waifurchin
asked on
1721 DSL won't connect?
I am attempting to replace a netopia DSL router with a 1721 (WIC-1ADSL). DSL is provided by AT&T using ADSL with a static IP.
The pvc, user, password, static IP, subnet, and encapsulation are all copied from the netopia router, so confidence is high in those values at least. ATM0 and FE0 both list as up/up. Can't ping a d*mn thing from the router however and the received packet counts are zilch.
The existing config (below) is based on other posts here at experts-exchange, so I'm working on the qualified assumption the issue is certainly something very minor I mistyped or overlooked.
Please advise.
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname WHARouter
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 10 log
security passwords min-length 6
logging buffered 4096 debugging
logging console critical
enable secret 5 x
enable password 7 x
!
aaa new-model
!
aaa authentication login local_auth local
!
aaa session-id common
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no ip source-route
no ip gratuitous-arps
!
ip cef
no ip domain lookup
no ip bootp server
login block-for 60 attempts 5 within 60
!
username myself password secret
!
crypto isakmp policy 11
authentication pre-share
crypto isakmp key wahoo! address a.b.c.146
!
crypto ipsec transform-set hq_lan esp-3des esp-sha-hmac
!
crypto map HQLan 11 ipsec-isakmp
set peer a.b.c.146
set transform-set hq_lan
match address 120
!
interface ATM0
no ip address
ip verify unicast source reachable-via rx allow-default 100
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
no ip route-cache cef
no ip route-cache
atm ilmi-keepalive
dsl operating-mode auto
crypto map HQLan
pvc 0/35
protocol ip w.h.a.6 broadcast
vbr-rt 160 160 1
encapsulation aal5snap
protocol ppp dialer
dialer pool-member 1
!
interface FastEthernet0
ip address 192.168.3.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
speed auto
full-duplex
no cdp enable
!
interface Dialer1
ip address w.h.a.6 255.255.255.248
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
no cdp enable
ppp chap hostname xxx
ppp chap password yyy
ppp pap sent-username xxx password yyy
!
ip route 0.0.0.0 0.0.0.0 Dialer1
no ip http server
no ip http secure-server
!
ip nat pool wha w.h.a.6 w.h.a.6 netmask 255.255.255.248
ip nat inside source list 1 interface Dialer1 overload
ip nat inside source route-map nonat pool wha overload
!
logging trap debugging
logging facility local2
access-list 1 permit 192.168.3.0 0.0.0.255
access-list 120 permit ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 130 deny ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 130 permit ip 192.168.3.0 0.0.0.255 any
dialer-list 1 protocol ip permit
no cdp run
!
route-map nonat permit 10
match ip address 130
!
control-plane
!
banner login ^C
^C
banner motd ^C
^C
!
line con 0
exec-timeout 5 0
login authentication local_auth
transport output telnet
line aux 0
login authentication local_auth
transport output telnet
line vty 0 4
password 7 0103520A555B1E5E60
login authentication local_auth
transport input telnet
!
no process cpu extended
no process cpu autoprofile hog
end
The pvc, user, password, static IP, subnet, and encapsulation are all copied from the netopia router, so confidence is high in those values at least. ATM0 and FE0 both list as up/up. Can't ping a d*mn thing from the router however and the received packet counts are zilch.
The existing config (below) is based on other posts here at experts-exchange, so I'm working on the qualified assumption the issue is certainly something very minor I mistyped or overlooked.
Please advise.
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname WHARouter
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 10 log
security passwords min-length 6
logging buffered 4096 debugging
logging console critical
enable secret 5 x
enable password 7 x
!
aaa new-model
!
aaa authentication login local_auth local
!
aaa session-id common
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no ip source-route
no ip gratuitous-arps
!
ip cef
no ip domain lookup
no ip bootp server
login block-for 60 attempts 5 within 60
!
username myself password secret
!
crypto isakmp policy 11
authentication pre-share
crypto isakmp key wahoo! address a.b.c.146
!
crypto ipsec transform-set hq_lan esp-3des esp-sha-hmac
!
crypto map HQLan 11 ipsec-isakmp
set peer a.b.c.146
set transform-set hq_lan
match address 120
!
interface ATM0
no ip address
ip verify unicast source reachable-via rx allow-default 100
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
no ip route-cache cef
no ip route-cache
atm ilmi-keepalive
dsl operating-mode auto
crypto map HQLan
pvc 0/35
protocol ip w.h.a.6 broadcast
vbr-rt 160 160 1
encapsulation aal5snap
protocol ppp dialer
dialer pool-member 1
!
interface FastEthernet0
ip address 192.168.3.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
speed auto
full-duplex
no cdp enable
!
interface Dialer1
ip address w.h.a.6 255.255.255.248
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
no cdp enable
ppp chap hostname xxx
ppp chap password yyy
ppp pap sent-username xxx password yyy
!
ip route 0.0.0.0 0.0.0.0 Dialer1
no ip http server
no ip http secure-server
!
ip nat pool wha w.h.a.6 w.h.a.6 netmask 255.255.255.248
ip nat inside source list 1 interface Dialer1 overload
ip nat inside source route-map nonat pool wha overload
!
logging trap debugging
logging facility local2
access-list 1 permit 192.168.3.0 0.0.0.255
access-list 120 permit ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 130 deny ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 130 permit ip 192.168.3.0 0.0.0.255 any
dialer-list 1 protocol ip permit
no cdp run
!
route-map nonat permit 10
match ip address 130
!
control-plane
!
banner login ^C
^C
banner motd ^C
^C
!
line con 0
exec-timeout 5 0
login authentication local_auth
transport output telnet
line aux 0
login authentication local_auth
transport output telnet
line vty 0 4
password 7 0103520A555B1E5E60
login authentication local_auth
transport input telnet
!
no process cpu extended
no process cpu autoprofile hog
end
ASKER
I believe (hope?) the 1721 with a WIC-1ADSL works as a modem/router.
I can call AT&T monday, but is there anything else that might be amiss before I do so?
I can call AT&T monday, but is there anything else that might be amiss before I do so?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the quick turn-around:
I made the requisite changes but to no avail.
Incidentally, what debug commands would be most useful in tracking down the potential problems?
# debug all <- brutal (no idea what I'm looking at for most of it)
# debug atm events <- nothing logged after waiting 30 secs.
# debug atm ilmi:
000582: *Mar 1 19:55:29.079 UTC: ILMI(ATM0): Sending ilmiColdStart trap
000583: *Mar 1 19:55:29.079 UTC: ILMI(ATM0): No ILMI VC found
000584: *Mar 1 19:55:29.079 UTC: ILMI: Encapsulation error on o/g ILMI Pdu <ilmi_send_pkt> (ATM0)
000585: *Mar 1 19:55:29.079 UTC: ILMI: Unable to Send Pdu out <ilmi_send_trap>
No idea what other debug commands would be of value.
Also tried changing the encapsulation on ATM0 from "aal5snap" to "aal5mux ppp dialer" (90% of the examples on the web show aal5mux), but I'm pretty sure it should be aal5snap based on the old router, and given aal5mux produced the same error, I went back to aal5snap.
I made the requisite changes but to no avail.
Incidentally, what debug commands would be most useful in tracking down the potential problems?
# debug all <- brutal (no idea what I'm looking at for most of it)
# debug atm events <- nothing logged after waiting 30 secs.
# debug atm ilmi:
000582: *Mar 1 19:55:29.079 UTC: ILMI(ATM0): Sending ilmiColdStart trap
000583: *Mar 1 19:55:29.079 UTC: ILMI(ATM0): No ILMI VC found
000584: *Mar 1 19:55:29.079 UTC: ILMI: Encapsulation error on o/g ILMI Pdu <ilmi_send_pkt> (ATM0)
000585: *Mar 1 19:55:29.079 UTC: ILMI: Unable to Send Pdu out <ilmi_send_trap>
No idea what other debug commands would be of value.
Also tried changing the encapsulation on ATM0 from "aal5snap" to "aal5mux ppp dialer" (90% of the examples on the web show aal5mux), but I'm pretty sure it should be aal5snap based on the old router, and given aal5mux produced the same error, I went back to aal5snap.
ASKER
How about if I try a different tact:
How do I debug this?
# debug all - displays only an endless series of empty counters and the ILMI messages from above. Note: A search on Google to identify of the cause of the ILMI messages led nowhere.
I've tried a dozen or so other debug commands related to the ATM0 and FE0 interfaces, but they yield nothing (absolutely nothing).
What commands will produce better results?
How do I debug this?
# debug all - displays only an endless series of empty counters and the ILMI messages from above. Note: A search on Google to identify of the cause of the ILMI messages led nowhere.
I've tried a dozen or so other debug commands related to the ATM0 and FE0 interfaces, but they yield nothing (absolutely nothing).
What commands will produce better results?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I went back to basics (configuration below), and while close, its still not quite live.
Using a heavily revised configuration, I can now see ATM0, Dialer1, and FE0 are all up/up.
# show int atm0 - lists up/up with incrementing inbound/outbound packets and no errors.
# show vpdn - lists valid MAC assignment and VAST is up
# debug pppoe-events - shows: PPPOE: we've got our pado and the pado timer went off
# debug ppp neg - shows LCP state is open, PPP phase is up, and IPCP state is open.
# ping a.b.c.d - times out. a.b.c.d is a name server for our ISP, and the address has been verified.
Please note: I have not hooked the router to the LAN yet, I'm simply trying to ping by issuing commands from the CLI via the console port and hyperterm through the ATM0 interface (which is, of course, connected to our ISP).
Here's what I now have:
Current configuration : 1143 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname WHARouter
!
boot-start-marker
boot-end-marker
!
no aaa new-model
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
ip cef
!
vpdn enable
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
pvc 0/35
pppoe-client dial-pool-number 1
!
!
interface FastEthernet0
ip address 192.168.3.254 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
speed auto
!
interface Dialer1
mtu 1492
ip address 1.2.3.4 255.255.255.248
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
ppp chap hostname username
ppp chap password 0 password
ppp pap sent-username username password 0 password
!
ip route 0.0.0.0 0.0.0.0 Dialer1
no ip http server
no ip http secure-server
!
ip nat inside source list 1 interface Dialer1 overload
!
access-list 1 permit 192.168.3.254 0.0.0.255
!
control-plane
!
line con 0
line aux 0
line vty 0 4
login
!
end
Using a heavily revised configuration, I can now see ATM0, Dialer1, and FE0 are all up/up.
# show int atm0 - lists up/up with incrementing inbound/outbound packets and no errors.
# show vpdn - lists valid MAC assignment and VAST is up
# debug pppoe-events - shows: PPPOE: we've got our pado and the pado timer went off
# debug ppp neg - shows LCP state is open, PPP phase is up, and IPCP state is open.
# ping a.b.c.d - times out. a.b.c.d is a name server for our ISP, and the address has been verified.
Please note: I have not hooked the router to the LAN yet, I'm simply trying to ping by issuing commands from the CLI via the console port and hyperterm through the ATM0 interface (which is, of course, connected to our ISP).
Here's what I now have:
Current configuration : 1143 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname WHARouter
!
boot-start-marker
boot-end-marker
!
no aaa new-model
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
ip cef
!
vpdn enable
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
pvc 0/35
pppoe-client dial-pool-number 1
!
!
interface FastEthernet0
ip address 192.168.3.254 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
speed auto
!
interface Dialer1
mtu 1492
ip address 1.2.3.4 255.255.255.248
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
ppp chap hostname username
ppp chap password 0 password
ppp pap sent-username username password 0 password
!
ip route 0.0.0.0 0.0.0.0 Dialer1
no ip http server
no ip http secure-server
!
ip nat inside source list 1 interface Dialer1 overload
!
access-list 1 permit 192.168.3.254 0.0.0.255
!
control-plane
!
line con 0
line aux 0
line vty 0 4
login
!
end
Not familiar with your cisco, but is that a modem/router? If so you may have to register the mac with AT&T... I did with my provider when I changed mine out.
Jappo
Any questions, just Holler! It's how we communicate in the mountains <smile>