cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4271
Views
0
Helpful
2
Replies

Problem connecting C1111-4P router to ISP

Dear Cisco Community,

 

I‘m working in a small business and where we just replaced our old IT infrastructure with newer and faster devices from cisco (namely a router (C1111-4P) and a switch) and I naively accepted to setting the system up yet I’m having a small problem that I hope you might be able o help me.

 

My Problem is a not working connection between our router and our ISP. (The routing within our network including multiple vlans is working fine, router and switch are already configured and working properly.)

 

As for our hardware setup; our Internet connection (ADSL) essentially goes into an ADSL-Modem and from there on goes into our Router. To write you this Message, I used another router from Asus (Model name: RT-N12EC1) and connected the outgoing Cable from the Modem to its WAN Port. The WAN configurations on the Asus router are fairly simple. All selections that I made were: “WAN-Connection type” : “PPPoE” and “PPP username & Password” : Username and Password given by ISP . Besides that there are some default configurations that I haven’t touched (NAT activated, WAN-IP automatic, UpnP activated, Internet Detection: PPP Echo). This Asus router wasn’t provided by our ISP, I use it just to test the Internet connection, which is working fine by the way, so my problem doesn’t seem to lie here.

 

Going on to the Cisco Router, I first tried to configure the Router via the serial connection using some suggested configurations that I found online. I tried multiple different configurations without fully understanding them so my Problem will likely be a result of these initial attempts to setting up the internet connection.

Eventually, I switched to the WEB-UI (Version: 16.9.1) which I found quite convenient for a non professional like myself.

When plugging in the Internet cable from the Modem, the “Operational Status” of the Adapter becomes green (in the serial interface it also states the the “Line Protocol is up”), yet no IP is assigned.

Screenshot from 2018-11-23 09-07-58.png

 

When clicking on the WAN-Port (GigabitEthernet0/0/1 in our case), another window opens to configuring the connection as seen below.

 

There, I enable PPPoE, select IPv4 (the Asus router also had only a IPv4 WAN-Address) and enter my username and my password (just as on the Asus router). I wasn’t sure whether I should select “PAP”, “CHAP” or both so I tried all 3 variants but none of them worked.

I also noticed that when selecting “Configure as LAN of WAN: WAN”, the WEBUI seems to automatically create a logical “Dialer 1” interface. So there seems to already be some automation working for the user.

 Screenshot from 2018-11-23 09-08-18.png

 

Screenshot from 2018-11-23 09-08-29.png

 

For completeness, here is the relevant part (I think) from the “running-configuration” when selecting only “PAP” as connection type:

 

!

subscriber templating

multilink bundle-name authenticated

vpdn enable

!

vpdn-group 1

request-dialin

protocol pppoe

!

!

interface GigabitEthernet0/0/1

description DSL

no ip address

ip mtu 1492

ip nat outside

ip tcp adjust-mss 1412

negotiation auto

pppoe enable group global

pppoe-client dial-pool-number 1

!

interface GigabitEthernet0/0/1.1

encapsulation dot1Q 1 native

ip address 192.168.1.254 255.255.255.0

!

!

interface Vlan1

no ip address

!

interface Dialer1

ip address negotiated

ip nat outside

encapsulation ppp

ip tcp adjust-mss 1412

dialer pool 1

dialer idle-timeout 0

dialer persistent

dialer-group 1

ppp mtu adaptive

ppp authentication pap callin

ppp pap sent-username ar3330410844 password 0 ruqs9fpb

ppp ipcp dns request

!

ip nat inside source route-map track-primary-if interface Dialer1 overload

ip nat inside source list allow-nat interface GigabitEthernet0/0/1 overload

ip forward-protocol nd

ip http server

ip http authentication aaa

ip http secure-server

ip http tls-version TLSv1.0

ip route 0.0.0.0 0.0.0.0 192.168.1.1

ip route 0.0.0.0 0.0.0.0 Dialer1

ip ssh version 2

!

!

ip access-list extended allow-nat

permit ip any any

!

dialer-list 1 protocol ip permit

!

!

route-map track-primary-if permit 1

match ip address 197

set interface GigabitEthernet0/0/1 Dialer1

!

 

I don't know if this is the right place to ask this kind of question.

I'm also well aware that it would be smarter to hire a professional to help setting up our system but sadly this is not possible right know.

Does anyone have a suggestion what I might try to get the internet connection working?

As I mention before, there might be some configurations from previous attempts which cause the internet connection to fail. E.g. I don’t know if the “vpdn-group” is necessary and if not, how to delete it.

Is there a way to reset a specific Port ( 0/0/0 in this case), the Dialer and the dialer-group, without resetting the entire router?

(This would help me to test different configurations without having to worry that previous configurations interfere with my current one.

 

In any case I would like to thank you in advance for your time even if you cannot help me with my problem.

 

regards

Tobias

2 Replies 2

Hello,

 

your configuration would be fine if:

 

1. you would not use the ADSL modem at all, but connect the Cisco directly to the ISP line

2. you would put the ADSL modem in bridge mode (which model do you have ?)

 

As it is now, all your NAT and PPP will be done on the ADSL, so your configuration can be greatly simplified to the one below, which basically makes your router another LAN client, and performs what is called double NAT (NAT on your router and then NAT on the ADSL modem):

 

interface GigabitEthernet0/0/1
description DSL
ip address dhcp
ip mtu 1492
ip nat outside

ip tcp adjust-mss 1412
!
interface GigabitEthernet0/0/1.1
encapsulation dot1Q 1 native
ip address 192.168.1.254 255.255.255.0

ip nat inside
!
ip nat inside source list 1 interface GigabitEthernet0/0/1 overload
!
ip forward-protocol nd
ip http server
ip http authentication aaa
ip http secure-server
ip http tls-version TLSv1.0
!
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0/1 dhcp
!
access-list 1 permit 192.168.1.0

ip ssh version 2

First of all, thank you for your help!

Sadly tho, wasn't able to connect the router to the Internet yet.


1.
Not using the ADSL Modem and connecting the Cisco router directly to the ISP did not work. When doing so, in the webui it states that the "operational status" of the port is down, the optical lights of the port are off and in the serial terminal it also states that the "line protocol" is off.

I'd like to mention that in an official prospect from Cisco (Link: https://www.cisco.com/c/en/us/products/collateral/routers/1000-series-integrated-services-routers-isr/datasheet-c78-739512.pdf , page 8/22) it says that for our Model , the C1111-4P, the ADSL2 module would be Not Available. So I'm not sure if this would work anyway.


2.
Our Modem is a little bit older, it's an "Arcor-DSL Speed-Modem 200". I wasn't able to get a data sheet for it but from some older posts I found out that it is apparently unmanaged, and I believe that it doesn't have an IP address or any configurations that can be changed.

While experimenting with our other router, I also didn't find any feature that the modem has or does with the ISP line. The internet access and IP negotiation seems to be done exclusively on the router. When selecting something different that the automated PPPoE option (with username and password), there was no IP assigned to the Router.


A new problem I encountered is that even when connecting the cisco Router to our other router and change the adapters IP to DHCP, it still doesn't assign an IP to the Port and a computer connected to the cisco router can't reach the "outer" network. Even tho the router can be reached from the other router / outer network (via the IP of the vlan of the WAN port, 0/0/1.1). Even more so, the port the also has the operational status "down" and doesn't light up while being connected to the other router.

Maybe this is related to my Internet problem!? Why won't the cisco router assign the 0/0/1 Port any IP address? And why is the port the status "down" while being connected? Does it need to be switched "up" manually somehow? And is there maybe a more extensive manual that I could look into?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: