[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Cisco 881g dsl failover to GSM problem

Posted on 2011-10-19
7
Medium Priority
?
695 Views
Last Modified: 2012-12-16
Hi guys,
I'm in need of some help/debugging as I'm pretty much stuck with this.
I have a Cisco 881 router with addon GSM modem card (which I've configured first and it was working fine) but as the main focus is to have DSL as primary and
cellular as backup line, I've proceed to next step and added DSL dialer and created routes and ...
after that I cannot get gsm to go up after I shut down the DSL dialer or FE04 interface (or just disconnect the DSL from Cisco).
 I believe that I mixed up something with ACL or routes? as DNS is also not working (yet I am able to ping DNS server when DSL line is connected).

For ping destination, I use the providers DNS server, which is available for icmp.
DSL and GSM provider are the same, so destination ping server should be available from both destinations.

Thank's in advance!
Using 3986 out of 262136 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname TESTGSM01
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
enable password 7 096940081B091222243F2723382727
!
no aaa new-model
service-module wlan-ap 0 bootimage autonomous
!
!
ip source-route
!
!
ip dhcp excluded-address 192.168.10.1 192.168.10.99
ip dhcp excluded-address 192.168.10.201 192.168.10.254
!
ip dhcp pool DHCPINT
   import all
   network 192.168.10.0 255.255.255.0
   default-router 192.168.10.1
   dns-server 159.42.151.5
   lease 5
!
!
ip cef
no ip domain lookup
!
no ipv6 cef
!
multilink bundle-name authenticated
vpdn enable
!
vpdn-group 2
request-dialin
  protocol pppoe
!
chat-script gsm "" "ATDT*99*1#" TIMEOUT 30 "CONNECT"
!
!
username ischaller privilege 15 password 7 06010A334340001455
!
!
!
archive
log config
  hidekeys
!
!
!
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
description DSL Dial-out interface
backup interface Cellular0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
no ip mroute-cache
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 2
no cdp enable
!
interface wlan-ap0
description Service module interface to manage the embedded AP
no ip address
arp timeout 0
!
interface Wlan-GigabitEthernet0
description Internal switch interface connecting to the embedded AP
!
interface Cellular0
ip address negotiated
encapsulation ppp
dialer in-band
dialer idle-timeout 30
dialer string gsm
dialer-group 1
async mode interactive
ppp chap hostname mychapuser
ppp chap password 7 082C554D0118150713181F
!
interface Vlan1
ip address 192.168.10.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
no ip mroute-cache
!
interface Dialer1
no ip address
no cdp enable
!
interface Dialer2
description DSL dial interface
ip address negotiated
no ip unreachables
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
no ip mroute-cache
dialer pool 2
dialer idle-timeout 0
dialer persistent
dialer-group 2
no cdp enable
ppp authentication chap pap callin
ppp chap hostname test@net-dsl
ppp chap password 7 011A56035A1955
ppp ipcp dns request accept
ppp ipcp route default
ppp ipcp address accept
!
ip local policy route-map track-primary-if
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer2 195
ip route 0.0.0.0 0.0.0.0 Cellular0 200
no ip http server
no ip http secure-server
!
!
ip nat inside source route-map nat2cell interface Cellular0 overload
ip nat inside source route-map nat2dsl interface Dialer2 overload
!
ip sla 1
icmp-echo 159.42.151.5 source-interface Dialer2
timeout 1000
frequency 2
ip sla schedule 1 life forever start-time now
access-list 1 permit any
access-list 2 permit 192.0.0.0 0.255.255.255
access-list 3 permit any
access-list 10 permit 192.168.10.0 0.0.0.255
access-list 20 permit 192.168.10.0 0.0.0.255
access-list 101 permit ip 192.0.0.0 0.255.255.255 any
access-list 102 permit icmp any host 159.42.151.5
access-list 103 permit icmp any host 159.42.151.5
dialer-list 1 protocol ip permit
dialer-list 2 protocol ip permit
no cdp run
 
!
!
!
!
route-map track-primary-if permit 10
match ip address 102
set interface Dialer2
!
route-map nat2dsl permit 10
match ip address 101
match interface Dialer2
!
route-map nat2cell permit 10
match ip address 101
match interface Cellular0
!
!
control-plane
!
!
line con 0
exec-timeout 5 30
password 7 143F26203801382675
logging synchronous
login
no modem enable
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
line 3
exec-timeout 0 0
script dialer gsm
login
modem InOut
no exec
rxspeed 236800
txspeed 118000
line vty 0 4
password 7 022E30703F031D2C1E
login
!
scheduler max-task-time 5000
end

Open in new window

0
Comment
Question by:HattrickSG
  • 3
  • 2
6 Comments
 
LVL 6

Accepted Solution

by:
Sanjeevloke earned 2000 total points
ID: 36999075
try a simple test 1st

remove --ip local policy route-map track-primary-if
interface FastEthernet4
description DSL Dial-out interface
backup interface Cellular0 ----------------remove ...
check now if u can ping or get out.
i c have u configured IP SLA ..
configure track and use IP SLA in it

ip route 0.0.0.0 0.0.0.0 Dialer2 195 ----track 1
ip route 0.0.0.0 0.0.0.0 Cellular0 200 ------------remove AD not needed.

once u track the route ..and if SLA sees remote IP is down ...track1 will go down and route will be removed.


0
 

Author Comment

by:HattrickSG
ID: 37011897
Thanx!
I'll try that tomorrow night and let you know the result!
0
 

Author Comment

by:HattrickSG
ID: 37022699
OK,

this config IS working now - It seems I played to much with access lists :-)
Also, I've deleted everything and started from scratch and in the end, adding line by line.
 

Using 4224 out of 262136 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
service internal
!
hostname htkfwbs01
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
!
no aaa new-model
clock timezone PCTime 1
clock summer-time PCTime date Mar 30 2003 2:00 Oct 26 2003 3:00
service-module wlan-ap 0 bootimage autonomous
!
crypto pki trustpoint TP-self-signed-2322176706
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2322176706
revocation-check none
rsakeypair TP-self-signed-2322176706
!
!
crypto pki certificate chain TP-self-signed-2322176706
certificate self-signed 01 nvram:IOS-Self-Sig#7.cer
ip source-route
!
!
ip dhcp excluded-address 192.168.10.1 192.168.10.99
ip dhcp excluded-address 192.168.10.151 192.168.10.254
!
ip dhcp pool sdm-pool1
   network 192.168.10.0 255.255.255.0
   domain-name hattrick.local
   dns-server 192.10.19.10 8.8.8.8
   default-router 192.168.10.1
!
!
ip cef
ip domain name domain.local
!
no ipv6 cef
!
multilink bundle-name authenticated
vpdn enable
!
vpdn-group 1
request-dialin
  protocol pppoe
!
chat-script gsm "" "atdt*99*1#" TIMEOUT 30 "CONNECT"
!
!
!
!
archive
log config
  hidekeys
!
!
!
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
description ADSL Interface
no ip address
no ip mroute-cache
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
no cdp enable
!
interface wlan-ap0
description Service module interface to manage the embedded AP
no ip address
arp timeout 0
!
interface Wlan-GigabitEthernet0
description Internal switch interface connecting to the embedded AP
!
interface Cellular0
ip address negotiated
ip nat outside
ip virtual-reassembly
encapsulation ppp
no ip mroute-cache
dialer in-band
dialer idle-timeout 0
dialer string gsm
dialer-group 2
async mode interactive
no ppp lcp fast-start
ppp chap hostname 38458
ppp chap password 7 00574B535D03
ppp ipcp dns request
!
interface Vlan1
ip address 192.168.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly
no ip mroute-cache
!
interface Dialer1
description Zove T-Com dsl
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip tcp adjust-mss 1452
no ip mroute-cache
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap callin
ppp chap hostname user@htnet-dsl
ppp chap password 7 001b5301254A58
ppp ipcp dns request accept
ppp ipcp route default
ppp ipcp address accept
!
ip local policy route-map track-primary-if
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1 track 234
ip route 0.0.0.0 0.0.0.0 Cellular0 254
ip http server
ip http secure-server
!
!
ip nat inside source route-map nat2cell interface Cellular0 overload
ip nat inside source route-map nat2dsl interface Dialer1 overload
!
ip sla 1
icmp-echo 192.10.19.10 source-interface Dialer1
timeout 1000
frequency 2
ip sla schedule 1 life forever start-time now
access-list 1 permit any
access-list 3 permit any
access-list 10 permit 192.0.0.0 0.255.255.255
access-list 101 permit ip 192.0.0.0 0.255.255.255 any
access-list 102 permit icmp any host 195.29.150.3
dialer-list 1 protocol ip permit
dialer-list 2 protocol ip permit
no cdp run

!
!
!
!
route-map track-primary-if permit 10
match ip address 102
set interface Dialer1
!
route-map nat2dsl permit 10
match ip address 101
match interface Dialer1
!
route-map nat2cell permit 10
match ip address 101
match interface Cellular0
!
!
control-plane
!
!
line con 0
password 7 10663D32311200065D
logging synchronous
login
no modem enable
line aux 0
logging synchronous
line 2
exec-timeout 0 0
no activation-character
no exec
transport preferred none
transport input all
line 3
exec-timeout 0 0
script dialer gsm
login
modem InOut
no exec
speed 384000
line vty 0 4
logging synchronous
login
!
scheduler max-task-time 5000
end
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 6

Expert Comment

by:Sanjeevloke
ID: 37022720
So u did two things from config i can c..

1) removed backup interface
2) Added track to route..
0
 

Author Comment

by:HattrickSG
ID: 37046990
Hi,

actually - I removed all the access lists, left the track-if and manually bound gsm to connect to T-Mobile.
Don't know for sure why it didn't work before but for now it's up and running :-)
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 38695530
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Prep for the ITIL® Foundation Certification Exam

December’s Course of the Month is now available! Enroll to learn ITIL® Foundation best practices for delivering IT services effectively and efficiently.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Cisco RV042 router is a popular small network interfacing device that is often used as an internet gateway. Network administrators need to get at the management interface to make settings, change passwords, etc. This access is generally done usi…
Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question