Solved

BTInfinty connection using a Cisco 887a router

Posted on 2016-09-20
8
28 Views
Last Modified: 2016-09-26
I am trying to connect my Cisco 887a to a new BTInfinity connection using a static IP. The line works fine with the BT supplied hub but I cannot seem to reach out to the internet when I try the Cisco 887a device.
I am new to routing and Cisco devices so I am sure that I have just forgotten a simple thing. Would anyone be able to take a look at my config and see if anything stands out?
 
Using 3165 out of 262136 bytes
!
! Last configuration change at 11:44:34 BST Tue Sep 20 2016 by administrator
!
version 15.1
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service internal
!
hostname rtr-h003103
!
boot-start-marker
boot-end-marker
!
!
logging buffered 4096
enable secret 5 $1$ADmv$NWsaGiCyPI/apxJCnTNqG1
enable password olwshojoj[hv!
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication enable default enable
aaa authorization exec default local
!
!
!
!
!
aaa session-id common
memory-size iomem 10
clock timezone gmt 0 0
clock summer-time BST recurring last Sun Mar 2:00 last Sun Oct 3:00
crypto pki token default removal timeout 0
!
!
no ip source-route
!
!
!
ip dhcp excluded-address 192.168.0.0 192.168.0.99
ip dhcp excluded-address 192.168.0.200 192.168.0.254
!
ip dhcp pool 10
import all
network 192.168.0.0 255.255.255.0
dns-server 8.8.8.8 4.2.2.2
default-router 192.168.0.1
!
!
ip cef
ip name-server 8.8.8.8
ip name-server 4.2.2.2
ip inspect WAAS flush-timeout 10
no ipv6 cef
!
!
license udi pid CISCO887VA-K9 sn FCZ1524C3GC
!
!
username administrator privilege 15 secret 5 $1$iFs5$Gc3bZQfrlbBbWHQ7DvTE3/
username ccpuser privilege 15 secret 5 $1$yAV0$dUswDZwNZLZXk9jBysqfY0
!
!
!
!
controller VDSL 0
modem customUKAnnexM
modem customUKAnnexA
modem UKfeature
!
ip ssh version 2
!
!
!
!
!
!
bba-group pppoe global
!
!
interface Ethernet0
no ip address
shutdown
pppoe-client dial-pool-number 1
!
interface ATM0
no ip address
no atm ilmi-keepalive
!
interface FastEthernet0
description Uplink to fw-h003104
speed 100
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
ip address 192.168.0.1 255.255.255.0
ip nat inside
no ip virtual-reassembly in
ip tcp adjust-mss 1452
!
interface Dialer1
description BTInfinity
mtu 1492
ip address 81.x.x.x 255.255.255.254
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
no ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer idle-timeout 0
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname username@btclick.com
ppp chap password 0 mypassword
ppp pap sent-username username@btclick.com password 0 mypassword
ppp ipcp dns request accept
ppp ipcp route default
ppp ipcp address accept
no cdp enable
!
no ip forward-protocol nd
no ip http server
no ip http secure-server
!
ip dns server
ip nat inside source list 10 interface Dialer1 overload
!
logging esm config
access-list 10 permit 192.168.0.0 0.0.0.255
access-list 10 remark nat-pool
access-list 23 permit 192.168.0.0 0.0.0.255
access-list 23 remark vty
access-list 23 deny any log
dialer-list 1 protocol ip permit
!
!
!
!
!
!
control-plane
!
banner login ^CCC
THIS IS A PRIVATE SYSTEM. UNAUTHORISED ACCESS IS NOT
PERMITTED AND OFFENDERS ARE LIABLE TO PROSECUTION.
YOUR IP HAS BEEN LOGGED AND AN ALERT GENERATED
^C
!
line con 0
privilege level 15
logging synchronous
no modem enable
line aux 0
line vty 0 4
access-class 23 in
ipv6 access-class ipv6_deny in
transport input telnet
escape-character 3
!
scheduler max-task-time 5000
end

Open in new window


I have also noticed that int ATM0 is down. Does this matter?

Interface         IP-Address   OK?   Method Status Protocol
ATM0               unassigned YES   NVRAM down down
Dialer1             unassigned YES   NVRAM up up
Ethernet0        unassigned YES   NVRAM administratively down down
FastEthernet0 unassigned YES   unset up down
FastEthernet1 unassigned YES   unset up down
FastEthernet2 unassigned YES   unset up down
FastEthernet3 unassigned YES   unset up down
NVI0                 unassigned YES    unset administratively down down
Vlan1               192.168.0.1 YES    NVRAM up down

Open in new window

0
Comment
Question by:Becky Jones
  • 3
  • 3
  • 2
8 Comments
 
LVL 26

Expert Comment

by:Predrag Jovic
ID: 41806746
On your # sh ip int brief output everything is down ... protocol down means - it is down :).
Interface         IP-Address   OK?   Method Status Protocol

ATM0               unassigned YES   NVRAM down down
Dialer1             unassigned YES   NVRAM up up
Ethernet0        unassigned YES   NVRAM administratively down down
FastEthernet0 unassigned YES   unset up down
FastEthernet1 unassigned YES   unset up down
FastEthernet2 unassigned YES   unset up down
FastEthernet3 unassigned YES   unset up down
NVI0                 unassigned YES    unset administratively down down
Vlan1               192.168.0.1 YES    NVRAM up down
What you are missing for sure is default route
ip route 0.0.0.0 0.0.0.0 dialer1
access-list 10 permit 192.168.0.0 0.0.0.255
access-list 10 remark nat-pool
access-list 23 permit 192.168.0.0 0.0.0.255
access-list 23 remark vty
access-list 23 deny any log
There is no need to have it written two times (you can use just one if you want).

access-list 10 permit 192.168.0.0 0.0.0.255
access-list 10 remark nat-pool

is equal to (except log part)

access-list 23 permit 192.168.0.0 0.0.0.255
access-list 23 remark vty
access-list 23 deny any log

Typical ATM configuration looks similar to (provider dependent)
interface ATM0
 no ip address
 no atm ilmi-keepalive
 pvc 8/35
 tx-ring-limit 3
 encapsulation aal5mux ppp dialer
 dialer pool-member 1
1
 

Author Comment

by:Becky Jones
ID: 41806882
Hi, thank you so much for your reply.
I am having difficulty bringing the interfaces up. If I do a "no shutdown" on ATM0 I get:

ATM0 is initializing, line protocol is down
  Hardware is MPC ATMSAR, address is 0007.7deb.c0fa (bia 0007.7deb.c0fa)
  MTU 1520 bytes, sub MTU 1520, BW 4608 Kbit/sec, DLY 80 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ATM, loopback not set
  Keepalive not supported
  Encapsulation(s): AAL5
  4 maximum active VCs, 1024 VCs per VP, 0 current VCCs
  VC Auto Creation Disabled.
  VC idle disconnect time: 300 seconds
  Last input never, output never, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: Per VC Queueing
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     0 packets input, 0 bytes, 0 no buffer
     Received 0 broadcasts (0 IP multicasts)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
     0 packets output, 0 bytes, 0 underruns
     0 output errors, 0 collisions, 0 interface resets
     0 unknown protocol drops
     0 output buffer failures, 0 output buffers swapped out

It will stay like this for a while and then stop trying and revert back to "Status - down".

I fear I am making more of a mess of this.  I think I have incorporated your suggestions but I know I need to delete some of the points that you made, like the duplicated access list lines. Can you tell me how to do this?

So, this is my current config now:

Using 3443 out of 262136 bytes
!
! Last configuration change at 16:44:53 BST Tue Sep 20 2016 by administrator
!
version 15.1
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service internal
!
hostname rtr-h003103
!
boot-start-marker
boot-end-marker
!
!
logging buffered 4096
enable secret 5 $1$ADmv$NWsaGiCyPI/apxJCnTNqG1
enable password $1$ADmv$NWsaGiCyPI/apxJCnTNqG1
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication enable default enable
aaa authorization exec default local
!
!
!
!
!
aaa session-id common
memory-size iomem 10
clock timezone gmt 0 0
clock summer-time BST recurring last Sun Mar 2:00 last Sun Oct 3:00
crypto pki token default removal timeout 0
!
!
no ip source-route
!
!
!
ip dhcp excluded-address 192.168.0.0 192.168.0.99
ip dhcp excluded-address 192.168.0.200 192.168.0.254
!
ip dhcp pool 10
   import all
   network 192.168.0.0 255.255.255.0
   dns-server 8.8.8.8 4.2.2.2
   default-router 192.168.0.1
!
!
ip cef
ip name-server 8.8.8.8
ip name-server 4.2.2.2
ip inspect WAAS flush-timeout 10
no ipv6 cef
!
!
license udi pid CISCO887VA-K9 sn FCZ1524C3GD
!
!
username admin privilege 15 secret 5 $1$iFs5$Gc3bZQfrlbBbWHQ7DvTE3/
username user privilege 15 secret 5 $1$yAV0$dUswDZwNZLZXk9jBysqfY0
!
!
!
!
controller VDSL 0
 operating mode ansi
 modem customUKAnnexM
 modem customUKAnnexA
 modem UKfeature
!
ip ssh version 2
!
!
!
!
!
!
bba-group pppoe global
!
!
interface Ethernet0
 no ip address
 shutdown
 pppoe-client dial-pool-number 1
!
interface ATM0
 no ip address
no atm ilmi-keepalive
 pvc 8/35
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
 !
!
interface FastEthernet0
 description Uplink to fw-h003104
 speed 100
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
 ip address 192.168.0.1 255.255.255.0
 ip nat inside
 no ip virtual-reassembly in
 ip tcp adjust-mss 1452
!
interface Dialer0 (**I need to delete this interface I think**)
 ip address 81.x.x.x 255.255.255.254
 shutdown
!
interface Dialer1
 description BTInfinity
 mtu 1492
 ip address 81.x.x.x 255.255.255.254 (**Some people say not to enter the static IP but I'm not sure**)
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat outside
 no ip virtual-reassembly in
 encapsulation ppp
 dialer pool 1
 dialer idle-timeout 0
 dialer-group 1
 ppp authentication chap pap callin
 ppp chap hostname username@xx.btclick.com
 ppp chap password 0 mypassword
 ppp pap sent-username username@xx.btclick.com password 0 mypassword
 ppp ipcp dns request accept
 ppp ipcp route default
 ppp ipcp address accept
no cdp enable
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
ip dns server
ip nat inside source list 10 interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 0.0.0.0 0.0.0.0 192.168.0.100 (**Maybe I need to delete this line after entering the line above?**)
!
logging esm config
access-list 10 permit 192.168.0.0 0.0.0.255
access-list 10 remark nat-pool
access-list 10 remark nat-pool (**How do I delete these 3 lines?**)
access-list 23 permit 192.168.0.0 0.0.0.255
access-list 23 remark vty
access-list 23 deny   any log
dialer-list 1 protocol ip permit
!
!
!
!
!
!
control-plane
!
banner login ^CCC
THIS IS A PRIVATE SYSTEM. UNAUTHORISED ACCESS IS NOT
PERMITTED AND OFFENDERS ARE LIABLE TO PROSECUTION.

YOUR IP HAS BEEN LOGGED AND AN ALERT GENERATED
^C
!
line con 0
 privilege level 15
 logging synchronous
 no modem enable
line aux 0
line vty 0 4
 access-class 23 in
 ipv6 access-class ipv6_deny in
 transport input telnet
 escape-character 3
!
scheduler max-task-time 5000
end

I really appreciate your time and any further suggestions you can make.
Becky
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 41807888
Hi Becky,

The Infinity service uses the Ethernet interface for VDSL.  The ATM interface is for ADSL.

This is what you need...

https://community.bt.com/t5/Connected-Devices-Other/BT-infinity-with-a-Cisco-router/td-p/407209/page/2

FYI, BT Infinity doesn't support static IP addresses on its residential service.
1
 
LVL 26

Expert Comment

by:Predrag Jovic
ID: 41808011
Typically (not always) you can delete commands by using keyword no and then command

no interface Dialer0
no ip route 0.0.0.0 0.0.0.0 192.168.0.100
no access-list 23

interface Dialer1
 no ip address
 ip address negotiated

line vty 0 4
 no access-class 23 in
 access-class 10 in
1
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 

Accepted Solution

by:
Becky Jones earned 0 total points
ID: 41810259
Hi both, thank you so much for all of your suggestions and time.
I tried all of the suggestions but to no avail.
I have discovered that with BtInfinity the ATM interface needs to be shut down, and the VDSL configured instead. In addition, a sub interface needs to be added to Ethernet0.
BT also confirmed that if I have the correct username/password combo, my static IP would be assigned and I could leave it on negotiated instead of specifying it.

I followed this guide which resolved all of my issues Configure PPPoE on Cisco Routers / Cisco ADSL PPPoE Configuration

Just in case anyone else has the same issue, here is my new full working config.

Using 2457 out of 262136 bytes
!
! Last configuration change at 12:20:16 UTC Wed Sep 21 2016
!
version 15.1
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname rtr-h003103
!
boot-start-marker
boot-end-marker
!
!
no logging console
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication enable default enable
aaa authorization exec default local
!
!
!
!
!
aaa session-id common
memory-size iomem 10
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-1297352779
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-1297352779
 revocation-check none
!
!
crypto pki certificate chain TP-self-signed-1297352779
 certificate self-signed 01 nvram:IOS-Self-Sig#4.cer
ip source-route
!
!
!
!
ip cef
no ipv6 cef
!
!
license udi pid CISCO887VA-K9 sn FCZ1624C5GC
!
!
username administrator privilege 15 secret 5 $1$o3XN$uRrSYGzrLsct6ggXqS5H50
username ccpuser privilege 15 secret 5 $1$2qzm$90Di/2n8XDHpu1A5MsfBT/
!
!
!
!
controller VDSL 0
!
!
!
!
!
!
!
!
interface Ethernet0
 no ip address
!
interface Ethernet0.101
 encapsulation dot1Q 101
 pppoe-client dial-pool-number 1
!
interface ATM0
 no ip address
 shutdown
 no atm ilmi-keepalive
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
 description LAN
 ip address 192.168.0.1 255.255.255.0
ip nat inside
 ip virtual-reassembly in
!
interface Dialer1
 description Dialer interface for VDSL
 mtu 1492
 ip address negotiated
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nbar protocol-discovery
 ip flow ingress
 ip nat outside
 ip virtual-reassembly in
 encapsulation ppp
 ip tcp adjust-mss 1452
 dialer pool 1
 ppp authentication pap chap ms-chap callin
 ppp chap hostname username@hgxx.btclick.com
 ppp chap password 7 mypassword
 ppp ipcp address accept
 no cdp enable
!
ip forward-protocol nd
no ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip nat inside source list NAT interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer1
!
ip access-list extended NAT
 permit ip 192.168.0.0 0.0.0.255 any
 remark Access list for NAT
!
logging esm config
!
!
!
!
!
!
control-plane
!
!
line con 0
 privilege level 15
 no modem enable
line aux 0
line vty 0 4
 exec-timeout 0 0
 privilege level 15
 transport input all
!
end

Open in new window


I hope this can be useful to someone one day. Thanks again guys!
2
 
LVL 26

Expert Comment

by:Predrag Jovic
ID: 41810274
Thank you for feedback it could be useful (never had contact with BTInfinity so far, although I do not expect that I will have it, but who knows) but, according to solution missing default route in your configuration was not problem at all, also having almost the same configuration details on link provided by Craig Beck is close to solution.

interface ATM0
 no ip address
 shutdown
 no atm ilmi-keepalive

interface Ethernet0.101
description Tagging for PPPoE (VDSL 0)
encapsulation dot1Q 101
ip nat outside
ip virtual-reassembly in
no ip route-cache
pppoe enable group global
pppoe-client dial-pool-number 1

interface Dialer1
description **BT INFINITY**
ip address negotiated
ip access-group 101 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1492
ip nbar protocol-discovery
ip flow ingress
ip nat outside
ip virtual-reassembly in
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
dialer-group 1
ppp authentication pap chap ms-chap callin
ppp chap hostname *-*
ppp chap password 0 password
ppp ipcp dns request accept
ppp ipcp route default
ppp ipcp address accept
no cdp enable

I did not read full path to solution on link, but I guess it is there (having subinterface 0.101 marked as ip nat outside and dialer1 marked the same way does not look good in start configuration on link)...
;)
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 41810795
Cheers for the update, Becky.

You don't specifically have to use the encapsulated VLAN on the Infinity service unless you want to use the BT YouView multicast service for TV (which doesn't work with btclick accounts IIRC).  Internet traffic will work fine even if it's not encapsulated.
0
 

Author Closing Comment

by:Becky Jones
ID: 41815742
The guide found on YouTube resolved my issue.
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Internet Speed Test 5 70
Native Vlans, Tagged & untagged annnd Trunks 6 28
Wireless antenna advice/design 6 29
OSPF Question 12 22
#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now