sstops
asked on
Need help configuring Cisco 857w with BT ADSL line
Hello,
I need to configure a Cisco 857w to work with a BT Business DSL line. The router should replace a DrayTek Vigor2800 which worked fine but needs to be replaced because of VPN compatibility issues.
I basically copied the settings from the DrayTek to the CISCO and it won#t connect (or at least I cannot verify it does). I attached the configuration below.
I connected the ADSLoPOTS port using the "lavender" cable with the ADSL Filter. I tried configuring with SDM and SDM Express as well but to no avail.
I would appreciate any help to this urgent problem.
Thank you
Sascha
I need to configure a Cisco 857w to work with a BT Business DSL line. The router should replace a DrayTek Vigor2800 which worked fine but needs to be replaced because of VPN compatibility issues.
I basically copied the settings from the DrayTek to the CISCO and it won#t connect (or at least I cannot verify it does). I attached the configuration below.
I connected the ADSLoPOTS port using the "lavender" cable with the ADSL Filter. I tried configuring with SDM and SDM Express as well but to no avail.
I would appreciate any help to this urgent problem.
Thank you
Sascha
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname yourname
!
boot-start-marker
boot-end-marker
!
logging buffered 51200
logging console critical
enable secret 5 $1$qCx3$fFIieycDAemg9W9IyN7gu.
!
no aaa new-model
clock timezone PCTime 1
clock summer-time PCTime date Mar 30 2003 2:00 Oct 26 2003 3:00
!
crypto pki trustpoint TP-self-signed-2724826201
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2724826201
revocation-check none
rsakeypair TP-self-signed-2724826201
!
!
crypto pki certificate chain TP-self-signed-2724826201
certificate self-signed 01
3082024F 308201B8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
quit
dot11 syslog
no ip source-route
!
!
ip cef
no ip bootp server
no ip domain lookup
ip domain name yourdomain.com
!
!
!
username user1 privilege 15 secret 5 $1$34Ky$vy1/wx9.1iP/olfsB.1Yl/
!
!
archive
log config
hidekeys
!
!
!
!
!
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
description $ES_WAN$$FW_OUTSIDE$
no ip redirects
no ip unreachables
no ip proxy-arp
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
shutdown
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 172.17.1.12 255.255.192.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
!
interface Dialer0
description $FW_OUTSIDE$
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname B******@hg57.btclick.com
ppp chap password 7 15310A1805382A273C6267
ppp pap sent-username B******@hg57.btclick.com password 7 15310A1805382A273C6267
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 192.168.90.0 255.255.255.0 172.17.0.10 permanent
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
!
ip access-list extended All
remark SDM_ACL Category=128
permit ip any any
ip access-list extended SDM_HTTPS
remark SDM_ACL Category=1
permit tcp any any eq 443
ip access-list extended SDM_SHELL
remark SDM_ACL Category=1
permit tcp any any eq cmd
ip access-list extended SDM_SSH
remark SDM_ACL Category=1
permit tcp any any eq 22
!
logging trap debugging
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 172.17.0.0 0.0.63.255
access-list 100 remark SDM_ACL Category=128
access-list 100 permit ip host 255.255.255.255 any
access-list 100 permit ip 127.0.0.0 0.255.255.255 any
access-list 101 remark SDM_ACL Category=128
access-list 101 permit ip host 255.255.255.255 any
access-list 101 permit ip 127.0.0.0 0.255.255.255 any
access-list 102 remark SDM_ACL Category=128
access-list 102 permit ip 213.157.8.0 0.0.0.255 any
dialer-list 1 protocol ip permit
no cdp run
!
control-plane
!
banner exec ^C
% Password expiration warning.
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device and
it provides the default username "cisco" for one-time use. If you have already
used the username "cisco" to login to the router and your IOS image supports the
"one-time" user option, then this username has already expired. You will not be
able to login to the router with this username after you exit this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username <myuser> privilege 15 secret 0 <mypassword>
Replace <myuser> and <mypassword> with the username and password you want to
use.
-----------------------------------------------------------------------
^C
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
login local
no modem enable
transport output telnet
line aux 0
login local
transport output telnet
line vty 0 4
login local
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end
you need to configure SSID for your WLAN, DVI interface and maybe dhcp server for your WLAN clients. check out this tuturial: http://articles.techrepublic.com.com/5100-10878_11-6102399.html
ASKER
Thank you, but I do not want to use the WLAN at the moment. I connected the client PC to the wired LAN interfaces.
presumably your dailer configuration is correct you should be able reach outside world. you can check if your clients can ping vlan1 address of the router. see also
sh ip int bri
sh ip route
sh ip int bri
sh ip route
ASKER
The client can ping the vlan1 address of the router.
The router can ping the client.
Neither can ping outside IPs.
I added the results of the IP routes and the IP interface queries below. There is for some reason no IP address assigned to the dialer.
The router can ping the client.
Neither can ping outside IPs.
I added the results of the IP routes and the IP interface queries below. There is for some reason no IP address assigned to the dialer.
sh ip int bri
Interface IP-Address OK? Method Status Prot
ocol
Dot11Radio0 unassigned YES unset administratively down down
FastEthernet0 unassigned YES unset up up
FastEthernet1 unassigned YES unset up down
FastEthernet2 unassigned YES unset up down
FastEthernet3 unassigned YES unset up down
ATM0 unassigned YES unset up up
ATM0.1 unassigned YES unset up up
Vlan1 172.17.1.12 YES TFTP up up
Dialer0 unassigned YES TFTP up up
NVI0 172.17.1.12 YES unset up up
Virtual-Access1 unassigned YES unset up up
Virtual-Access2 unassigned YES unset up down
sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
S 192.168.90.0/24 [1/0] via 172.17.0.10
172.17.0.0/18 is subnetted, 1 subnets
C 172.17.0.0 is directly connected, Vlan1
S* 0.0.0.0/0 is directly connected, Dialer0
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you for your help. It turned out that the ISP gave me the wrong login information.