cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1718
Views
5
Helpful
12
Replies

ISR 892SFP

Bernardo_c
Level 1
Level 1

Hi ! Someone can give me some hints about configuration of this ISR? I have a 1905 working fine in my internet using PPPoE and since this 892 have two WAN interfaces I'm thinking to use it as link fail over, but even in a single link I can't configure it !

I'm tried to create interface Dialer for PPPoE in the Gig0 or Gig9 and don't work. Also in the lan, DHCP server only on VLAN1 interface..it's a different behaviour compared with my 1800/1905 router.

Where can I learn the differences / "modus operandi" of this router?

Any help are appreciated

Bernardo

2 Accepted Solutions

Accepted Solutions

Hello,

 

glad that you got it resolved.

 

The virtual access interface is part of the PPPoE client session. Check the link below (item 4) for an explanation.

 

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/bbdsl/configuration/xe-16-6/bba-xe-16-6-book/bba-pppoe-client-xe.html

 

 

 

View solution in original post

Tks seems it's a new feature. The old 1800/1900 routers don't have it..



I have two PPPoE links, I will configure the second interface and will try link failover ;0) as next challenge!



Bernardo


View solution in original post

12 Replies 12

Hello,

 

post the running configuration (sh run) of the router, so we can fill in the (missing) bits and pieces...

Bernardo_c
Level 1
Level 1
Hi Georg, tks for your reply:



I have an Cisco 1905 now, using this script in my home:



version 15.0

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname Bernardo

!

boot-start-marker

boot-end-marker

!



!

no aaa new-model

!

no ipv6 cef

ip source-route

ip cef

!

!

no ip dhcp use vrf connected

!

ip dhcp pool LAN

network 172.16.18.0 255.255.255.0

default-router 172.16.18.1

dns-server 8.8.8.8 8.8.4.4

!

!

ip domain name Wirelesstech.biz

ip name-server 8.8.8.8

ip name-server 8.8.4.4

ip ddns update method NOIP

HTTP

add http://charnisb:aaaaaaa@dynupdate.no-ip.com/nic/updatehostname=&myip=

interval minimum 0 0 5 0

!

multilink bundle-name authenticated

!

vpdn enable

!

vpdn-group 1

request-dialin

protocol l2tp

!

!

!

license udi pid CISCO1905/K9 sn FTX162184N1

!

!



!

interface GigabitEthernet0/0

description INTERFACE CONEXAO LAN

ip address 172.16.18.1 255.2...
















































































































































Hello,

 

sorry for the confusion: what I meant was: post the running configuration (sh run) of your 892SFP router...

Georg, I cleared all the configurations on the 892SFP. I'm not copying again the 1905 script to the 892SFP. See the environment:



ADSL2+ Modem (PPPoE) directly connected to the interface G9 of the 892.

My notebook (LAN) directly connected to the interface G0 of the 892.



See the ShRun of 892SFP:

There's some errors in the middle or the print since the router it's up and connected to the ADSL Modem - see was created Virtual-Access2





892-Bernardo#sh run

Building configuration...



Current configuration : 3027 bytes

!

! Last configuration change at 19:10:22 UTC Mon Apr 5 2021

!

version 15.5

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname 892-Bernardo

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

ethernet lmi ce

!

!

no ip dhcp use vrf connected

!

ip dhcp pool LAN

network 172.16.18.0 255.255.255.0

default-router 172.16.18.1

dns-server 8.8.8.8 8.8.4.4

!

!

ip domain name Wirelesstech.biz

ip name-server 8.8.8.8

ip name-server 8.8.4.4

ip ddns update method NOIP

HTTP

add http://charnisb:aaaaaa@dynupdate.no-ip.com/nic/updatehostname=&myip=

interval minimum 0 0 5 0

!

ip cef

no ipv6 cef

!

!

multilink bundle-name authenticated

vpdn enable

!

vpdn-group 1

request-dialin

protocol l2tp

!

!

license udi pid C892FSP-K9 sn FJC2206L10E

!

!

interface GigabitEthernet0

description INTERFACE CONEXAO MODEM ADSL

no ip add...
































































































































































































































Hello,

 

I am not sure what the issue is...the configurations you post are truncated and incomplete. If posting the full running config here does not work, save the output of 'sh run' to a text file, and add that text file as an attachment...

Georg, thanks for your patience!



Let's go back to my first question. Since my need it's quite simple, ignore the script since may be wrong - I'm beginner - and help me to configure from zero.



I need only two things: In the Gig0 - LAN with DHCP Server and in the interface Gig9 - WAN with PPPoE and of course the ACL and NAT as usual. I did it on my 1905 (I'm using it now) but seems the same script don't work on the 892SFP. If you wish I can provide an unattended remote access using a local PC.



Bernard


Hello,

 

I am not sure I understand what your topology is supposed to look like. Either way, try the config below. I think the WAN interface is GigabitEthernet0, though:

 

no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname 892SFP
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$g4y5$NxDeM.0hON6YA51bcfGvN1
enable password ciscocisco
!
no aaa new-model
!
ip routing
ip cef
!
ip dhcp excluded-address 192.168.1.1
!
ip dhcp pool LAN
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 8.8.8.8 4.2.2.2
!
interface GigabitEthernet0
no ip address
ip nat outside
pppoe enable group global
pppoe-client dial-pool-number 1
!
interface Vlan1
ip address 192.168.1.1 255.255.255.0
ip nat inside
!
interface Dialer 1
ip address negotiated
ip nat outside
ip mtu 1492
encapsulation ppp
dialer pool 1
dialer-group 1
!
dialer-list 1 protocol ip permit
!
ip nat inside source list 1 interface Dialer 1 overload
!
ip classless
!
ip route 0.0.0.0 0.0.0.0 Dialer1
!
access-list 1 permit 192.168.1.0 0.0.0.255
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
no modem enable
line aux 0
line vty 0 4
password cisco
login
transport input telnet ssh
!
end

It's missing the line with PPP authentication.

The WAN interface it's G9 (it's defined by the hardware, G8 and G9 as WAN) and G0-G7 (LAN - in a small 8-port switch)



I added the PPPoE authentication lines, and changed the WAN to G9 inteface.



The DHCP it's ok (as I made first, using the VLAN1 interface, not G0)

The PPPoE dialer are not ok, showing this error :



*Apr 6 00:17:47.091: %DIALER-6-BIND: Interface Vi2 bound to profile Di1

*Apr 6 00:17:47.095: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up

*Apr 6 00:17:50.375: %DIALER-6-UNBIND: Interface Vi2 unbound from profile Di1

*Apr 6 00:17:50.379: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to down

*Apr 6 00:18:12.439: %DIALER-6-BIND: Interface Vi2 bound to profile Di1

*Apr 6 00:18:12.443: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up

*Apr 6 00:18:15.695: %DIALER-6-UNBIND: Interface Vi2 unbound from profile Di1

*Apr 6 00:18:15.699: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to down

*Apr 6 00:18:37.783: %DIALER-6-BIND: Interface Vi2 bound to profile Di1

*Apr 6 00:18:37.791: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up

*Apr 6 00:18:41.251: %DIALER-6-UNBIND: Interface Vi2 unbound from profile Di1

*Apr 6 00:18:41.255: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to down









Show Run as below:





no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname 892SFP

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$g4y5$NxDeM.0hON6YA51bcfGvN1

enable password ciscocisco

!

no aaa new-model

!

ip routing

ip cef

!

ip dhcp excluded-address 192.168.1.1

!

ip dhcp pool LAN

network 192.168.1.0 255.255.255.0

default-router 192.168.1.1

dns-server 8.8.8.8 4.2.2.2

!

interface GigabitEthernet9

no ip address

ip nat outside

pppoe enable group global

pppoe-client dial-pool-number 1

!

interface Vlan1

ip address 192.168.1.1 255.255.255.0

ip nat inside

!

interface Dialer 1

ip address negotiated

ip nat outside

ip mtu 1492

encapsulation ppp

dialer pool 1

dialer-group 1

ppp authentication chap pap callin

ppp chap hostname guest@guest

ppp chap password guest

ppp pap sent-username guest@guest password guest

dialer-list 1 protocol ip permit

!

ip nat inside source list 1 interface Dialer 1 overload

!

ip classless

!

ip route 0.0.0.0 0.0.0.0 Dialer1

!

access-list 1 permit 192.168.1.0 0.0.0.255

!

no ip http server

no ip http secure-server

!

control-plane

!

line con 0

no modem enable

line aux 0

line vty 0 4

password cisco

login

transport input telnet ssh

!

end


Hello,

 

try the config below, if that still does not work, tun

 

no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname 892SFP
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$g4y5$NxDeM.0hON6YA51bcfGvN1
enable password ciscocisco
!
no aaa new-model
!
ip routing
ip cef
!
ip dhcp excluded-address 192.168.1.1
!
ip dhcp pool LAN
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 8.8.8.8 4.2.2.2
!
interface GigabitEthernet9
no ip address
ip nat outside
pppoe enable group global
pppoe-client dial-pool-number 1
!
interface Vlan1
ip address 192.168.1.1 255.255.255.0
ip nat inside
!
interface Dialer 1
ip address negotiated
ip nat outside
ip mtu 1492
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname guest@guest
ppp chap password guest
ppp pap sent-username guest@guest password guest
--> ppp ipcp route default
--> ppp ipcp dns request
--> ppp ipcp address accept
!
dialer-list 1 protocol ip permit
!
ip nat inside source list 1 interface Dialer 1 overload
!
ip classless
!
access-list 1 permit 192.168.1.0 0.0.0.255
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
no modem enable
line aux 0
line vty 0 4
password cisco
login
transport input telnet ssh
!
end

Bernardo_c
Level 1
Level 1

Hi Georg!

The dialer error was solved. I used debug ppp negotiating and discovered that's username error. The ISP changed it removing the @guest

Now, the PPPoE it's ok but I still not understand what is the Virtual-Access1 and Virtual-Access2 created .

I need to learn more about this 892SFP IOS - it's quite different than the 1800/1900/2600 series

Thanks for your patience and help !!!

I may close this topic for now.

Hello,

 

glad that you got it resolved.

 

The virtual access interface is part of the PPPoE client session. Check the link below (item 4) for an explanation.

 

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/bbdsl/configuration/xe-16-6/bba-xe-16-6-book/bba-pppoe-client-xe.html

 

 

 

Tks seems it's a new feature. The old 1800/1900 routers don't have it..



I have two PPPoE links, I will configure the second interface and will try link failover ;0) as next challenge!



Bernardo


Review Cisco Networking for a $25 gift card