Solved: Re: Routing issue c1841 and bridged modem

toneydial · ‎04-19-2020

Hi all,

I'm looking for help resolving a routing issue when making a configuration change to a working router. Currently the router works well using an ADSL HWIC, with the LAN on fa0/1 and no connection to fa0/0.

To take advantage of a faster connection, I'm attempting to use an external bridged modem on fa0/0, with the intent to upgrade to VDSL service. Ideally, the C1841 will continue to perform NAT and hold the PPPoE credentials.

When using the external modem, the ATM interfaces are placed in shutdown, and fa0/0 is placed in service. I'm able to authenticate PPPoE as usual, but unable to route via browser either by DNS lookup or entered IP. I can ping from a PC, but NSLOOKUP fails multiple DNS servers and tracert dies at the 1841 router. I tried using an extended named ACL with no change.

NAME: "chassis", DESCR: "1841 chassis"

PID: CISCO1841 , VID: V05 , SN:

NAME: "WIC 1", DESCR: "ADSL over POTS"

PID: HWIC-1ADSL , VID: V01 , SN:

Router#sh flash

-#- --length-- -----date/time------ path

1 25645308 Jan 12 2019 01:57:10 c1841-broadband-mz.124-24.T3.bin

Current configuration : 2629 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Router

!

boot-start-marker

boot-end-marker

!

logging message-counter syslog

enable secret 5 xxxxxxxxxxxxxxxxxxxx

!

no aaa new-model

clock timezone CST -6

ip source-route

!

ip cef

ip name-server 208.67.220.220

ip name-server 208.67.222.222

multilink bundle-name authenticated

vpdn enable

!

vpdn-group 1

request-dialin

protocol pppoe

!

vtp mode transparent

username xxxx secret 5 xxxxxxxxxxxxxxxxxx

archive

log config

hidekeys

!

interface FastEthernet0/0

description WAN

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

shutdown

duplex auto

speed auto

pppoe enable

pppoe-client dial-pool-number 1

no cdp enable

!

interface FastEthernet0/1

description LAN

no ip address

ip tcp adjust-mss 1452

duplex auto

speed auto

!

interface FastEthernet0/1.10

description Management

encapsulation dot1Q 10

ip address 10.1.10.1 255.255.255.0

!

interface FastEthernet0/1.20

description Wireless

encapsulation dot1Q 20

ip address 10.1.20.1 255.255.255.0

ip nat inside

no ip virtual-reassembly

ip tcp adjust-mss 1452

!

interface FastEthernet0/1.100

description 1st Floor

encapsulation dot1Q 100

ip address 10.1.100.1 255.255.255.0

ip nat inside

no ip virtual-reassembly

ip tcp adjust-mss 1452

!

interface FastEthernet0/1.200

description 2nd Floor

encapsulation dot1Q 200

ip address 10.1.200.1 255.255.255.0

ip nat inside

no ip virtual-reassembly

ip tcp adjust-mss 1452

!

interface ATM0/1/0

description ADSL WIC

no ip address

no atm ilmi-keepalive

bundle-enable

hold-queue 224 in

!

interface ATM0/1/0.1 point-to-point

description WIC ATM sub-interface

pvc 0/35

pppoe-client dial-pool-number 1

!

interface Dialer1

ip address negotiated

ip mtu 1492

ip nat outside

no ip virtual-reassembly

encapsulation ppp

ip tcp adjust-mss 1452

dialer pool 1

dialer-group 1

no cdp enable

ppp authentication pap callin

ppp pap sent-username xxxxxxx password 0 xxxxxxxxxx

ppp ipcp dns request accept

ppp ipcp route default

ppp ipcp address accept

!

ip forward-protocol nd

!

no ip http server

ip nat inside source list 1 interface Dialer1 overload

ip nat inside source static tcp 10.1.20.251 25565 interface Dialer1 25565

!

logging history size 30

access-list 1 deny 10.1.10.0 0.0.0.255

access-list 1 permit any

dialer-list 1 protocol ip permit

!

control-plane

toneydial · ‎04-21-2020

Thanks for the replies!

The issue has been identified as a change in the ISP's processes.

Six months, or so, back, the ISP instituted a new process by which the PPPoE credentials are attached to the hardware address of the DSL modem in a back-end system. This prevents the user from swapping equipment at free-will: when the credentials are used with a 'new' modem, URL requests are redirected to a 'walled-garden' where the user can enter information about their account to permit the use of the new modem with the credentials.

The reason I was never redirected to the walled-garden page was the use of 3rd party DNS servers - if anything other than the ISP's DNS servers are used, the page hangs and eventually times out.

I was able to test and verify the problem by using a laptop with the bridged modem and setting up a PPPoE connection on the laptop.

It should be stated that my ISP discourages the use of 3rd party DNS servers, bridged-modems and non-ISP equipment - it would seem that these may have been a consideration when instituting this new process.

View solution in original post

Francesco Molino · ‎04-19-2020

Hi

Your atm and fa0/0 are part of the sand dialer interface. You can configure the fa0/0 to dialer 2 to make sure the atm stays up.

When switching to fa0/0, can you share the output of sh ip int brie | ex unas and sho ip route commands please?

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Vishnu Vardhan S · ‎04-19-2020

Try configuring fa0/0 in dialer 2 and check if that works.

Please do not hesitate to click the STAR button if you are satisfied with my answer.

toneydial · ‎04-21-2020

Thanks for the replies!

The issue has been identified as a change in the ISP's processes.

Six months, or so, back, the ISP instituted a new process by which the PPPoE credentials are attached to the hardware address of the DSL modem in a back-end system. This prevents the user from swapping equipment at free-will: when the credentials are used with a 'new' modem, URL requests are redirected to a 'walled-garden' where the user can enter information about their account to permit the use of the new modem with the credentials.

The reason I was never redirected to the walled-garden page was the use of 3rd party DNS servers - if anything other than the ISP's DNS servers are used, the page hangs and eventually times out.

I was able to test and verify the problem by using a laptop with the bridged modem and setting up a PPPoE connection on the laptop.

It should be stated that my ISP discourages the use of 3rd party DNS servers, bridged-modems and non-ISP equipment - it would seem that these may have been a consideration when instituting this new process.