Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
752
Views
0
Helpful
5
Replies

pppoe configuration problem

CSCO10825585
Level 1
Level 1

‎12-31-2006 08:20 AM - edited ‎03-03-2019 03:12 PM

Hello!

I have this configuration in my Cisco827.

I have managed to go out to Internet to some pages but it does not go out for great others.

If I remove the access list 1 does not go out at all.

In what interface is this access list applied?

It can be a problem of safety or of mtu ...?

Thanks.

version 12.2

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Router

!

!

ip subnet-zero

!

vpdn enable

!

vpdn-group pppoe

request-dialin

protocol pppoe

!

!

!

!

interface Ethernet0

ip address 192.168.1.1 255.255.255.0

ip nat inside

hold-queue 100 out

!

interface ATM0

no ip address

no atm ilmi-keepalive

bundle-enable

dsl operating-mode auto

hold-queue 224 in

!

interface ATM0.1 point-to-point

pvc 8/32

pppoe-client dial-pool-number 1

!

!

interface Dialer1

ip address negotiated

ip mtu 1492

ip nat outside

encapsulation ppp

dialer pool 1

ppp chap hostname adslppp@telefonicanetpa

ppp chap password 0 adslppp

!

ip nat inside source list 1 interface Dialer1 overload

ip classless

ip route 0.0.0.0 0.0.0.0 Dialer1

no ip http server

ip pim bidir-enable

!

!

access-list 1 permit 192.168.1.0 0.0.0.255

access-list 1 deny any

!

!

line con 0

password indartsu99

stopbits 1

line vty 0

access-class 1 in

exec-timeout 120 0

password xxx

login

line vty 1 4

password xxx

login

!

scheduler max-task-time 5000

end

Javier Calleja.

Labels:
0 Helpful
5 Replies 5

stephen.stack
Level 4
Level 4

‎12-31-2006 08:43 AM

HI Javier,

Just wondering if you have a proplem displaying webpages like Hotmail.com.

Try adding the following command under ethernet0

ip tcp adjust-mss 1452

This should fix your issue. If this helps.. please rate post.

PS you may want to remove your passwords from yuor config before posting it on a public forum. (just a tip :) )

Thanks

Stephen

========================== http://www.rconfig.com A free, open source network device configuration management tool, customizable to your needs! - Always vote on an answer if you found it helpful
0 Helpful

CSCO10825585
Level 1
Level 1
In response to stephen.stack

‎12-31-2006 09:20 AM

Hello Stephen!

Thanks for your recommendations.

The router works perfectly with your solution.

The message " dynamic configuration problem " I have answered it after creating this one since I have not seen it.

On the other hand I have a doubt, and have learned that in order that an access list should be executed it is necessary to put in the interface access-group and n ?.

Is not it necessary to do it?..

Thanks for everything.

Happy new year.

Javier Calleja.

0 Helpful

stephen.stack
Level 4
Level 4
In response to CSCO10825585

‎12-31-2006 10:21 AM

Hi Javier,

I just noticed the duplicate post too. We'll stick with this thread.

Glad to hear it fixed the issue. It is a very common issue with DSL and Cisco routers.

In relation to the last part of you message...

If you are talking about access-list 1, this access-list is realted to the NAT statment.

--------

!

ip nat inside source list 1 interface Dialer1 overload

!

access-list 1 permit 192.168.1.0 0.0.0.255

access-list 1 deny any

--------

'Source List 1' Refers to access-ist 1. This access-list tells NAT which IP address range is allowed to partake in NAT translations.

Access-lists do not always have to be bound to interfaces. In fact they are bound more to routing policies, QOS statements, and the likes more than restrictions for traffic on interfaces.

One more tip for you. Install SDM on your PC and setup and configure the Cisco IOS firewall for security.

Have a happy new year.

Don't forget to rate posts :)

Thanks

Stephen

========================== http://www.rconfig.com A free, open source network device configuration management tool, customizable to your needs! - Always vote on an answer if you found it helpful
0 Helpful

CSCO10825585
Level 1
Level 1
In response to stephen.stack

‎01-01-2007 10:16 AM

Hello Stephen!

I?m afraid that I cannot install the SDM because I have a cisco 800 series (827).

Can i use extended access list with Nat as the standard?

0 Helpful

stephen.stack
Level 4
Level 4
In response to CSCO10825585

‎01-01-2007 10:49 AM

You can use an extended Access-list.

Cisco SDM (Security Device Manager) will work with the Cisco 827. you can download it from here

http://www.cisco.com/en/US/products/sw/secursw/ps5318/index.html

and just click on the 'download software' link on the right side of the page. install it on your PC only. and get it talking to your 827.

Regards

Stephen

========================== http://www.rconfig.com A free, open source network device configuration management tool, customizable to your needs! - Always vote on an answer if you found it helpful
0 Helpful
Customers Also Viewed These Support Documents