Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 314
  • Last Modified:

C801 dialin user can't ping

I wanted to configure Cisco 801 for access to internet (with bandwidh on demand) and for dial in users. Acess to internet works just fine, but when a user tries to dial-in, the password is accepted and the user is conected, but he can not ping anything on central site. On remote site is PC with ISDN card.
Here is the configuration:

Current configuration:
!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname xxxxxx
!
enable secret 5 $$$$$$$$$$$
!
username "username" password 0 "password"
ip subnet-zero
!
no ip domain-lookup
isdn switch-type basic-net3
!
interface Ethernet0
 ip address 10.0.0.250 255.255.255.0
 no ip directed-broadcast
 ip nat inside
!
interface BRI0
 no ip address
 no ip directed-broadcast
 ip nat outside
 encapsulation ppp
 dialer pool-member 1
 dialer pool-member 2
 isdn switch-type basic-net3
 no cdp enable
 ppp authentication chap callin
!
interface Dialer1
 ip address negotiated
 ip access-group 101 out
 no ip directed-broadcast
 ip nat outside
 encapsulation ppp
 ip tcp header-compression passive
 no ip split-horizon
 dialer remote-name xxxxxxx
 dialer idle-timeout 60
 dialer string 111111111
 dialer hold-queue 10
 dialer load-threshold 150 either
 dialer pool 1
 dialer-group 1
 no cdp enable
 ppp chap hostname xxxxxxx
 ppp chap password 7 0832585C5C4C51
 ppp multilink
!
interface Dialer2
 ip unnumbered Ethernet0
 no ip directed-broadcast
 ip nat inside
 encapsulation ppp
 no ip split-horizon
 dialer remote-name remote
 dialer pool 2
 dialer-group 1
 peer default ip address pool naslovi
 no cdp enable
 ppp authentication chap callin
 ppp multilink
!
router rip
 version 2
 passive-interface Dialer1
 passive-interface Dialer2
 network 10.0.0.0
 no auto-summary
!
ip local pool naslovi 10.0.0.251 10.0.0.252
ip nat inside source list 101 interface Dialer1 overload
no ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
!
access-list 101 deny   tcp any range 137 139 any
access-list 101 deny   tcp any any range 137 139
access-list 101 deny   udp any range netbios-ns netbios-ss any
access-list 101 deny   udp any any range netbios-ns netbios-ss
access-list 101 permit ip any any
dialer-list 1 protocol ip permit
!
line con 0
 exec-timeout 0 0
 password xxxxx
 login
 transport input none
 stopbits 1
line vty 0 4
 password xxxxx
 login
!
end


Another think I don't understand is why if I don't use ppp multilink command in both Dialer1 and Dialer2 profile access to internet does not work.

Router is at the moment a little bit distant to me, so I will be very happy if someone could give me precise instructions.

Thank you very much!

Davorin
0
davorin
Asked:
davorin
  • 4
  • 2
1 Solution
 
lrmooreCommented:
Since you have dialer-pool commands on the dialers, but not on the physical interface, you could see this behavior.
Question: what is the IP address of the user's ETHERNET port at remote site, or do they have one? You might want to assign them to a different network for that interface.

I would use a separate access-list for your NAT also..

Try this:

Interface BRI0
 dialer pool-member 1 priority 50
 dialer pool-member 2 min-link 1
!
interface Dialer2
 ip address 10.0.1.250 255.255.255.0
 dialer in-band
!
ip local pool naslovi 10.0.1.251 10.0.1.252
!
ip route <Ethernet of remote> <mask> dialer 2
!
ip nat inside source list 1 interface Dialer1 overload
!
access-list 1 permit 10.0.0.0 0.255.255.255
!
0
 
davorinAuthor Commented:
Ethernet port IP address on remote side (testing) PC is 192.168.0.222/24.

There will be different PCs that will connect to router so I will have dificulties to configure "ip route" and I see no need to configure ip route for IP pool addresses ;-)

Identical configuration except isdn caller screening and bandwidth on demand configured for Dialer1 works perfectly on another router.
Few hours later I have been notified, that internet access does not work anymore. I'm really concerned about router's health.



0
 
davorinAuthor Commented:
Finally I got router here and when I tried to dial in I got the message :

Memory Protection Violation:
    epc  =0x0045FCC0, location of fault
    eva  =0x0270E???, read fault address
    error=0x00000082, illegal address
    pti  =0x0000170E
    pte  =0x002CD104


WARNING!  Illegal read access

Memory Protection Violation:
    epc  =0x0045FEB0, location of fault
    eva  =0x00000???, read fault address
    error=0x00000082, illegal address
    pti  =0x00000000
    pte  =0xFFFFF100


WARNING!  Illegal read access

Memory Protection Violation:
    epc  =0x00248624, location of fault
    eva  =0x00000???, read fault address
    error=0x00000082, illegal address
    pti  =0x00000000
    pte  =0x02102100

It seems like there something wrong with memory.
Any ideas?
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
lrmooreCommented:
Looks like your flash SIMM is bad.
Check:
http://www.add-tech.com 
for best prices.

Or open TAC case with serial number of the router. Do you have SmartNet maint?
0
 
davorinAuthor Commented:
Untill now I had no time to "play" with router.
Now I had upgraded IOS and Memory Protection Violation error disapeared.
Also I have copied working config from another router and anything seems to work right.

Just another thing is a little bit confusing me: If the router is connected to normal ISDN line (BRI) dial in works fine, if it is connected to centrex, dial in password is rejected?! At the moment I dont have another router to try the same thing, but I think that this is telephony problem.

Irmoore, thanx again for your help.
0
 
davorinAuthor Commented:
This comment has not directly solved my problem, but it has some usefull info.

Thanx
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now