Cisco 2620 with WIC-1ADSL with Covad /29 Block

Discussion in 'Cisco' started by BlueMonkeyFish, Feb 24, 2007.

  1. Hey y'all

    I just recently had business dsl installed on my line. i opted for
    the 6.0/768 line speed with a /29 block. once i received their modem,
    i ran the web configuration and pulled the data from it, wuch as the
    pvc values and ip information. when i matched up my configuration
    with that of their router to my 2600, following a ppoe static ip
    template from cisco's site; i can not access the internet. I
    contacted covad and the third party provider and they both give me the
    same story, explaining how they dont support third party hardware.

    i did manage to find out that i can not use nat (or so their tech
    says) however im confused as to how i should go about configuring
    this device. on their router the wan port is a dynamically assigned
    private partial class b address and the lan is one of my public
    addresses.

    please help, i have been pounding at the terminal session for just
    over a week and now my head hurts.

    thanks in advance
    Daniel
     
    BlueMonkeyFish, Feb 24, 2007
    #1
    1. Advertisements

  2. BlueMonkeyFish

    chris Guest

    There's no reason why you can't use NAT! Maybe you could post the config?
    Has the router authenticated and been assigned the outside IP address? Can
    you ping anything on the ISP's network from the router?

    Chris.
     
    chris, Feb 24, 2007
    #2
    1. Advertisements

  3. BlueMonkeyFish

    corb Guest

    Post your config ? i.e. show run
     
    corb, Feb 24, 2007
    #3
  4. BlueMonkeyFish

    Darren Green Guest

    Daniel,

    As per the other posts please send in your config.

    Does this config use IRB (integrated routing and bridging) by any chance ?

    In the UK we had a telco give us 2 x public IP's and a private WAN IP
    10.X.X.X. We had to configure IRB to get it working on 1 x router (Cisco
    877). Config excerts below but PLEASE IGNORE !!!! if this is not IRB.

    interface Loopback1
    ip address PUBLIC_IP + Netmask
    !
    !
    interface ATM0
    no ip address
    no atm ilmi-keepalive
    dsl operating-mode auto
    !
    interface ATM0.1 point-to-point
    no snmp trap link-status
    pvc 1/50
    encapsulation aal5snap
    !
    bridge-group 1
    !
    interface FastEthernet0
    !
    interface FastEthernet1
    speed 100
    !
    interface FastEthernet2
    !
    interface FastEthernet3
    !
    interface Vlan1
    description LAN Connection
    ip address 192.168.24.1 255.255.255.0
    !
    interface BVI1
    ip address 10.10.10.10 255.255.255.0
    ip access-group outside in
    !
    ip route 0.0.0.0 0.0.0.0 10.10.10.255
    !
    !
    bridge 1 protocol ieee
    bridge 1 route ip

    Whilst we didn't have nat on this (it was for a site to site VPN) you should
    be able to add an access-list & nat to the loopback interface.

    e.g. access-list 1 permit 192.168.24.0 255.255.255.0

    nat inside source-list 1 int lo1 overload

    Add the relevant nat inside & outside statements to the interfaces.

    Regards

    Darren
     
    Darren Green, Feb 24, 2007
    #4
  5. i dont believe i have been authenticated, i know the user information
    is correct however. i am waiting for a response from the isp to find
    out the authentication protocol (pap, chap) as well as to verify the
    PVC value. the latest configuration im using is the following.

    !
    version 12.3
    service timestamps debug uptime
    service timestamps log uptime
    !
    hostname CPTNYC_2621_R1
    !
    enable secret thepassword
    enable password thepassword
    !
    ip subnet-zero
    !
    !
    ip domain name CPTNYC.COM
    ip name-server 64.105.124.154
    ip name-server 64.105.159.250
    !
    ip audit notify log
    ip audit po max-events 100
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    no voice hpi capture buffer
    no voice hpi capture destination
    !
    !
    !
    !
    !
    !
    interface ATM0/0
    description LB aDSL 6.0\768
    no ip address
    no atm ilmi-keepalive
    bundle-enable
    dsl operating-mode auto
    !
    interface ATM0/0.1 point-to-point
    pvc 0/35
    pppoe-client dial-pool-number 1
    !
    !
    interface FastEthernet0/0
    description EthernetLAN
    ip address 192.168.2.1 255.255.255.252
    ip nat inside
    duplex auto
    speed auto
    !
    interface Dialer1
    mtu 1492
    ip address negotiated
    ip nat outside
    encapsulation ppp
    dialer pool 1
    ppp chap hostname [email protected]
    ppp chap password thepassword
    ppp pap sent-username [email protected] password thepassword
    !
    ip nat inside source list 1 interface Dialer1 overload
    ip http server
    ip http secure-server
    ip classless
    ip route 0.0.0.0 0.0.0.0 Dialer1
    !
    !
    !
    snmp-server community CPTNYC RO
    snmp-server community CPTNYC.COM RW
    snmp-server location Third Floor MDF
    snmp-server enable traps tty
    !
    !
    !
    !
    banner motd ^ ********* Unauthorized Access Prohibited
    **********
    * If you are not authorized to access this device *
    * please disconnect immediately. All access to & *
    * from this device is logged and reviewed daily. *
    * Any unauthorized access will be reported to the *
    * FBIs Computer Crime Devision immediately. To *
    * avoid any criminal prosecution, disconnect now! *
    * ----------------------------------------------- *
    * Property of Crackpot Technologies, Inc. 2006 *
    ***************************************************^
    !
    line con 0
    exec-timeout 20 0
    password 7 051F03012D495A1D1C1704
    login
    line aux 0
    password 7 051F03012D495A1D1C1704
    login
    line vty 0 4
    password 7 051F03012D495A1D1C1704
    login
    !
    !
    !
    end

    I have pretty much followed the basic configuration off ciscos site,
    as well as others sites who have posted config examples and when i run
    a SH INT ATM0/0 i get the follwing.

    Router#sh int atm0/0
    ATM0/0 is up, line protocol is up
    Hardware is DSLSAR (with Alcatel ADSL Module)
    Internet address will be negotiated using DHCP
    MTU 4470 bytes, sub MTU 4470, BW 768 Kbit, DLY 2660 usec,
    reliability 255/255, txload 1/255, rxload 1/255
    Encapsulation ATM, loopback not set
    Encapsulation(s): AAL5 AAL2, PVC mode
    23 maximum active VCs, 256 VCs per VP, 1 current VCCs
    VC Auto Creation Disabled.
    VC idle disconnect time: 300 seconds
    Last input never, output 00:00:14, output hang never
    Last clearing of "show interface" counters never
    Input queue: 0/224/0/0 (size/max/drops/flushes); Total output drops:
    0
    Queueing strategy: Per VC Queueing
    5 minute input rate 0 bits/sec, 0 packets/sec
    5 minute output rate 0 bits/sec, 0 packets/sec
    0 packets input, 0 bytes, 0 no buffer
    Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
    0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
    3908 packets output, 1214206 bytes, 0 underruns
    0 output errors, 0 collisions, 4 interface resets
    0 output buffer failures, 0 output buffers swapped out

    which shows what i think is it not autenticated, being it hastnt
    received any packets. thte CD light is on, and the router shows the
    dsl is on the line and working when i run a sh dsl int atm0/0

    Router# sh dsl int atm0/0
    Alcatel 20150 chipset information
    ATU-R (DS) ATU-C (US)
    Modem Status: Showtime (DMTDSL_SHOWTIME)
    DSL Mode: ITU G.992.1 (G.DMT)
    ITU STD NUM: 0x01 0x1
    Vendor ID: 'ALCB' 'TSTC'
    Vendor Specific: 0x0000 0x0000
    Vendor Country: 0x00 0xB5
    Capacity Used: 79% 94%
    Noise Margin: 11.5 dB 8.0 dB
    Output Power: 20.0 dBm 10.0 dBm
    Attenuation: 27.0 dB 16.0 dB
    Defect Status: None None
    Last Fail Code: None
    Selftest Result: 0x00
    Subfunction: 0x15
    Interrupts: 2663 (0 spurious)
    PHY Access Err: 0
    Activations: 2
    Init FW: embedded
    Operation FW: embedded
    SW Version: 3.8131
    FW Version: 0x1A04

    Interleave Fast
    Interleave Fast
    Speed (kbps): 6016 0
    768 0
    Reed-Solomon EC: 0 0
    0 0
    CRC Errors: 2 0
    3 0
    Header Errors: 2 0
    1 0
    Bit Errors: 0 0
    BER Valid sec: 0 0
    BER Invalid sec: 0 0

    DMT Bits Per Bin
    00: 0 0 0 0 0 0 0 6 6 8 9 A B B B B
    10: A B B B B B A A A 9 8 8 7 6 0 0
    20: 0 0 0 0 0 0 5 5 6 6 7 7 7 8 8 8
    30: 9 9 9 A A A A A B B A A B B B B
    40: 0 B B A B A A A A A A A A A A A
    50: A A A A A A A A A 2 A A A A A A
    60: A A A A A A A A A A A A A A A A
    70: A A A 9 A A A 9 9 9 9 9 9 9 9 9
    80: 9 9 9 9 8 9 9 9 9 9 9 9 9 9 9 9
    90: 8 9 9 9 9 9 8 9 8 3 8 9 8 9 8 9
    A0: 8 8 8 8 6 5 7 8 8 8 8 8 8 8 8 8
    B0: 8 8 8 7 8 8 8 8 7 7 7 7 7 7 7 7
    C0: 7 7 7 7 7 7 7 7 7 7 7 7 3 6 6 6
    D0: 6 5 5 5 5 5 5 5 5 5 5 5 5 5 5 5
    E0: 5 5 5 5 4 4 4 2 0 2 2 3 4 4 4 4
    F0: 4 4 3 2 2 0 0 0 0 0 0 0 0 0 0 0

    DSL: Training log buffer capability is not enabled

    i dont remember the configuration which i used that gave me 1 packet
    input(s), however it never went past that.

    regards
    daniel
     
    BlueMonkeyFish, Feb 24, 2007
    #5
  6.  
    BlueMonkeyFish, Feb 24, 2007
    #6
  7. how can i tell if it is IRB? i know i have tried to configure it for
    bridging and then connect as a pc using ppoe client, with no luck.
    what i do know is that the isp router provided has nat disabled their
    wan port reveives a private dynamically assigned address and the lan
    has one of my static public addresses
     
    BlueMonkeyFish, Feb 24, 2007
    #7
  8. BlueMonkeyFish

    Darren Green Guest

    "> how can i tell if it is IRB? i know i have tried to configure it for
    IRB is a technique to allow a single protocol to be both bridged and routed.

    We only knew we had to use IRB on our solution because we were told by the
    ISP (after some haggling to get support). They took the same stance 'we
    don't support third party devices blah blah'.

    Out setup was:

    WWW-----ISP---------(Private WAN IP's 10.X.X.X /24)--------877
    Router--------2 x Public IP's

    What they expected us to do was to put a firewall behind our 877 router and
    so the 877 router (inside) firewall (outside) would use the 2 x public IP's
    assigned like this:

    WWW-----ISP---------(Private WAN IP)--------877 Router------Firewall---(2 x
    Public IP's /30)----Private LAN

    Traffic from the LAN would NAT to the outside of the firewall which was then
    forwarded to the router. In this way the ISP only needed to be aware of our
    firewall address to send traffic back.

    As someone forgot to sell a firewall to the customer we ended up doing it
    all on one box, the 877. IRB allowed us to create a bridged interface, tie
    it to the ATM and bridge traffic to the ISP using a public address on the
    loopback.We were then able to allocate our normal private LAN IP to the Vlan
    on the 877.

    I am afraid I cannot tell you whether this will achieve what you want it to.
    I just had a hunch tat IRB may help as your scenario was fairly similar to
    my own.

    If it were me I think I would ring the ISP and ask them to steer me in the
    right direction as a sign of goodwill.

    HTH

    Regards

    Darren
     
    Darren Green, Feb 24, 2007
    #8
  9. Im going to see what they say, i just contacted the isp and since
    there is a 21 day satisfaction guarantee, i told them im not satisfied
    due to the lack of support for answers to basic questions needed.
    they may feel pressured because im sure they want me as a customer
    since i signed a 2yr.
     
    BlueMonkeyFish, Feb 24, 2007
    #9
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.