• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1528
  • Last Modified:

Problems connecting to BT Broadband using Cisco 877W

I am trying to replace the Business hub supplied by BT with a Cisco 877 W and I am having a number of issues, primarily not be able to connect to the internet from machines on the internal network.

Included below is the running config:-

cisco_877#show running-config
Building configuration...

Current configuration : 4777 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname cisco_877
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
resource policy
!
ip subnet-zero
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.20.1 192.168.20.159
ip dhcp excluded-address 192.168.20.181 192.168.20.254
!
ip dhcp pool sdm-pool
   import all
   network 192.168.20.0 255.255.255.0
   default-router 192.168.20.1
   domain-name delta-victor.com
   lease 0 2
!
!
ip domain name delta-victor.com
!
!
crypto pki trustpoint TP-self-signed-929431039
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-929431039
 revocation-check none
 rsakeypair TP-self-signed-929431039
!
!
crypto pki certificate chain TP-self-signed-929431039
 certificate self-signed 01
  6371301D 0603551D 0E041604 142791D0 A8D2D912 80EFEA18 67F691F3 504F3E63
  71300D06 092A8648 86F70D01 01040500 03818100 43E8F66B 262DF7F6 9FCEB71D
  FEB3AC44 C7ADDC65 C5CF5CDA 40747B90 8AC2D2C3 FFB41591 AFA1F714 6C2FB56C
  2184ABAF 1F99BFC8 4D82D412 7FC1D811 8CD7A1A1 36D6A5A7 342F7A52 E7F16C1B
  8A6E0B6A 5F4D893A 61B21B51 1F0B0D74 BC4083B9 B2A7569B 580E411C 08E32DC8
  D0DD1241 95D66132 37E11025 FE180749 D590B6CC
  quit
username admin privilege 15 secret 5 $1$t5ev$Rq4RnEsg69CxU57jQOH770
!
!
!
!
interface ATM0
 description adsl connection
 no ip address
 no atm ilmi-keepalive
 pvc 0/38
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
 !
 dsl operating-mode auto
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
 no ip address
 shutdown
 speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
 station-role root
!
interface Vlan1
 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
 ip address 192.168.20.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 ip tcp adjust-mss 1452
!
interface Dialer0
 ip address negotiated
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 dialer pool 1
 dialer idle-timeout 0
 dialer-group 1
 no cdp enable
 ppp authentication chap pap callin
 ppp chap hostname hostname@bt.com
 ppp chap password 0 password
 ppp ipcp dns request
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat source route-map NAT-RMAP interface Dialer0 overload
!
ip access-list extended NAT
 permit ip 192.168.20.0 0.0.0.255 any
!
access-list 23 permit 10.10.10.0 0.0.0.7
access-list 23 permit 192.168.20.0 0.0.0.255
no cdp run
route-map NAT-RMAP permit 10
 match ip address NAT
!
!
control-plane
!
banner login ^C
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device.
This feature requires the one-time use of the username "cisco"
with the password "cisco". The default username and password have a privilege level of 15.

Please change these publicly known initial credentials using SDM or the IOS CLI.
Here are the Cisco IOS commands.

username <myuser>  privilege 15 secret 0 <mypassword>
no username cisco

Replace <myuser> and <mypassword> with the username and password you want to use.

For more information about SDM please follow the instructions in the QUICK START
GUIDE for your router or go to http://www.cisco.com/go/sdm 
-----------------------------------------------------------------------
^C        
!
line con 0
 login local
 no modem enable
line aux 0
line vty 0 4
 access-class 23 in
 privilege level 15
 login local
 transport input telnet ssh
!
scheduler max-task-time 5000
end

When I test the interface I get the following:-

Checking interface status - up
Checking for DNS settings - Successful
Checking interface IP address - Successful
Checking exit interface - Successful
Pinging to destination host - Failed

And if I try to connect via any internal machine to the web it fails.
0
delta_v
Asked:
delta_v
  • 5
  • 3
1 Solution
 
pkapoorCommented:
1.  Are you getting an IP on your Dialer? Do a "show ip int brief" and see if there is an IP on that interface. If you are not getting an IP, then your dialer config may not be correct and/or your provider may need to assist you.

2.  If you are getting an IP on that interface, then rom the router, see if you can ping a server on the Internet. Try 4.2.2.2, which is a root name-server that seems to be available all the time. If you can ping that IP from the router, then try pinging it from your workstation. If you can ping it from the router but not from the workstations, then it would mean something wrong in the router configuration. If you cannot ping it from the router itself, then you will need to check the "WAN" side configuration of your router.

Post back your findings to continue assisting you. If you make any configuration changes, please post the new configuration here.
0
 
delta_vAuthor Commented:
I will make the tests you have suggested and update with the results

Thanks
0
 
delta_vAuthor Commented:
With no configuration changes, the output from tests are as follows:-

cisco_877#show ip int brief
Interface                  IP-Address      OK? Method Status                Protocol
FastEthernet0              unassigned      YES unset  up                    up      
FastEthernet1              unassigned      YES unset  up                    down    
FastEthernet2              unassigned      YES unset  up                    down    
FastEthernet3              unassigned      YES unset  up                    down    
Dot11Radio0                unassigned      YES TFTP   administratively down down    
ATM0                       unassigned      YES NVRAM  up                    up      
Vlan1                      192.168.20.1    YES NVRAM  up                    up      
NVI0                       unassigned      YES unset  up                    up      
Dialer0                    81.134.176.154  YES IPCP   up                    up      
Virtual-Access1            unassigned      YES unset  up                    up      
Virtual-Dot11Radio0        unassigned      YES TFTP   administratively down down    
Virtual-Access2            unassigned      YES unset  up                    up      
cisco_877#


cisco_877#ping 4.2.2.2                                                          
                                                                               
Type escape sequence to abort.                                                  
Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:                
!!!!!                                                                          
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/59/60 ms        
cisco_877#


and from my laptop:-

dan@dan-laptop:~$ ifconfig eth1
eth1      Link encap:Ethernet  HWaddr 00:13:02:0B:A8:39  
          inet addr:192.168.20.163  Bcast:192.168.20.255  Mask:255.255.255.0
          inet6 addr: fe80::213:2ff:fe0b:a839/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:138 errors:0 dropped:37 overruns:0 frame:0
          TX packets:113 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:5672863 (5.4 MiB)  TX bytes:874429 (853.9 KiB)
          Interrupt:17 Base address:0x2000 Memory:dcfff000-dcffffff

dan@dan-laptop:~$ netstat -nr
Kernel IP routeing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.20.0    0.0.0.0         255.255.255.0   U         0 0          0 eth1
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth1
0.0.0.0         192.168.20.1    0.0.0.0         UG        0 0          0 eth1
dan@dan-laptop:~$ ping 4.2.2.2
PING 4.2.2.2 (4.2.2.2) 56(84) bytes of data.

--- 4.2.2.2 ping statistics ---
23 packets transmitted, 0 received, 100% packet loss, time 22001ms

0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
pkapoorCommented:
OK - so it seems that the router has connection to the Internet but the LAN does not. This means router configuration. Give me some time to review it (I just got in to work). I will post back in the next couple of hours.
0
 
pkapoorCommented:
Is your LAN just one flat network with 192.168.20.0/24 subnet?
0
 
delta_vAuthor Commented:
At the moment yes, but I have five fixed public IP addresses which I will need to get working as well.
0
 
delta_vAuthor Commented:
I have sorted basic internet access out, now just have to get wireless access and then the static public address working.

I will post the basic config shortly.
0
 
delta_vAuthor Commented:
Sanitized working config below:-

hostname router
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 debugging
!
no aaa new-model
!
resource policy
!
clock timezone PCTime 0
clock summer-time PCTime date Mar 30 2003 1:00 Oct 26 2003 2:00
ip subnet-zero
ip cef    
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.20.1 192.168.20.159
ip dhcp excluded-address 192.168.20.181 192.168.20.254
!
ip dhcp pool dhcp-pool
   import all
   network 192.168.20.0 255.255.255.0
   domain-name domain.com
   default-router 192.168.20.1
   lease 0 2
!
!
!
ip domain name domain.com
!        
!
username admin-user privilege 15 secret 5 $very_secret
!
!
!
bridge irb
!
!
interface ATM0
 description BT ADSL connection
 no ip address
 no atm ilmi-keepalive
 pvc 0/38
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
 !
 dsl operating-mode auto
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
 !
 !
 !
 !
interface Vlan1
 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
 ip address 192.168.20.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 ip tcp adjust-mss 1452
!
!
interface Dialer0
 ip address negotiated
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 dialer pool 1
 dialer idle-timeout 0
 dialer-group 1
 no cdp enable
 ppp authentication chap callin
 ppp chap hostname hostname@btclick.com
 ppp chap password 0 password
 ppp ipcp dns request
!
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
ip flow-top-talkers
 top 5
 sort-by bytes
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat pool pool1 192.168.20.0 192.168.21.0 netmask 0.0.0.255
ip nat inside source list 1 interface Dialer0 overload
!
ip access-list extended NAT
 permit ip 192.168.20.0 0.0.0.255 any
!
access-list 1 permit 192.168.20.0 0.0.0.255
no cdp run
!
control-plane
!        
bridge 1 route ip
banner login ^C
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device.
This feature requires the one-time use of the username "cisco"
with the password "cisco". The default username and password have a privilege level of 15.

Please change these publicly known initial credentials using SDM or the IOS CLI.
Here are the Cisco IOS commands.

username <myuser>  privilege 15 secret 0 <mypassword>
no username cisco

Replace <myuser> and <mypassword> with the username and password you want to use.

For more information about SDM please follow the instructions in the QUICK START
GUIDE for your router or go to http://www.cisco.com/go/sdm 
-----------------------------------------------------------------------
^C        
!
line con 0
 login local
 no modem enable
line aux 0
line vty 0 4
 access-class 23 in
 privilege level 15
 login local
 transport input telnet ssh
!
scheduler max-task-time 5000
ntp server 129.6.15.28 source ATM0 prefer
end
0
 
modus_operandiCommented:
Closed, 500 points refunded.
modus_operandi
Community Support Moderator
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now