cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1821
Views
0
Helpful
20
Replies

Really need 3G help

dhopper82
Level 1
Level 1

I am working on an issue with 3G where the connection drops periodically over an IPSEC tunnel. The signal in the area is strong but when this happens the ip address of the 3G card drops and has to be renegotiated. Verizon, the provider says that a possibility could be that the verizon network is seeing our private network (10.X.X.X) and dropping our connection. I don't know how accurate this is because we are not doing any split tunneling or NAT anywhere. However, I am willing to try anything to resolve this. I was told that there may be stateful commands to put in the router to make sure Verizon doesn't see the private network. Any Ideas as to what these might be?

Here are my cellular interface commands...

interface Cellular0/2/0

ip address negotiated

ip access-group inbound in

ip access-group outbound out

ip virtual-reassembly

encapsulation ppp

dialer in-band

dialer idle-timeout 100000 either

dialer string cdma

dialer-group 1

async mode interactive

ppp authentication chap callin

ppp chap hostname 1112223333@vzw3g.com

ppp chap password 7 4682jj

crypto map ipsectunnel

!

Again, any help would be greatly appreciated.

20 Replies 20

That's a very interesting paper RT. Thanks!

Sorry that wasn't any help for you, but now that I've removed ip virtual-reassembly from all interfaces, the connection has been rock solid, even with less than optimal signal. I've only got 2-3 bars at my desk. I'm taking it home with me this weekend to see how it performs in the sticks.

I'm strictly using VPN, so there's no way for the carrier to see any RFC 1918 addresses; only the ISAKMP and IPSEC between the endpoints of the tunnel are hitting the carrier network.

I do believe the IP V-R wasn't helping anything.

I've tried all these solutions and nothing is working. I'm beginning to be convinced that IPSEC and Vorizen 3G aren't that compatable. Does anybody have a good article on setting up GRE? I have a 2811 with advanced security I can set up here since I've only got 10 sites connected 3G.

This article is extensive but should have all the info you need.

http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/P2P_GRE_IPSec/2_p2pGRE_Phase2_external_docbase_0900e4b180a3efee_4container_external_docbase_0900e4b180ad8740.html

The 2811 with Advanced Security is good for what you want to do and is capable of making these type of connections

dhopper82
Level 1
Level 1

Just an update to this situation for anyone who may be experiencing the same issues. I talked with the Verizon network and they said that the line is experiencing an IP Source Violation. I am going to be setting up a monitor with them tonight to see if the IP in issue will show itself. If I get a fix on this I will post it.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: