Hi,

Think that worked!

3GRouter#ping www.google.com

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 74.125.230.210, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 472/640/1060 ms

3GRouter#

Can you recommend and useful show commands aimed towards the cellualar internface?  such as signal quality, speed etc?

The next task will be to test EasyVPN.

Thanks

Glad to hear that

'Show cellular 0 all' should have all the information you need. For the signal, you can check the 'Radio' part (or just type "show cellular 0 radio')

You can also use show cellular 0 radio history, to monitor the signal quality on the last several hours.

For the VPN part, I suggest you to open a separate thread under /security/vpn, you will get more chances of a reply.

Cheers

Marco

Thanks,

Do you have any simple guidelines on the link quality as I'm getting -78 dBm, is that bad?

3GRouter#sh cellular 0 radio

Radio power mode = ON

Current Band = WCDMA 2100, Channel Number = 10637

Current RSSI = -78 dBm

Band Selected = Auto

Number of nearby cells = 1

Cell 1

        Primary Scrambling Code = 0x186

        RSCP = -75 dBm, ECIO = -6 dBm

Although the router can ping google.com I can't ping it my IP from the laptop conencted,   I realised that vlan 1 didn't have a "ip nat inside" statement and the cellular 0 interface didn't have an "ip nat outside" statement, so I added these and I still can't get the attached laptop to ping anything on the internet.

Any ideas?

Hi Andy,

-75 is a good signal. Below -90 you can have issues and instability on the line, -110 means no signal.

For NAT, you will need to have 'ip nat inside' under interface vlan 1, and 'ip nat outside' under interface cellular 0.

Plus, you will have to specify how NAT is done:

ip nat inside source list 10 interface Cellular0 overload

access-list 100 permit ip 10.10.10.0 0.0.0.255 any  << your lan subnet

Hope this helps

Marco

I think I have something elase that is wrong as the laptop can't ping outside IP's.  Debug ip nat didn't show anythign while I was tryign either:

interface Cellular0

no ip address

ip nat outside

ip virtual-reassembly in

encapsulation ppp

load-interval 60

dialer in-band

dialer pool-member 1

dialer-group 1

async mode interactive

ppp chap hostname web

ppp chap password 0 web

!

interface Vlan1

ip address 10.10.10.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

!

interface Dialer1

ip address negotiated

ip virtual-reassembly in

encapsulation ppp

dialer pool 1

dialer idle-timeout 0

dialer string INTERNET

dialer persistent

dialer-group 1

no cdp enable

!

ip forward-protocol nd

no ip http server

no ip http secure-server

!

!

ip nat inside source list 100 interface Cellular0 overload

ip route 0.0.0.0 0.0.0.0 dialer1

!

access-list 100 permit ip 10.10.10.0 0.0.0.255 any

dialer-list 1 protocol ip permit

Message was edited by: Andy White

Sorry, I didn't notice you are using the dialer over the cellular interface (i.e. the IP address is on the dialer).

Change the configuration to have "ip nat outside" under dialer1, remove the nat statement and replace it with:

ip nat inside source list 100 interface dialer1 overload

Try first a ping from the router itself, using the IP on vlan1:

ping 74.125.79.139 source 10.10.10.1   (ip is google.com)

Then check under 'show ip nat translations' to see if the IP got translated correctly

Had no luck with that:

3GRouter#ping 74.125.79.139 source 10.10.10.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 74.125.79.139, timeout is 2 seconds:

Packet sent with a source address of 10.10.10.1

.....

Success rate is 0 percent (0/5)

3GRouter#

interface Cellular0

no ip address

ip virtual-reassembly in

encapsulation ppp

load-interval 60

dialer in-band

dialer pool-member 1

dialer-group 1

async mode interactive

ppp chap hostname web

ppp chap password 0 web

!

interface Vlan1

ip address 10.10.10.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

!

interface Dialer1

ip address negotiated

ip nat outside

ip virtual-reassembly in

encapsulation ppp

dialer pool 1

dialer idle-timeout 0

dialer string INTERNET

dialer persistent

dialer-group 1

no cdp enable

!

ip forward-protocol nd

no ip http server

no ip http secure-server

!

!

ip nat inside source list 100 interface Cellular0 overload

ip route 0.0.0.0 0.0.0.0 Dialer1

!

access-list 100 permit ip 10.10.10.0 0.0.0.255 any

dialer-list 1 protocol ip permit

ip nat inside source list 100 interface Cellular0 overload   <<

Remove that line and replace it with

ip nat inside source list 100 interface dialer1 overload

Hi,

Sorry I missed that and it worked!  Many thanks.

Couple of questions, how can I see what public IP address the 3G device gets via the router.  I can get it via the laptop conenct using whatsmyip.org?

How does the dialer and cellular work together, it seems some example configs don't even use the dialer just the cellular interface, it really confused me?

I think the 2 thinks I need to set up before going downt he VPN route will be remote SSH access which should be fine and Dynamic DNS, as how woudl I ever find the remote IP?

Thanks again

To check the IP address you can see under "show interface dialer 1", or you can simply do "show ip interface brief".

The cellular interface works with the same logic as a dialer interface. For some scenarios there is no need to add an additional dialer over it.

In your setup, the dialer interface will be the one handling IP address and other features. For that reason, NAT and static routes must point to the dialer. The dialer is associated to the cellular interface, so whenever it needs to send traffic, it will request the cellular interface to establish the link.

Not sure about Dynamic DNS and VPN, is not really my field, sorry

What confuses me though is if I run 'sh ip int bri' or 'sh int dialer 1'  I get this:

3GRouter#sh int dialer 1

Dialer1 is up, line protocol is up (spoofing)

  Hardware is Unknown

  Internet address is 10.93.52.0/32

  MTU 1500 bytes, BW 56 Kbit/sec, DLY 20000 usec,

Interface                  IP-Address      OK?               Method Status                Protocol

Cellular0                  unassigned      YES                 unset  up                    up

Dialer1                    10.93.52.0        YES                IPCP   up                    up

But via the laptop using whatsmyip.org I get 82.132.234.95.  I would like to SSH to the device.

Thanks

You will have to check this with the Telco, they are assigning you a private IP (10.93.52.0) and NATting that IP over a public one.

You need to ask them to assign a public static IP, or to have your private IP associated to a specific port.

Cheers

Marco

Hi everyone, I am new here.

i configured my Cisco using 3G with my problem here:

Trungvd#ping www.google.com 

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 216.58.221.36, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 408/485/708 ms

but when i ping from my vlan 1, it doesn't work:

Trungvd#ping www.google.com source vlan 1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 216.58.221.36, timeout is 2 seconds:
Packet sent with a source address of 192.168.2.1 
.....
Success rate is 0 percent (0/5)

Here is my all configuration:

!
ip dhcp pool Guest
   import all
   network 192.168.2.0 255.255.255.0
   default-router 192.168.2.1 
   dns-server 8.8.8.8 203.161.4.191 
   lease 0 10
!
!
ip cef
no ipv6 cef
!
!
multilink bundle-name authenticated
chat-script gsm "" "atdt*98*1#" TIMEOUT 30 "CONNECT" 
crypto pki token default removal timeout 0
!
!
license udi pid CISCO881GW-GN-E-K9 sn FHK145074PH
!
!         
!
!
controller Cellular 0
!
!
!
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface wlan-ap0
 description Service module interface to manage the embedded AP
 no ip address
 arp timeout 0
!
interface Wlan-GigabitEthernet0
 description Internal switch interface connecting to the embedded AP
!
interface Cellular0
 no ip address
 ip virtual-reassembly in
 encapsulation ppp
 dialer in-band
 dialer pool-member 2
 dialer-group 2
 async mode interactive
!
interface Vlan1
 ip address 192.168.2.1 255.255.255.0
 ip virtual-reassembly in
!
interface Dialer2
 ip address negotiated
 encapsulation ppp
 dialer pool 2
 dialer idle-timeout 0
 dialer string gsm
 dialer persistent
 dialer-group 2
 ppp authentication chap callin
 ppp chap hostname mms
 ppp chap password 0 mms
 ppp ipcp dns request
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat inside source list 1 interface Dialer2 overload
ip route 0.0.0.0 0.0.0.0 Dialer2
!
logging esm config
dialer-list 2 protocol ip permit
!
!
!         
!
!
control-plane
!
!
line con 0
 no modem enable
line aux 0
line 2
 no activation-character
 no exec
 transport preferred none
 transport input all
line 3
 exec-timeout 0 0
 script dialer gsm
 no exec
 rxspeed 7200000
 txspeed 5760000
line vty 0 4
 login
 transport input all
!         
end

I'm glad to hear from your solutions all. Thanks in advanced!!!