Solved: Re: Help configurating an 851 with PPPoE and DHCP

paltinis2 · ‎08-30-2011

Hi,

I write this because i'm puzzling myself for a few days now trying to find a way to configure my 851 for home use.

My internet provider use PPPoE with PAP and althrough I found many configuration options they all are incomplete...or i cant find the logic behind those commands.

First of all I need to say what I need:

1. Configurate my int Fa4 (WAN) with pppoe so when i insert my ISP cable in it it will negotiate and take IP.

2. Configurate DHCP on LAN (Fa0-3) so that when I insert my PC it will take a fake IP.

Here is the place where i found some conf examples: http://www.cisco.com/en/US/docs/routers/access/800/850/software/configuration/guide/pppoenat.html and I have some questions:

1. MTU - Should I use the 1492 value or the "pppoe-client ppp-max-payload 1500"?

2. ip route 10.10.25.2 255.255.255.255 dialer 0 - How can i set an IP route when my connexion informations only come after i connect? (Because is PPPoE)???

3. I cant configurate the DHCP because I dont know the default route, I dont know the DNS, and i dont know the default gateway because I dont know them due to PPPoE !!!

Please help me because I dont know what to do whit it.

Thank you

Peter Paluch · ‎08-30-2011

Hello,

The document you have referenced seems to have it wrong... You do not need any of the VPDN configured there, just a plain PPPoE client will do.

Your configuration should look as follows:

ip dhcp excluded-address 192.168.0.1 192.168.0.10
ip dhcp pool LAN
 import all
 network 192.168.0.0 255.255.255.0
 default-router 192.168.0.1
 lease 0 0 30
! 
interface Vlan1
 ip address 192.168.0.1 255.255.255.0
 ip nat inside
 ip tcp adjust-mss 1452
!
interface FastEthernet 4
 pppoe-client dial-pool-number 1
!
interface Dialer 0
 encapsulation ppp
 dialer pool 1
 ppp pap sent-username YOURLOGIN password YOURPASSWORD
 ip mtu 1492
 ip address negotiated
 ip nat outside
!
ip route 0.0.0.0 0.0.0.0 Dialer0
!
access-list 1 permit 192.168.0.0 0.0.0.255
ip nat inside source list 1 interface Dialer0 overload

To your questions:

1. MTU - Should I use the 1492 value or the "pppoe-client ppp-max-payload 1500"?

Use the ip tcp adjust-mss on your Vlan1 interface, and the ip mtu 1492 on your Dialer0 interface as I already indicated in my configuration example.

2. ip route 10.10.25.2 255.255.255.255 dialer 0 - How can i set an IP  route when my connexion informations only come after i connect? (Because  is PPPoE)???

You do not need to set up this kind of routing. Your own interface address will be assigned to you automatically after the PPP link comes up (thanks to the ip address negotiated command on Dialer0). You only set up the default route statically - ip route 0.0.0.0 0.0.0.0 Dialer0 which does not use any particular address information, just tells the router to send anything through the Dialer0 interface.

3. I cant configurate the DHCP because I dont know the default route, I  dont know the DNS, and i dont know the default gateway because I dont  know them due to PPPoE !!!

Not entirely. The gateway for your stations is the router itself, and in my example, I have assigned it the IP address 192.168.0.1, so this is the gateway. You are correct with the DNS, however, your provider will assign you these addresses during PPP link negotiation and you will automatically import them into the DHCP configuration thanks to the import all command. If this does not work then certainly, your ISP uses a stable set of DNS servers. He should be able to tell you their exact addresses and then we can configure them statically in your DHCP configuration.

Test this configuration please and let me know if it worked. Thanks!

Best regards,

Peter

View solution in original post

Peter Paluch · ‎08-30-2011

Hello,

Add the following lines to your configuration (i.e. simply copy&paste them into the global configuration mode that you call up using the configure terminal command)

ip routing

ip cef

!

interface Vlan1

no shutdown

ip route cache

ip route-cache cef

!

interface FastEthernet1

no shutdown

!

interface Fastethernet2

no shutdown

!

interface FastEthernet3

no shutdown

!

interface Dialer0

no ppp authentication pap

ip nat outside

!

access-list 1 permit 192.168.0.0 0.0.0.255

ip nat inside source list 1 interface Dialer0 overload

!

end

The errors in your configuration are:

You have deactivated the support for IP routing. You however need to perform the routing. This is brought back by the commands ip routing and ip cef
Your interfaces Fa1-Fa3 and Vlan1 were shut down. They are being activated.
Your Dialer0 required that the ISP authenticates to you. That direction of authentication is wrong. It is you who should authenticate to the ISP, not vice versa. Therefore, the no ppp authentication pap is issued on the Dialer0 interface to remove the offending command that requires the ISP to authenticate to you - and naturally, fail.
Your NAT configuration was not complete - you did not have the Dialer0 interface marked as outside interface. Also, an access list had to be defined that described the internal addresses to be translated, and a translation rule that tells the NAT how shall those internal address be NATted.

Please when pasting this configuration to your router, use the command line only. Avoid using SDM or CCP or any of that GUI stuff.

Best regards,

Peter

View solution in original post

Peter Paluch · ‎08-30-2011

Hello,

The ip route-cache was put into my config only as a precaution - don't worry if it does not appear to have been accepted, it is okay.

Do you now have a working internet connection?

Best regards,

Peter

View solution in original post

Peter Paluch · ‎08-30-2011

Hi,

Slow down. It won't bring us anywhere if you keep changing routers and hastily change the config. The problem deserves a systematic approach.

So put the 851 back and tell us exactly what does not work. Please do not comment the LEDs as they do not provide any sufficient diagnostic feedback at this moment.

Best regards,

Peter

View solution in original post

Peter Paluch · ‎08-30-2011

Hello,

Yes, this definitely seems like a DNS problem. You have used a very correct debug option. This shows us that the ISP is not providing us with any automatically configured DNS servers.

Try adding the following lines to your config:

interface Dialer0

ppp ipcp dns request accept

You will also need to reestablish the PPPoE session. You can accomplish it by shutting down the Dialer0 interface using the shutdown command, waiting a couple of seconds (10 or more), and reactivating it again using the no shutdown command again. Keep the debug ppp negotiation active so that we can see if your router has acquired the DNS settings correctly from your ISP.

Then, on your PC, switch off and reactivate your network card to reacquite the IP settings from DHCP, and see if the names can now be translated to IP addresses on your PC.

Be sure to post your debug output if this does not work.

Best regards,

Peter

View solution in original post

Peter Paluch · ‎08-30-2011

Hi,

I whould like to thank you again for all the help, now I will try to  make sense in all the configuration and to understand how it works

Certainly. Such a self study is very, very precious. Of course, you are welcome to ask on these forums as well.

PS now the only message i receive from router is:

*May 27 13:02:30.487: Vi1 PPP: Outbound cdp packet dropped ---- is this from firewal?

No. This message means that your router asked the ISP if they both can speak the Cisco Discovery Protocol, a Layer2 diagnostic and maintenance protocol, and the ISP refused.

You can avoid this message by adding a single line to your Dialer0 configuration:

interface Dialer0

no cdp enable

Best regards,

Peter

View solution in original post

Peter Paluch · ‎08-30-2011

Hello,

The document you have referenced seems to have it wrong... You do not need any of the VPDN configured there, just a plain PPPoE client will do.

Your configuration should look as follows:

ip dhcp excluded-address 192.168.0.1 192.168.0.10
ip dhcp pool LAN
 import all
 network 192.168.0.0 255.255.255.0
 default-router 192.168.0.1
 lease 0 0 30
! 
interface Vlan1
 ip address 192.168.0.1 255.255.255.0
 ip nat inside
 ip tcp adjust-mss 1452
!
interface FastEthernet 4
 pppoe-client dial-pool-number 1
!
interface Dialer 0
 encapsulation ppp
 dialer pool 1
 ppp pap sent-username YOURLOGIN password YOURPASSWORD
 ip mtu 1492
 ip address negotiated
 ip nat outside
!
ip route 0.0.0.0 0.0.0.0 Dialer0
!
access-list 1 permit 192.168.0.0 0.0.0.255
ip nat inside source list 1 interface Dialer0 overload

To your questions:

1. MTU - Should I use the 1492 value or the "pppoe-client ppp-max-payload 1500"?

Use the ip tcp adjust-mss on your Vlan1 interface, and the ip mtu 1492 on your Dialer0 interface as I already indicated in my configuration example.

2. ip route 10.10.25.2 255.255.255.255 dialer 0 - How can i set an IP  route when my connexion informations only come after i connect? (Because  is PPPoE)???

You do not need to set up this kind of routing. Your own interface address will be assigned to you automatically after the PPP link comes up (thanks to the ip address negotiated command on Dialer0). You only set up the default route statically - ip route 0.0.0.0 0.0.0.0 Dialer0 which does not use any particular address information, just tells the router to send anything through the Dialer0 interface.

3. I cant configurate the DHCP because I dont know the default route, I  dont know the DNS, and i dont know the default gateway because I dont  know them due to PPPoE !!!

Not entirely. The gateway for your stations is the router itself, and in my example, I have assigned it the IP address 192.168.0.1, so this is the gateway. You are correct with the DNS, however, your provider will assign you these addresses during PPP link negotiation and you will automatically import them into the DHCP configuration thanks to the import all command. If this does not work then certainly, your ISP uses a stable set of DNS servers. He should be able to tell you their exact addresses and then we can configure them statically in your DHCP configuration.

Test this configuration please and let me know if it worked. Thanks!

Best regards,

Peter

paltinis2 · ‎08-30-2011

Thank you for your answer, it clarify alot of things, but i still miss something. Here is my cfg:

Current configuration : 1423 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Paltinis
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$T/5A$rNrZUOri4.JHzFBb7vB.21
enable password admins
!
no aaa new-model
!
resource policy
!
ip subnet-zero
no ip routing

no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.0.1 192.168.0.10
!
ip dhcp pool LAN-Palt
import all
network 192.168.0.0 255.255.255.0
default-router 192.168.0.1
lease infinite
!
!
no ip cef
!
!
!
!
!
!
!
!
interface FastEthernet0
!
interface FastEthernet1
shutdown

!
interface FastEthernet2
shutdown
!
interface FastEthernet3
shutdown
!
interface FastEthernet4
no ip address
no ip route-cache
duplex auto
speed auto
pppoe enable
pppoe-client dial-pool-number 1
!
interface Vlan1
ip address 192.168.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly
no ip route-cache
ip tcp adjust-mss 1452
shutdown
!

interface Dialer0
ip address negotiated
ip mtu 1492
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication pap
ppp pap sent-username ************ password **************!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
no ip http server
no ip http secure-server
!
dialer-list 1 protocol ip permit
!
control-plane
!
!
line con 0
no modem enable
line aux 0

line vty 0 4
password admin
login
!
scheduler max-task-time 5000
end

The DHCP dosent work yet and the PPPoE eather dosent work.

Thank you

Peter Paluch · ‎08-30-2011

Hello,

Add the following lines to your configuration (i.e. simply copy&paste them into the global configuration mode that you call up using the configure terminal command)

ip routing

ip cef

!

interface Vlan1

no shutdown

ip route cache

ip route-cache cef

!

interface FastEthernet1

no shutdown

!

interface Fastethernet2

no shutdown

!

interface FastEthernet3

no shutdown

!

interface Dialer0

no ppp authentication pap

ip nat outside

!

access-list 1 permit 192.168.0.0 0.0.0.255

ip nat inside source list 1 interface Dialer0 overload

!

end

The errors in your configuration are:

You have deactivated the support for IP routing. You however need to perform the routing. This is brought back by the commands ip routing and ip cef
Your interfaces Fa1-Fa3 and Vlan1 were shut down. They are being activated.
Your Dialer0 required that the ISP authenticates to you. That direction of authentication is wrong. It is you who should authenticate to the ISP, not vice versa. Therefore, the no ppp authentication pap is issued on the Dialer0 interface to remove the offending command that requires the ISP to authenticate to you - and naturally, fail.
Your NAT configuration was not complete - you did not have the Dialer0 interface marked as outside interface. Also, an access list had to be defined that described the internal addresses to be translated, and a translation rule that tells the NAT how shall those internal address be NATted.

Please when pasting this configuration to your router, use the command line only. Avoid using SDM or CCP or any of that GUI stuff.

Best regards,

Peter

paltinis2 · ‎08-30-2011

Thank you again for your quick answer, I updated the new configuration, everything except "ip route cache" witch did not worked. This is the new config:

Current configuration : 1441 bytes

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Paltinis

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$T/5A$rNrZUOri4.JHzFBb7vB.21

enable password admins

!

no aaa new-model

!

resource policy

!

ip subnet-zero

no ip dhcp use vrf connected

ip dhcp excluded-address 192.168.0.1 192.168.0.10

!

ip dhcp pool LAN-Palt

import all

network 192.168.0.0 255.255.255.0

default-router 192.168.0.1

lease infinite

!

ip cef

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

!

interface FastEthernet4

no ip address

duplex auto

speed auto

pppoe enable

pppoe-client dial-pool-number 1

!

interface Vlan1

ip address 192.168.0.1 255.255.255.0

ip nat inside

ip virtual-reassembly

ip tcp adjust-mss 1452

!

interface Dialer0

ip address negotiated

ip mtu 1492

ip nat outside

ip virtual-reassembly

encapsulation ppp

dialer pool 1

dialer-group 1

ppp pap sent-username ************* password *************

!

ip classless

ip route 0.0.0.0 0.0.0.0 Dialer0

!

no ip http server

no ip http secure-server

ip nat inside source list 1 interface Dialer0 overload

!

access-list 1 permit 192.168.0.0 0.0.0.255

dialer-list 1 protocol ip permit

!

control-plane

!

line con 0

no modem enable

line aux 0

line vty 0 4

password admin

login

!

scheduler max-task-time 5000

end

Thank you

Peter Paluch · ‎08-30-2011

Hello,

The ip route-cache was put into my config only as a precaution - don't worry if it does not appear to have been accepted, it is okay.

Do you now have a working internet connection?

Best regards,

Peter

paltinis2 · ‎08-30-2011

Yes my internet conexion is working because now i use it (only with a diffrent router, Canyon) The curent router uses the same PPPoE connexion and such.

Thank you

paltinis2 · ‎08-30-2011

Could be that the router is broken....because is and old router, I will try to upload this config to another 831 router to see if it works.

Thanks

Peter Paluch · ‎08-30-2011

Hi,

Slow down. It won't bring us anywhere if you keep changing routers and hastily change the config. The problem deserves a systematic approach.

So put the 851 back and tell us exactly what does not work. Please do not comment the LEDs as they do not provide any sufficient diagnostic feedback at this moment.

Best regards,

Peter

paltinis2 · ‎08-30-2011

I found the command "debug ppp negotiation" to help me see where the problem is and this is what i found:

*May 27 13:09:50.467: %DIALER-6-BIND: Interface Vi1 bound to profile Di0

*May 27 13:09:50.467: Vi1 PPP: Phase is DOWN, Setup

*May 27 13:09:50.467: Vi1 PPP: Using dialer call direction

*May 27 13:09:50.467: Vi1 PPP: Treating connection as a callout

*May 27 13:09:50.467: Vi1 PPP: Session handle[20] Session id[0]

*May 27 13:09:50.467: Vi1 PPP: Phase is ESTABLISHING, Active Open

*May 27 13:09:50.467: Vi1 PPP: No remote authentication for call-out

*May 27 13:09:50.467: Vi1 LCP: O CONFREQ [Closed] id 1 len 10

*May 27 13:09:50.467: Vi1 LCP: MagicNumber 0x17C7A620 (0x050617C7A620)

*May 27 13:09:50.471: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state t

o up

*May 27 13:09:50.515: Vi1 LCP: I CONFREQ [REQsent] id 1 len 18

*May 27 13:09:50.515: Vi1 LCP: MRU 1492 (0x010405D4)

*May 27 13:09:50.515: Vi1 LCP: AuthProto PAP (0x0304C023)

*May 27 13:09:50.515: Vi1 LCP: MagicNumber 0xC1EA3FFA (0x0506C1EA3FFA)

*May 27 13:09:50.519: Vi1 LCP: O CONFNAK [REQsent] id 1 len 8

*May 27 13:09:50.519: Vi1 LCP: MRU 1500 (0x010405DC)

*May 27 13:09:50.519: Vi1 LCP: I CONFREQ [REQsent] id 2 len 14

*May 27 13:09:50.519: Vi1 LCP: AuthProto PAP (0x0304C023)

*May 27 13:09:50.519: Vi1 LCP: MagicNumber 0xC1EA3FFA (0x0506C1EA3FFA)

*May 27 13:09:50.519: Vi1 LCP: O CONFACK [REQsent] id 2 len 14

*May 27 13:09:50.519: Vi1 LCP: AuthProto PAP (0x0304C023)

*May 27 13:09:50.519: Vi1 LCP: MagicNumber 0xC1EA3FFA (0x0506C1EA3FFA)

*May 27 13:09:52.475: Vi1 LCP: TIMEout: State ACKsent

*May 27 13:09:52.475: Vi1 LCP: O CONFREQ [ACKsent] id 2 len 10

*May 27 13:09:52.475: Vi1 LCP: MagicNumber 0x17C7A620 (0x050617C7A620)

*May 27 13:09:52.475: Vi1 LCP: I CONFACK [ACKsent] id 2 len 10

*May 27 13:09:52.475: Vi1 LCP: MagicNumber 0x17C7A620 (0x050617C7A620)

*May 27 13:09:52.475: Vi1 LCP: State is Open

*May 27 13:09:52.475: Vi1 PPP: Phase is AUTHENTICATING, by the peer

*May 27 13:09:52.475: Vi1 PAP: Using hostname from interface PAP

*May 27 13:09:52.475: Vi1 PAP: Using password from interface PAP

*May 27 13:09:52.475: Vi1 PAP: O AUTH-REQ id 1 len 26 from "SB41475106"

*May 27 13:09:52.559: Vi1 PAP: I AUTH-ACK id 1 len 5

*May 27 13:09:52.559: Vi1 PPP: Phase is FORWARDING, Attempting Forward

*May 27 13:09:52.559: Vi1 PPP: Queue IPCP code[1] id[1]

*May 27 13:09:52.559: Vi1 PPP: Phase is ESTABLISHING, Finish LCP

*May 27 13:09:52.559: Vi1 PPP: Phase is UP

*May 27 13:09:52.559: Vi1 IPCP: O CONFREQ [Closed] id 1 len 10

*May 27 13:09:52.559: Vi1 IPCP: Address 0.0.0.0 (0x030600000000)

*May 27 13:09:52.563: Vi1 CDPCP: O CONFREQ [Closed] id 1 len 4

*May 27 13:09:52.563: Vi1 PPP: Process pending ncp packets

*May 27 13:09:52.563: Vi1 IPCP: Redirect packet to Vi1

*May 27 13:09:52.563: Vi1 IPCP: I CONFREQ [REQsent] id 1 len 10

*May 27 13:09:52.563: Vi1 IPCP: Address 10.0.0.1 (0x03060A000001)

*May 27 13:09:52.563: Vi1 IPCP: O CONFACK [REQsent] id 1 len 10

*May 27 13:09:52.563: Vi1 IPCP: Address 10.0.0.1 (0x03060A000001)

*May 27 13:09:52.563: Vi1 LCP: I PROTREJ [Open] id 3 len 10 protocol CDPCP (0x82

0701010004)

*May 27 13:09:52.563: Vi1 CDPCP: State is Closed

*May 27 13:09:52.563: Vi1 CDPCP: State is Listen

*May 27 13:09:52.563: Vi1 IPCP: I CONFNAK [ACKsent] id 1 len 10

*May 27 13:09:52.563: Vi1 IPCP: Address 188.24.197.50 (0x0306BC18C532)

*May 27 13:09:52.563: Vi1 IPCP: O CONFREQ [ACKsent] id 2 len 10

*May 27 13:09:52.563: Vi1 IPCP: Address 188.24.197.50 (0x0306BC18C532)

*May 27 13:09:52.567: Vi1 IPCP: I CONFACK [ACKsent] id 2 len 10

*May 27 13:09:52.567: Vi1 IPCP: Address 188.24.197.50 (0x0306BC18C532)

*May 27 13:09:52.567: Vi1 IPCP: State is Open

*May 27 13:09:52.567: Di0 IPCP: Install negotiated IP interface address ALOCATED IP

*May 27 13:09:52.571: Di0 IPCP: Install route to 10.0.0.1

*May 27 13:09:52.571: Vi1 IPCP: Add link info for cef entry 10.0.0.1

*May 27 13:09:53.559: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Ac

cess1, changed state to up

*May 27 13:10:30.475: Vi1 PPP: Outbound cdp packet dropped

*May 27 13:11:30.475: Vi1 PPP: Outbound cdp packet dropped

The ISP did gived me an IP witch I could ping from PC but when i tryed to ping Yahoo he gived me that he could not solve the host name. Could this be a DNS problem?

Thank you

Peter Paluch · ‎08-30-2011

Hello,

Yes, this definitely seems like a DNS problem. You have used a very correct debug option. This shows us that the ISP is not providing us with any automatically configured DNS servers.

Try adding the following lines to your config:

interface Dialer0

ppp ipcp dns request accept

You will also need to reestablish the PPPoE session. You can accomplish it by shutting down the Dialer0 interface using the shutdown command, waiting a couple of seconds (10 or more), and reactivating it again using the no shutdown command again. Keep the debug ppp negotiation active so that we can see if your router has acquired the DNS settings correctly from your ISP.

Then, on your PC, switch off and reactivate your network card to reacquite the IP settings from DHCP, and see if the names can now be translated to IP addresses on your PC.

Be sure to post your debug output if this does not work.

Best regards,

Peter

paltinis2 · ‎08-30-2011

IT IS WORKING!!!

Thank you ALOT Mr.Peter for your help and for the patience to help me I also post my running config for those who will have the same problem:

Current configuration : 1470 bytes

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Paltinis

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$T/5A$rNrZUOri4.JHzFBb7vB.21

enable password admins

!

no aaa new-model

!

resource policy

!

ip subnet-zero

no ip dhcp use vrf connected

ip dhcp excluded-address 192.168.0.1 192.168.0.10

!

ip dhcp pool LAN-Palt

import all

network 192.168.0.0 255.255.255.0

default-router 192.168.0.1

lease infinite

!

ip cef

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

!

interface FastEthernet4

no ip address

duplex auto

speed auto

pppoe enable

pppoe-client dial-pool-number 1

!

interface Vlan1

ip address 192.168.0.1 255.255.255.0

ip nat inside

ip virtual-reassembly

ip tcp adjust-mss 1452

!

interface Dialer0

ip address negotiated

ip mtu 1492

ip nat outside

ip virtual-reassembly

encapsulation ppp

dialer pool 1

dialer-group 1

ppp pap sent-username ************ password *************

ppp ipcp dns request accept

!

ip classless

ip route 0.0.0.0 0.0.0.0 Dialer0

!

no ip http server

no ip http secure-server

ip nat inside source list 1 interface Dialer0 overload

!

access-list 1 permit 192.168.0.0 0.0.0.255

dialer-list 1 protocol ip permit

!

control-plane

!

line con 0

no modem enable

line aux 0

line vty 0 4

password admin

login

!

scheduler max-task-time 5000

end

I mention that the enable password is admin (the encripted one)

I whould like to thank you again for all the help, now I will try to make sense in all the configuration and to understand how it works

Thank you

PS now the only message i receive from router is:

*May 27 13:02:30.487: Vi1 PPP: Outbound cdp packet dropped ---- is this from firewal?

Thank you

Peter Paluch · ‎08-30-2011

Hi,

I whould like to thank you again for all the help, now I will try to  make sense in all the configuration and to understand how it works

Certainly. Such a self study is very, very precious. Of course, you are welcome to ask on these forums as well.

PS now the only message i receive from router is:

*May 27 13:02:30.487: Vi1 PPP: Outbound cdp packet dropped ---- is this from firewal?

No. This message means that your router asked the ISP if they both can speak the Cisco Discovery Protocol, a Layer2 diagnostic and maintenance protocol, and the ISP refused.

You can avoid this message by adding a single line to your Dialer0 configuration:

interface Dialer0

no cdp enable

Best regards,

Peter

paltinis2 · ‎08-30-2011

Thank you again you do know ALOT about Cisco.

Thank you, I'm glade I found this forum

Best regards,

Adrian

Peter Paluch · ‎08-30-2011

Hello Adrian,

You are most welcome. There are many people around here on CSC far more knowledgeable than I am. The point is that it is almost certain that with any issue you might have, there will be somebody here on CSC who will be able to help you. This is exactly what these forums are for.

Thank you for your generous ratings, and please feel welcome to post your questions here anytime.

Best regards,

Peter