?
Solved

Cisco 1721 ADSL Config problems

Posted on 2003-12-04
7
Medium Priority
?
6,223 Views
Last Modified: 2012-06-21
Hello. I'm trying to setup a Cisco 1721 router with IOS 12.2(15)T8 with a ADSL wIC card. I've setup the configuration but cannot get it running, can someone please have a look at the config and see if they can tell me where they think the problem could lie? I've setup a cheap little D-Link ADSL modem and it runs fine (downloads at about 55-60k/sec) so the line itself is OK.

I'm not sure about the '0' in the ppp chap password 0 qwerty, I've entered it twice now and it puts the '0' in itself.

The ADSL connection is PPPoA, with static IP addresses. VPI is 0, VCI is 38 (am I correct in thinking that this is the same as the pvc values?)

Here is a sh run:

Current configuration : 1150 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname cndhq-adsl
!
logging queue-limit 100
enable secret 5 $1$d2lY$/HIFP6Wqv/2Yq8Gph4VZ.1
!
ip subnet-zero
!
interface ATM0
 no ip address
 no atm ilmi-keepalive
 pvc 0/38
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
 !
 dsl operating-mode auto
!
interface FastEthernet0
 ip address 192.168.0.1 255.255.255.0
 ip nat inside
 speed auto
!
interface Dialer0
 ip address 217.43.76.120 255.255.255.248
 ip nat outside
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 ppp authentication chap callout
 ppp chap hostname cndhq-adsl@lon1-aj1e.demonadsl.co.uk
 ppp chap password 0 magnetic
!
ip nat pool cnd 217.43.76.121 217.43.76.121 netmask 255.255.255.248
ip nat inside source list 1 interface Dialer0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 192.168.0.0 255.255.255.0 FastEthernet0
no ip http server
!
access-list 1 permit any
dialer-list 1 protocol ip permit
!
line con 0
line aux 0
line vty 0 4
 password qwerty
 login
line vty 5 15
 password qwerty
 login
!
end

Here is ppp debugging:

*Mar  5 19:56:50.055: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up
*Mar  5 19:56:50.055: %DIALER-6-BIND: Interface Vi2 bound to profile Di0
*Mar  5 19:56:50.055: Vi2 PPP: Using dialer call direction
*Mar  5 19:56:50.055: Vi2 PPP: Treating connection as a callout
*Mar  5 19:56:50.055: Vi2 PPP: Authorization NOT required
*Mar  5 19:56:50.999: %LINK-3-UPDOWN: Interface ATM0, changed state to up
*Mar  5 19:56:51.999: %LINEPROTO-5-UPDOWN: Line protocol on Interface ATM0, changed state to up
*Mar  5 19:56:52.079: Vi2 CHAP: O CHALLENGE id 21 len 60 from "cndhqs-adsl@lon1-aj1e.demonadsl.co.uk"
*Mar  5 19:56:52.083: Vi2 CHAP: I CHALLENGE id 113 len 41 from "RASH2NRP3.Manchester"
*Mar  5 19:56:52.087: Vi2 CHAP: Using hostname from interface CHAP
*Mar  5 19:56:52.087: Vi2 CHAP: Using password from interface CHAP
*Mar  5 19:56:52.087: Vi2 CHAP: O RESPONSE id 113 len 60 from "cndhqs-adsl@lon1-aj1e.demonadsl.co.uk"
*Mar  5 19:56:56.131: Vi2 PPP: Authorization NOT required
*Mar  5 19:56:58.155: Vi2 CHAP: O CHALLENGE id 22 len 60 from "cndhqs-adsl@lon1-aj1e.demonadsl.co.uk"
*Mar  5 19:56:58.163: Vi2 CHAP: I CHALLENGE id 175 len 41 from "RASH2NRP3.Manchester"
*Mar  5 19:56:58.163: Vi2 CHAP: Using hostname from interface CHAP
*Mar  5 19:56:58.163: Vi2 CHAP: Using password from interface CHAP
*Mar  5 19:56:58.163: Vi2 CHAP: O RESPONSE id 175 len 60 from "cndhqs-adsl@lon1-aj1e.demonadsl.co.uk"
*Mar  5 19:57:02.179: Vi2 PPP: Authorization NOT required

I'm kind of guessing that it shouldn't be returning PPP: Authorization not required but I don't know how to fix it!

Thanks for any help.
0
Comment
Question by:paulo123
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 7

Expert Comment

by:NicBrey
ID: 9874793
> ppp authentication chap callout
>ppp chap hostname cndhq-adsl@lon1-aj1e.demonadsl.co.uk
>ppp chap password 0 magnetic

If you do not want to use PPP authentication, just remove the lines above.
0
 

Author Comment

by:paulo123
ID: 9874885
I'm trying to use CHAP authentication, as per the ISPs instructions. It just gives me the above output when I do a debug ppp. If I remove PPP authentication altogether it still gives the 'authentication not required' messages, but also has 'No remote authentication for call out' and 'Unable to authenticate for peer'.
0
 
LVL 7

Assisted Solution

by:NicBrey
NicBrey earned 200 total points
ID: 9875020
Yes, your VPI/VCI is correct

>ip route 192.168.0.0 255.255.255.0 FastEthernet0
You can remove this line. The router knows all connected networks and will have it in the routing tables without it.

Other than that, I can't see anything wrong with your configuration.

Have you confirmed that your provider has everything in place on their side.
You are connecting, but have layer 2 issues with the authentication. Perhaps they have a config error on their side.

Here is a link that might help

http://www.cisco.com/en/US/products/sw/iosswrel/ps5012/products_feature_guide09186a008017e735.html#64915

0
Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

 
LVL 9

Accepted Solution

by:
drev001 earned 600 total points
ID: 9877422
Try using pap authentication as well. It will select the correct method if both are present, I always put both in. Use this:

ppp pap sent-username cndhq-adsl@lon1-aj1e.demonadsl.co.uk password magnetic

I don't believe you need this line either:

ppp authentication chap callout


0
 
LVL 13

Assisted Solution

by:td_miles
td_miles earned 100 total points
ID: 9878721
This isn't going to help you get it working, but to answer one of your sub-questions:

>>I'm not sure about the '0' in the ppp chap password 0 qwerty, I've entered it twice now and it puts the '0' in itself

The '0' indicates the type of encryption being used to store the password. A value of zero means no encryption (ie. plaintext). If you look further up to where your "enable secret" is, you'll see that it has a '5' in front of it to indicate what encryption the password is done with ('5' = MD5 hash).

ref: http://www.cisco.com/warp/public/701/64.html

To turn on encryption of passwords, use the command "service password-encryption" (if you look in your config, you'll see that you have it disabled with "no service password-encryption").

ref: http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/cs/csprts/csprts5/cspasswd.htm
0
 
LVL 2

Assisted Solution

by:steven_alilovic
steven_alilovic earned 100 total points
ID: 9878967
All you nat and Dailer lists look fine. Try changing the ppp authentication chap callout to
ppp authentication chap callin.

Check this link out http://www.cisco.com/warp/public/131/ppp_callin_hostname.html


interface Ethernet0
ip address 192.168.0.1 255.255.255.0
 ip nat inside
 speed auto
!    
!
! See notes above about the correct VPI/VCI numbers (PVC)
!    
interface ATM0
 no ip address
 no atm ilmi-keepalive
 pvc 0/38
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
 !        
 dsl operating-mode auto
!        
interface Dialer0
 ip address negotiated
 ip nat outside
 encapsulation ppp
 dialer pool 1
 no cdp enable
 ppp authentication chap callin
 ppp chap hostname USERNAME@isp
 ppp chap password PASSWORD
!
0
 

Author Comment

by:paulo123
ID: 10183095
Adding ppp pap sent-username cndhq-adsl@lon1-aj1e.demonadsl.co.uk password magnetic to the config and removing ppp authentication chap callout worked fine! Thanks for everyones help.
0

Featured Post

[Webinar] Lessons on Recovering from Petya

Skyport is working hard to help customers recover from recent attacks, like the Petya worm. This work has brought to light some important lessons. New malware attacks like this can take down your entire environment. Learn from others mistakes on how to prevent Petya like worms.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
This program is used to assist in finding and resolving common problems with wireless connections.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Suggested Courses

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question