Dialer ADSL ppoe connection

My expertise in Cisco routers is limited. I have Cisco router 2651XM which use to be connected to a adsl modem until it got reset by power outages. I uploaded the IOS and configured router to its original settings but for six months I have being able to make router connect to internet at all. The connections are the following:
ISP_ADSL_modem to Cisco 2651XM connected to F0/1 using PPPoE using pap to Cisco 2950 to workstations.

I am using SDM to configured router but most of the time I use hyperterminal. I am not sure why router does not dial ISP or how to fix it. Can someone help me this problem? I am including a copy of my current configuration with some excluded information.


!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname DMI-FW_RTR
!
boot-start-marker
boot system flash:c2600-adventerprisek9-mz.124-3.bin
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200 informational
logging console critical
enable password 7 (DELETED)
!
!
resource policy
!
aaa new-model
!
!
aaa authentication login default group radius
aaa authentication login if_needed local
aaa authentication login both group radius local
aaa authorization exec default group radius if-authenticated
aaa authorization exec both local
!
aaa session-id common
clock timezone Jordan 2
no network-clock-participate slot 1
no network-clock-participate wic 0
ip subnet-zero
no ip source-route
!
!
ip tcp synwait-time 10
!
!
ip cef
no ip bootp server
no ip domain lookup
ip domain name dmi.mil.jo
ip inspect name myfw ftp timeout 3600
ip inspect name myfw http timeout 3600
ip inspect name myfw smtp timeout 3600
ip inspect name myfw tftp timeout 30
ip inspect name myfw udp timeout 15
ip inspect name myfw tcp timeout 3600
ip auth-proxy inactivity-timer 10
ip auth-proxy name list_a http inactivity-time 10
ip admission inactivity-timer 10
ip ips notify SDEE
ip ssh time-out 60
ip ssh authentication-retries 2
ip reflexive-list timeout 120
vpdn enable
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
crypto pki trustpoint TP-self-signed-3069597685
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3069597685
 revocation-check none
 rsakeypair TP-self-signed-3069597685
!
!
crypto pki certificate chain TP-self-signed-3069597685
 certificate self-signed 01
  XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
  XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
  XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
  XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
  XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
  XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
  XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
  XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
  XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
  XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
  XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
  XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
  XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
  XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
  XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
  XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
  XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
  XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
  XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
  quit
username admin privilege 2 password 7 (DELETED)
username dmiadmins privilege 15 password 7 (DELETED)
username administrator privilege 15 secret 5 (DELETED)
!
!
!
!
!
!
interface Null0
 no ip unreachables
!
interface FastEthernet0/0
 description Internal DMI Interface
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip route-cache flow
 no ip mroute-cache
 duplex auto
 speed auto
 no mop enabled
!
interface FastEthernet0/0.240
 description Link to DMI Core Black Router$FW_INSIDE$
 encapsulation dot1Q 240
 ip address 192.168.255.241 255.255.255.240
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat inside
 ip inspect myfw in
 ip virtual-reassembly
 no ip mroute-cache
 no snmp trap link-status
!
interface Serial0/0
 no ip address
 shutdown
!
interface FastEthernet0/1
 description External Internet Interface$ETH-WAN$
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip route-cache flow
 duplex auto
 speed auto
 pppoe enable
 pppoe-client dial-pool-number 1
 no mop enabled
!
interface Serial0/1
 no ip address
 shutdown
!
interface Dialer1
 description $FW_OUTSIDE$
 ip address negotiated
 ip access-group InBoundFilters in
 ip access-group OutBoundFilters out
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip mtu 1492
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 ip route-cache flow
 no ip mroute-cache
 dialer pool 1
 dialer-group 1
 ppp authentication pap callin
 ppp pap sent-username (DELETED)@wanadoo-adsl password 7 (DELETED)
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 192.168.0.0 255.255.0.0 192.168.255.246
!
!
ip http server
ip http authentication local
ip http secure-server
ip nat inside source list NATClients interface Dialer1 overload
!
ip access-list standard NATClients
 remark Anything Matching this Access List Will be NATed and allowed to pass to the Internet
 remark SDM_ACL Category=18
 permit 192.168.0.1
 permit 192.168.0.2
 permit 192.168.0.251
 permit 192.168.0.253
 permit 192.168.0.200
 permit 192.168.0.151
!
ip access-list extended InBoundFilters
 remark This is the INBOUND Internet Traffic ACL
 remark .
 remark Blocks all Private IP Ranges
 deny   ip 192.168.0.0 0.0.255.255 any log-input
 deny   ip 172.16.0.0 0.15.255.255 any log-input
 deny   ip 10.0.0.0 0.255.255.255 any log-input
 remark .
 remark Blocks all Microsoft NetBios Traffice
 deny   udp any any eq netbios-ns log-input
 deny   udp any any eq netbios-dgm log-input
 deny   udp any any eq netbios-ss log-input
 remark .
 remark Below statements evaluate all Dynamic ACL entries for outgoing traffic
 evaluate tcptraffic
 evaluate udptraffic
 evaluate icmptraffic
 deny   ip any any log-input
ip access-list extended OutBoundFilters
 remark This is the OUTBOUND Internet Traffic ACL
 remark .
 remark Blocks all Private IP Ranges
 deny   ip 192.168.0.0 0.0.255.255 any log-input
 deny   ip 172.16.0.0 0.15.255.255 any log-input
 deny   ip 10.0.0.0 0.255.255.255 any log-input
 remark .
 remark Blocks all Microsoft NetBios Traffice
 deny   udp any any eq netbios-ns log-input
 deny   udp any any eq netbios-dgm log-input
 deny   udp any any eq netbios-ss log-input
 remark .
 remark Below statements create Dynamic ACL entries for outgoing traffic
 permit tcp any any reflect tcptraffic
 permit udp any any reflect udptraffic
 permit icmp any any reflect icmptraffic
ip access-list extended test
!
logging trap debugging
logging source-interface FastEthernet0/0.240
logging 192.168.0.253
access-list 100 remark VTY Access-class list
access-list 100 remark SDM_ACL Category=1
access-list 100 permit ip 192.168.255.240 0.0.0.15 any
access-list 100 remark IDN Mangement Workstation
access-list 100 permit ip host 192.168.0.253 any
access-list 100 remark IDN Mangement Workstation
access-list 100 permit ip host 192.168.0.252 any
access-list 100 remark IDN Mangement Workstation
access-list 100 permit ip host 192.168.0.251 any
access-list 100 permit ip host 192.168.0.200 any
access-list 100 deny   ip any any log
access-list 100 remark 45 New Email Server for other network
dialer-list 1 protocol ip permit
snmp-server community idn RO
snmp-server enable traps tty
no cdp run
!
!
tftp-server system
radius-server host 192.168.0.253 auth-port 1645 acct-port 1646
radius-server key 7 (DELETED)
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
 logging synchronous
 login authentication both
 transport output telnet
 escape-character 3
line aux 0
 transport output telnet
line vty 0 4
 access-class 100 in
 password 7 (DELETED)
 logging synchronous
 login authentication both
 transport input telnet ssh
 escape-character 3
!
scheduler allocate 4000 1000
ntp clock-period 17212596
ntp server 192.168.254.0
!
end
fernandezalexAsked:
Who is Participating?
 
lrmooreCommented:
Start by removing the outbound filter

interface Dialer1
 description $FW_OUTSIDE$
 ip address negotiated
 ip access-group InBoundFilters in
 ip access-group OutBoundFilters out  <== remove this

0
 
fernandezalexAuthor Commented:
Ok sounds good could explain why? I will give it a try I will let you know if it works.
0
 
fernandezalexAuthor Commented:
Ok I removed OutBoundFilters out but still no luck.
0
Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

 
lrmooreCommented:
Now try removing the inbound filter. Don't worry, you are still protected by NAT until we get this resolved.
I'm thinking that you are not allowing the dhcp packets out or in, even with the evaluate commands.
If removing all filters gets you an IP address and a connection, then we can work on better filter rules.
0
 
fernandezalexAuthor Commented:
ok done but no luck still
0
 
lrmooreCommented:
Can you try debug ppp?
From telnet session, don't forget to issue term mon command or you won't see any of it.
You might get a clue from the debug session.
0
 
fernandezalexAuthor Commented:
Ok I finally got around to this evil router!!    I read the error bu the funny thing I am not using chap but pap why is it showing like I am using it?

Here is the debug errors:

DMI-FW_RTR#
000150: *Jan 20 09:21:50.817 Jordan: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state
to up
DMI-FW_RTR#
000151: *Jan 20 09:21:59.065 Jordan: %DIALER-6-BIND: Interface Vi1 bound to profile Di1
000152: *Jan 20 09:21:59.065 Jordan: Vi1 PPP: Phase is DOWN, Setup
000153: *Jan 20 09:21:59.065 Jordan: Vi1 PPP: Using dialer call direction
000154: *Jan 20 09:21:59.069 Jordan: Vi1 PPP: Treating connection as a callout
000155: *Jan 20 09:21:59.069 Jordan: Vi1 PPP: Session handle[49000032] Session id[0]
000156: *Jan 20 09:21:59.069 Jordan: Vi1 PPP: Phase is ESTABLISHING, Active Open
000157: *Jan 20 09:21:59.069 Jordan: Vi1 PPP: Authorization NOT required
000158: *Jan 20 09:21:59.069 Jordan: Vi1 PPP: No remote authentication for call-out
000159: *Jan 20 09:21:59.069 Jordan: Vi1 LCP: O CONFREQ [Closed] id 1 len 10
000160: *Jan 20 09:21:59.073 Jordan: Vi1 LCP:    MagicNumber 0x1A89CA1A (0x05061A89CA1A)
000161: *Jan 20 09:21:59.073 Jordan: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up
000162: *Jan 20 09:21:59.073 Jordan: Vi1 DDR: Dialer statechange to up
000163: *Jan 20 0
DMI-FW_RTR#9:21:59.205 Jordan: Vi1 LCP: I CONFREQ [REQsent] id 194 len 19
000164: *Jan 20 09:21:59.205 Jordan: Vi1 LCP:    MRU 1492 (0x010405D4)
000165: *Jan 20 09:21:59.205 Jordan: Vi1 LCP:    AuthProto CHAP (0x0305C22305)
000166: *Jan 20 09:21:59.205 Jordan: Vi1 LCP:    MagicNumber 0x7D27B32E (0x05067D27B32E)
000167: *Jan 20 09:21:59.205 Jordan: Vi1 LCP: O CONFNAK [REQsent] id 194 len 8
000168: *Jan 20 09:21:59.209 Jordan: Vi1 LCP:    MRU 1500 (0x010405DC)
000169: *Jan 20 09:21:59.209 Jordan: Vi1 LCP: I CONFACK [REQsent] id 1 len 10
000170: *Jan 20 09:21:59.209 Jordan: Vi1 LCP:    MagicNumber 0x1A89CA1A (0x05061A89CA1A)
000171: *Jan 20 09:21:59.217 Jordan: Vi1 LCP: I CONFREQ [ACKrcvd] id 195 len 19
000172: *Jan 20 09:21:59.217 Jordan: Vi1 LCP:    MRU 1500 (0x010405DC)
000173: *Jan 20 09:21:59.217 Jordan: Vi1 LCP:    AuthProto CHAP (0x0305C22305)
000174: *Jan 20 09:21:59.221 Jordan: Vi1 LCP:    MagicNumber 0x7D27B32E (0x05067D27B32E)
000175: *Jan 20 09:21:59.221 Jordan: Vi1 LCP: O CONFACK [ACKrcvd] id 195 len 19
000176: *Jan 20 09:21:59.221 Jordan: Vi1 LCP:    MRU 1500 (0x010405DC)
000177: *Jan 20 09:21:59.221 Jordan: Vi1 LCP:    AuthProto CHAP (0x0305C22305)
000178: *Jan 20 09:21:59.221 Jordan: Vi1 LCP:    MagicNumber 0x7D27B32E (0x05067D27B32E)
000179: *Jan 20 09:21:59.221 Jordan: Vi1 LCP: State is Open
000180: *Jan 20 09:21:59.221 Jordan: Vi1 PPP: Phase is AUTHENTICATING, by the peer
000181: *Jan 20 09:21:59.233 Jordan: Vi1 CHAP: I CHALLENGE id 1 len 29 from "BAS1-ABN"
000182: *Jan 20 09:21:59.233 Jordan: Vi1 CHAP: Unable to authenticate for peer
000183: *Jan 20 09:21:59.237 Jordan: Vi1 PPP: Sending Acct Event[Down] id[16]
000184: *Jan 20 09:21:59.237 Jordan: Vi1 PPP: Phase is TERMINATING
000185: *Jan 20 09:21:59.237 Jordan: Vi1 LCP: O TERMREQ [Open] id 2 len 4
000186: *Jan 20 09:22:01.249 Jordan: Vi1 LCP: TIMEout: State TERMsent
000187: *Jan 20 09:22:01.249 Jordan: Vi1 LCP: O TERMREQ [TERMsent] id 3 len 4
000188: *Jan 20 09:22:01.261 Jordan: Vi1 LCP: I TERMREQ [TERMsent] id 196 len 4
000189: *Jan 20 09:22:01.261 Jordan: Vi1 LCP: O TERMACK [TERMsent] id 196 len 4
000190: *Jan 20 09:22:01.261 Jordan: Vi1 LCP: I TERMACK [TERMsent] id 3 len 4
000191: *Jan 20 09:22:01.261 Jordan: Vi1 LCP: State is Closed
000192: *Jan 20 09:22:01.261 Jordan: Vi1 PPP: Phase is DOWN
000193: *Jan 20 09:22:01.265 Jordan: %DIALER-6-UNBIND: Interface Vi1 unbound from profile Di1
000194: *Jan 20 09:22:01.269 Jordan: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to down
DMI-FW_RTR#
0
 
lrmooreCommented:
Looks like their end is challenging with CHAP and you are only using PAP.
Try changing your end to chap
0
 
fernandezalexAuthor Commented:
The router I was working was ruined due to power problems so I can not resolve this issue unitl I get a new one sometime this year (2008)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.