syslog
snmp-server enable traps l2tun session
snmp-server enable traps l2tun pseudowire status
snmp-server enable traps vtp
snmp-server enable traps pw vc
snmp-server enable traps firewall serverstatus
snmp-server enable traps ipmobile
snmp-server enable traps nhrp nhs
snmp-server enable traps nhrp nhc
snmp-server enable traps nhrp nhp
snmp-server enable traps nhrp quota-exceeded
snmp-server enable traps isakmp policy add
snmp-server enable traps isakmp policy delete
snmp-server enable traps isakmp tunnel start
snmp-server enable traps isakmp tunnel stop
snmp-server enable traps ipsec cryptomap add
snmp-server enable traps ipsec cryptomap delete
snmp-server enable traps ipsec cryptomap attach
snmp-server enable traps ipsec cryptomap detach
snmp-server enable traps ipsec tunnel start
snmp-server enable traps ipsec tunnel stop
snmp-server enable traps ipsec too-many-sas
snmp-server enable traps vrfmib vrf-up vrf-down vnet-trunk-up vnet-trunk-down
snmp-server host 8.200.60.160 version 2c hotro
snmp-server host 8.201.252.121 version 2c hotro
!
!
!
control-plane
!
privilege exec level 9 terminal monitor
privilege exec level 9 terminal
privilege exec level 9 show configuration
privilege exec level 9 show logging
privilege exec level 9 show
!
line con 0
logging synchronous
line aux 0
line 3
exec-timeout 0 0
password 7 xxx
script dialer hot
modem InOut
no exec
transport input all
transport output all
rxspeed 7200000
txspeed 5760000
line vty 0 4
access-class Admins in
exec-timeout 40 0
privilege level 15
logging synchronous
login authentication TacGroup
transport input ssh
!
ntp server 8.204.97.1 prefer source Vlan2
ntp server 8.204.97.2 source Vlan2
event manager applet Track-Tvsp-SSLVPN-UP
event syslog pattern "10 ip sla 10 reachability Down->Up"
action 2.0 cli command "enable"
action 2.1 cli command "conf t"
action 2.2 cli command "logg buff 100000"
action 2.5 cli command " do clear ip nat tr *"
action 2.7 cli command "no ip nat inside source list NAT_TVSP interface dialer1 overload"
action 2.8 cli command "y"
action 2.9 cli command "ip nat inside source list NAT_TVSP interface fastEthernet 4 overload"
action 3.0 cli command "end"
event manager applet Track-Tvsp-SSLVPN-Down
event syslog pattern "10 ip sla 10 reachability Up->Down"
action 1.0 cli command "enable"
action 1.1 cli command "conf t"
action 1.2 cli command "do clear ip nat tra *"
action 1.3 cli command "no ip nat inside source list NAT_TVSP interface fastEthernet 4 overload"
action 1.4 cli command "y"
action 1.5 cli command "ip nat inside source list NAT_TVSP interface dialer1 overload"
action 1.6 cli command "end"
!
end

Hi,

You can notice that the route is not default but to specific addresses. Only when the ip-sla going from up to down the event manager will change the route through the dialer (It is not floating by metric)

The problem is that interface dialer 1 doesn't get an ip address and not the backup through the interface cellular doesn't work.

Hello,

do you have a cellular profile configured ?

881G#show Cellular0 profile

If not, create one first:

881G#cellular 0 gsm profile create 1 

I have a profile but i seems to be inactive

RTR881#show cellular 0 profile
Profile password Encryption level: 7

Profile 1 = INACTIVE*
--------
PDP Type = IPv4
Access Point Name (APN) = xxx
Authentication = None
Username: , Password: 00

 * - Default profile

Configured default profile for active SIM 1 is profile 1.

Is this OK?

You are using the default profile, which has no authentication ("Authentication=None") specified. 

Create a new one like this:

881G# cellular 0 gsm profile create 1 xxx chap/pap username password

Yourprovider must give you the username and password as well as the APN (Access Point Name).