Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
14504
Views
10
Helpful
6
Replies

Profile 1 in inactive state in interface cellular 0 of router 887vag

Fernando.Martinez111
Level 1
Level 1

‎12-11-2017 09:35 AM - edited ‎03-05-2019 09:37 AM

I use the cellular interface 0 as a backup for my vpn. In the scenario in which I lose my primary link I need to redirect traffic through cellular 0.

Currently, profile 1 is in inactive state. I want to know if thats because it is not being used at the moment and if it will change to active state once the primary link goes down. Right now, we can not schedule a maintenance window to test the failure scenario since we are in holidays freeze.

Thanks for all your help
Kind regards

 

 

#show cellular 0 profile
Profile password Encryption level: 7

Profile 1 = INACTIVE* **
--------
PDP Type = IPv4
Access Point Name (APN) = internet.itelcel.com
Authentication = CHAP
Username: XXXXX
Password: XXXXXX

* - Default profile
** - LTE attach profile


Configured default profile for active SIM 0 is profile 1.

 

#show cellular 0 network
Current System Time = Thu Dec 7 15:45:55 2017
Current Service Status = Normal
Current Service = Packet switched
Current Roaming Status = Home
Network Selection Mode = Automatic
Network = TELCEL
Mobile Country Code (MCC) = 334
Mobile Network Code (MNC) = 20
Packet switch domain(PS) state = Attached
Location Area Code (LAC) = 12033
Cell ID = 198782803

 

#show cellular 0 connection
Profile 1, Packet Session Status = INACTIVE
Profile 2, Packet Session Status = INACTIVE

 

!
chat-script lte "" "AT!CALL" TIMEOUT 20 "OK"
!
!
controller Cellular 0
lte modem link-recovery rssi onset-threshold -110
lte modem link-recovery monitor-timer 20
lte modem link-recovery wait-timer 10
lte modem link-recovery debounce-count 6
!
track 10 interface Vlan28 ip routing
!
track 123 ip sla 1 reachability
!
ip tcp mss 1300
ip tcp synwait-time 10
!
crypto keyring dmvpnspokes
pre-shared-key address 0.0.0.0 0.0.0.0 key XXXXXX
!
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp invalid-spi-recovery
crypto isakmp keepalive 10
crypto isakmp profile DMVPN
keyring dmvpnspokes
match identity address 0.0.0.0
!
!
crypto ipsec transform-set DMVPN esp-3des esp-sha-hmac
mode transport
crypto ipsec df-bit clear
!
crypto ipsec profile DMVPN
set security-association lifetime seconds 120
set transform-set DMVPN
set isakmp-profile DMVPN
!
crypto ipsec profile DMVPN-2
set security-association lifetime seconds 120
set transform-set DMVPN
set isakmp-profile DMVPN
!
!
!
crypto call admission limit ike sa 25
!
!
interface Tunnel0
description "DMVPN"
bandwidth 500
ip address 10.2.2.144 255.255.254.0
no ip redirects
ip mtu 1400
ip nhrp authentication XXXXX
ip nhrp map multicast 201.144.45.125
ip nhrp map 10.2.2.254 201.144.45.125
ip nhrp network-id 100000
ip nhrp holdtime 360
ip nhrp nhs 10.2.2.254
ip nhrp registration no-unique
ip nhrp registration timeout 30
ip nhrp shortcut
ip nhrp redirect
ip tcp adjust-mss 1360
load-interval 30
delay 1000
tunnel source Vlan28
tunnel mode gre multipoint
tunnel key 100000
tunnel protection ipsec profile DMVPN
!
interface Tunnel1
description "DMVPN 3G"
ip address 10.1.0.144 255.255.254.0
no ip redirects
ip mtu 1400
ip hold-time eigrp 10 35
ip nhrp authentication XXXXX
ip nhrp map multicast 201.144.45.120
ip nhrp map 10.1.1.254 201.144.45.120
ip nhrp network-id 110000
ip nhrp holdtime 360
ip nhrp nhs 10.1.1.254
ip nhrp registration no-unique
ip nhrp registration timeout 30
ip nhrp shortcut
ip nhrp redirect
ip tcp adjust-mss 1360
load-interval 30
delay 2000
tunnel source Dialer1
tunnel mode gre multipoint
tunnel key 110000
tunnel protection ipsec profile DMVPN-2
!
interface Tunnel2
description "DMVPN Alpha.
ip address 10.2.0.144 255.255.254.0
no ip redirects
ip mtu 1400
ip nhrp authentication XXXXX
ip nhrp map 10.2.1.254 189.254.235.226
ip nhrp map multicast 189.254.235.226
ip nhrp network-id 120000
ip nhrp holdtime 360
ip nhrp nhs 10.2.1.254
ip nhrp registration no-unique
ip nhrp registration timeout 30
ip nhrp shortcut
ip tcp adjust-mss 1360
load-interval 30
delay 1500
shutdown
tunnel source Dialer0
tunnel mode gre multipoint
tunnel key 120000
!
!
interface Cellular0
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1470
ip flow ingress
ip nat outside
ip virtual-reassembly in
encapsulation slip
load-interval 60
dialer in-band
dialer string lte
dialer-group 1
async mode interactive
!
interface FastEthernet2
description WAN
switchport access vlan 28
no ip address
!
interface FastEthernet3
switchport access vlan 29
no ip address
!
!
interface Vlan28
description $ETH-WAN$
ip address 172.28.28.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly in
pppoe enable group global
pppoe-client dial-pool-number 2
!
interface Vlan29
ip address 172.29.183.1 255.255.255.224
ip access-group PCI-DSS out
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip flow egress
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1300
!
interface Dialer0
description $FW_OUTSIDE$
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1452
ip flow ingress
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 2
dialer-group 2
ppp authentication chap pap callin
ppp chap hostname webgprs
ppp chap password 7 XXXXXX
ppp pap sent-username webgprs password 7 XXXXXX
!
interface Dialer1
description $FW_OUTSIDE$
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1470
ip flow ingress
ip nat outside
ip inspect ios_fw_policy out
ip virtual-reassembly in
encapsulation ppp
load-interval 30
dialer pool 1
dialer idle-timeout 0
dialer string lte
dialer persistent
no ppp lcp fast-start
ppp chap hostname webgprs
ppp chap password 7 XXXXXX
ppp pap sent-username webgprs password 7 XXXXXX
ppp ipcp dns request
!
!
router eigrp 10
network 10.1.0.0 0.0.1.255
network 10.2.2.0 0.0.1.255
network 192.168.174.32 0.0.0.31
eigrp router-id 192.168.174.33
eigrp stub connected summary
!
router bgp 65000
bgp log-neighbor-changes
network 1.2.3.0 mask 255.255.255.0
neighbor 10.204.32.7 remote-as 65000
neighbor 10.204.32.7 update-source Dialer1
!
ip local policy route-map sla
ip default-gateway 172.28.28.254
!
ip nat inside source route-map 3g-red interface Dialer1 overload
ip nat inside source route-map Infinitum interface Vlan28 overload
ip route 0.0.0.0 0.0.0.0 172.28.28.254 track 10
ip route 0.0.0.0 0.0.0.0 Dialer1 254
ip ssh time-out 30
ip ssh version 2
!
!
!
line con 0
no modem enable
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
stopbits 1
line 3
exec-timeout 0 0
script dialer lte
modem InOut
no exec
line 8
no exec
line vty 0 4
transport input ssh
!
scheduler allocate 20000 1000
event manager applet RouterReload
event syslog pattern "%LINEPROTO-5-UPDOWN: Line protocol on Interface Cellular0, changed state to up" period 120
action .5 cli command "enable"
action 1.0 cli command "cellular 0 lte plmn search"
!
end

Labels:
0 Helpful
6 Replies 6

Georg Pauwen
VIP
VIP

‎12-11-2017 11:11 AM

Hello,

 

it is inactive because it is not being used. That said, testing is obviously necessary. The config looks ok as far as I can tell.

Also, I would implement the EEM script below to clear the NAT translations in case of failover:

 

event manager applet CLEAR_NAT_PRIMARY_DOWN
event track 10 state down
action 1.0 cli command "enable"
action 1.1 cli command "clear ip nat translation forced"

 

event manager applet CLEAR_NAT_PRIMARY_UP
event track 10 state up
action 1.0 cli command "enable"
action 1.1 cli command "clear ip nat translation forced"

Fernando.Martinez111
Level 1
Level 1
In response to Georg Pauwen

‎12-27-2017 08:22 AM - edited ‎12-27-2017 08:23 AM

Thanks for the support

We did tests and apparently the problem was that in the place where it was located there was no 4G LTE and we had to force it to connect to a GSM network.

This solved the problem and the profile changed to active status

0 Helpful

sherif.altawil
Level 1
Level 1
In response to Fernando.Martinez111

‎06-20-2019 12:27 AM

@Fernando.Martinez111 

Hi, could you please provide the config, how to force cellular interface to use GSM, 3G or 4G ?

0 Helpful

Fernando.Martinez111
Level 1
Level 1
In response to sherif.altawil

‎06-20-2019 07:37 AM

I dont remember the config exactly, but i used this link and this event config:

 

https://www.cisco.com/c/en/us/td/docs/routers/access/interfaces/software/feature/guide/ehwic-4g-ltesw-book.html

 

event manager applet RouterReload
event syslog pattern "%LINEPROTO-5-UPDOWN: Line protocol on Interface Cellular0, changed state to up" period 120
action .5 cli command "enable"
action 1.0 cli command "cellular 0 lte plmn select manual 334 20 gsm power-cycle"

0 Helpful

Wizard7323
Level 1
Level 1
In response to Fernando.Martinez111

‎12-10-2019 12:19 AM

Cisco 899G-LTE only has LTE and UMTS

0 Helpful

Wizard7323
Level 1
Level 1
In response to Georg Pauwen

‎12-10-2019 12:17 AM

What do you mean it's not being used? Obviously SIM is inserted and working. The profile remains inactive and will not kick in when the primary link goes off.

Experiencing similar issues with Cisco 899G-LTE

0 Helpful
Customers Also Viewed These Support Documents