Solved

Cisco 837 Config Help

Posted on 2006-10-20
9
761 Views
Last Modified: 2008-01-09
Trying to get my 837 to connect to the internet, however cant seem to get it to work.

Config from ISP:
Connection Type :  PPPoE LLC
Primary IP Address :  Set to Auto  
Primary DNS :  Set to Auto
Secondary DNS :  Set to Auto

Config from router:

show run
Building configuration...

Current configuration : 4768 bytes
!
version 12.2
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname auswest
!
logging queue-limit 100
logging buffered 4096 debugging
enable secret 5 **********************8
enable password 7 ******************
!
username *********
username ********* password 7 *******************
clock timezone AEST 10
clock summer-time AEST recurring 4 Sun Oct 2:00 3 Sun Mar 3:00
ip subnet-zero
ip source-route
no ip domain lookup
ip domain name local
ip dhcp excluded-address 192.168.0.1
ip dhcp excluded-address 192.168.0.254
ip dhcp excluded-address 192.168.0.111
!
ip dhcp pool dhcppool
   import all
   network 192.168.0.0 255.255.255.0
   default-router 192.168.0.111
   update arp
!
!
no ip bootp server
ip inspect name firewall tcp
ip inspect name firewall udp
ip inspect name firewall cuseeme
ip inspect name firewall h323
ip inspect name firewall rcmd
ip inspect name firewall realaudio
ip inspect name firewall streamworks
ip inspect name firewall vdolive
ip inspect name firewall sqlnet
ip inspect name firewall tftp
ip inspect name firewall ftp
ip inspect name firewall icmp
ip inspect name firewall sip
ip inspect name firewall fragment maximum 256 timeout 1
ip inspect name firewall netshow
ip inspect name firewall rtsp
ip inspect name firewall skinny
ip audit notify log
ip audit po max-events 100
ip audit name intrusion info list 3 action alarm
ip audit name intrusion attack list 3 action alarm drop reset
vpdn enable
!
vpdn-group pptp
! Default PPTP VPDN group
 accept-dialin
  protocol pptp
  virtual-template 1
!
no ftp-server write-enable
!
interface Tunnel0
 no ip address
!
interface Ethernet0
 ip address 192.168.0.111 255.255.255.0
 ip access-group 102 in
 ip nat inside
 hold-queue 100 out
!
interface Virtual-Template1
 ip unnumbered Ethernet0
 peer default ip address dhcp-pool dhcppool
 ppp encrypt mppe auto
 ppp authentication ms-chap
!
interface ATM0
 description atm 0
 no ip address
 no atm ilmi-keepalive
 dsl operating-mode auto
!
interface ATM0.1 point-to-point
 pvc 0/100
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
 !
!
interface Dialer0
 bandwidth 640
 ip address negotiated
 ip access-group 101 in
 no ip redirects
 no ip unreachables
 ip nat outside
 ip inspect firewall out
 ip audit intrusion in
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 no cdp enable
 ppp pap sent-username ************** password 7 *****************
 ppp ipcp dns request
!
ip nat inside source list 1 interface Dialer0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
no ip http server
no ip http secure-server
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 2 permit 124.243.155.154
access-list 2 permit 192.168.1.0 0.0.0.255
access-list 3 deny   192.168.1.0 0.0.0.255
access-list 3 permit any
access-list 101 permit ip 192.168.1.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 101 deny   ip 0.0.0.0 0.255.255.255 any
access-list 101 deny   ip 10.0.0.0 0.255.255.255 any
access-list 101 deny   ip 127.0.0.0 0.255.255.255 any
access-list 101 deny   ip 169.254.0.0 0.0.255.255 any
access-list 101 deny   ip 172.16.0.0 0.15.255.255 any
access-list 101 deny   ip 192.0.2.0 0.0.0.255 any
access-list 101 deny   ip 192.168.0.0 0.0.255.255 any
access-list 101 deny   ip 198.18.0.0 0.1.255.255 any
access-list 101 deny   ip 224.0.0.0 0.15.255.255 any
access-list 101 deny   ip any host 255.255.255.255
access-list 101 permit tcp any any eq 1723
access-list 101 permit gre any any
access-list 101 permit tcp any any eq 22
access-list 101 permit tcp any any eq telnet
access-list 101 deny   icmp any any echo
access-list 102 deny   udp any any eq 135 log
access-list 102 deny   udp any any eq netbios-ns log
access-list 102 deny   tcp any any eq 445 log
access-list 102 permit ip 192.168.1.0 0.0.0.255 any
access-list 102 permit ip any host 255.255.255.255
access-list 102 deny   ip any any log
dialer-list 1 protocol ip permit
banner motd ^C

Config By Newcastle OnSite IT - Making IT Easy
www.nosit.com.au 0401 605 174
Authorisation is required to connect to this device.
If you are not authorised to connect to this device disconnect imediatly, Failure to do so will result in prosecution under applicable law.

^C
!
line con 0
 no modem enable
 stopbits 1
line aux 0
 stopbits 1
line vty 0 4
 access-class 2 in
 password 7 **************
 login local
 transport input telnet ssh
 transport output none
!
scheduler max-task-time 5000
!
end
0
Comment
Question by:Dinga84
  • 3
  • 3
  • 2
9 Comments
 
LVL 1

Expert Comment

by:needsy
ID: 17788644
I noticed you only have PAP authentication configured on your dialer? try setting up CHAP also. Some ISP's dont support PAP.

E.G.

 interface dialer0
 ppp chap hostname ****
 ppp chap password ****
 ppp pap sent-username ************** password 7 *****************

The following debug commands are also handy when fault finding PPP dialer issues. If your telnetting to the router type "terminal monitor" at enable to send debug results to VTY line.

debug ppp negotiation
debug ppp authentication

Then try and access the net and see what you get.. authentication failure, no attempt etc. You can then turn them off (they use CPU cycles) by typing:

no debug all

Cheers

Matt

0
 
LVL 3

Author Comment

by:Dinga84
ID: 17791925
Matt,

I got it working late last night, there was a problem with my vti/vci settings, and the chap solution you suggested above.

Thanks for the help.
0
 
LVL 3

Author Comment

by:Dinga84
ID: 17972341
I asked this question be closed with points refunded on the 23.10.2006
http://www.experts-exchange.com/Community_Support/Q_22034893.html
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 17972481
OK. if no-one else comments on this the points can be refunded.
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 1

Accepted Solution

by:
needsy earned 500 total points
ID: 17977634
I know I didnt solve the whole problem.. But a few points would be nice as I did help a bit??. Any chance?

0
 
LVL 3

Author Comment

by:Dinga84
ID: 17977684
Done,

Your the only person who replied, it looks like we need more cisco people and you did try, so worth the points. I may need your help again in the future.
0
 
LVL 1

Expert Comment

by:needsy
ID: 17977775
Thank you very much :). Anytime
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 17988843
Thanks for the update :)

Regards
keith
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Suggested Solutions

We've been using the Cisco/Linksys RV042 for years as: - an internet Gateway - a site-to-site VPN device - a leased line site-to-site subnet-to-subnet interface (And, here I'm assuming that any RV0xx behaves the same way as an RV042.  So that's …
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now