1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cisco 2811 Dual ADSL

Discussion in 'Networks' started by IPexpress, Jan 9, 2013.

  1. IPexpress

    IPexpress New Member

    4
    0
    1
    Building configuration...

    Current configuration : 2261 bytes
    !
    version 12.4
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname xxxx
    !
    boot-start-marker
    boot-end-marker
    !
    enable secret 5 $1$/RXq$uDF4l5Ry/rHRU3OEX9Nzy.
    !
    no aaa new-model
    !
    resource policy
    !
    ip subnet-zero
    !
    !
    ip cef
    !
    !
    !
    !
    !
    !
    interface Loopback1
    ip address 81.x.x.x 255.255.255.255
    !
    interface Loopback2
    ip address 81.x.x.x 255.255.255.255
    !
    interface FastEthernet0/0
    description Ethernet LAN
    ip address 192.168.0.254 255.255.255.0
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    ip nat inside
    duplex auto
    speed auto
    !
    interface FastEthernet0/1
    no ip address
    shutdown
    duplex auto
    speed auto
    !
    interface ATM0/0/0
    no ip address
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    no atm ilmi-keepalive
    dsl operating-mode auto
    pvc 0/38
    encapsulation aal5mux ppp dialer
    dialer pool-member 1
    !
    !
    interface ATM0/1/0
    no ip address
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    no atm ilmi-keepalive
    dsl operating-mode auto
    pvc 0/38
    encapsulation aal5mux ppp dialer
    dialer pool-member 2
    !
    !
    interface Dialer1
    ip unnumbered Loopback1
    ip nat outside
    encapsulation ppp
    dialer pool 1
    dialer-group 1
    no cdp enable
    ppp authentication chap callin
    ppp chap hostname xxxxxxxx
    ppp chap password 0 xxxxxx
    !
    interface Dialer2
    ip unnumbered Loopback2
    ip nat outside
    encapsulation ppp
    dialer pool 2
    dialer-group 2
    no cdp enable
    ppp authentication chap callin
    ppp chap hostname xxxxxxxxxx
    ppp chap password 0 xxxxxx
    !
    ip classless
    ip route 0.0.0.0 0.0.0.0 Dialer1
    ip route 0.0.0.0 0.0.0.0 Dialer2
    !
    ip http server
    ip nat inside source list 101 interface Dialer1 overload
    ip nat inside source list 102 interface Dialer2 overload
    !
    access-list 101 permit ip 192.168.0.0 0.0.0.255 any
    access-list 102 permit ip 192.168.0.0 0.0.0.255 any
    dialer-list 1 protocol ip permit
    dialer-list 2 protocol ip permit
    !
    control-plane
    !
    !
    line con 0
    logging synchronous
    line aux 0
    line vty 0 4
    login
    !
    scheduler allocate 20000 1000
    !
    end

    xxxx#



    Thanks in advance

    - - - Updated - - -

    With reference to the above config. I am setting up a Cisco2811 with 2 x ADSL PPPoA interfaces. Just testing one of the interfaces first which is the atm0/1/0 interface. The interface comes up and line protocol up but cannot ping out the interface to the Internet. I tried an alternative config with route maps, can anyone help me with this?



    David
     
  2. danielno8

    danielno8 Gigabyte Poster

    1,305
    48
    92
    does the dialer 2 interface come up? Does your default route get added to the routing table? Can you see your client devices IP in the NAT table? i.e. are you being NAT'd to the outside interface address? Or are you only trying to ping from the router? If you traceroute to an internet address what happens? Who is your ISP? i'm pretty sure if line protocol is up it means that PPP authentication has passed, but i would also confirm this.

    Just a few things that should hopefully help you begin troubleshooting as you didn't mention if you had done any yet.
     
    Last edited: Jan 9, 2013
    Certifications: CCENT, CCNA
    WIP: CCNP
  3. IPexpress

    IPexpress New Member

    4
    0
    1
    The dialer2 interface is up and I checked that the authentication is fine. I have pinged from the router and found that I can ping to the ISP router and can also ping 2 DNS Servers but nothing else. If I do an extended ping from the router using the fa 0/0 ip address (inside source for nat) then the ping is not successful and looking at ip nat statistics there has been no NAT
     
  4. danielno8

    danielno8 Gigabyte Poster

    1,305
    48
    92
    ok well if you can ping to two other DNS servers then the link to the IPS is up. Other addresses you are pinging may just be denying the ICMP.

    Can you connect a PC to the Fa0/0 interface and do testing from there? The router may remove the NAT entry frmo the table before you get the chance to check (so it may not be that the packet isn't being NAT'd). Can you add the log option to ACL 102 to check it is being hit?
     
    Certifications: CCENT, CCNA
    WIP: CCNP
  5. IPexpress

    IPexpress New Member

    4
    0
    1
    I can connect to other sites on the Internet now from the router, but not from the local Ethernet network, which suggests a NAT problem. I cannot readily see any problem with the NAT config, can you?
     
  6. danielno8

    danielno8 Gigabyte Poster

    1,305
    48
    92
    Have you checked the NAT table on the router while attempting to open connections to websites? Have you made the ACL log matches?

    What are you using as DNS server on the client on the local network?
     
    Certifications: CCENT, CCNA
    WIP: CCNP
  7. IPexpress

    IPexpress New Member

    4
    0
    1
    ACL log matches not showing any at all, NAT Table not showing anything. Tried putting the two DNS Servers manually in the client on the local network
     
  8. Simonvm

    Simonvm Kilobyte Poster

    472
    13
    41
    Have you tried with standard access lists?

    access-list 11 permit ip 192.168.0.0 0.0.0.255
    access-list 12 permit ip 192.168.0.0 0.0.0.255

    and referencing those in your NAT lines?
     
    Certifications: MCITP: EST, MCDST, MCTS, A+, N+, CCNP, CCNA Wireless
  9. danielno8

    danielno8 Gigabyte Poster

    1,305
    48
    92
    I take it you have checked you are working ok locally? I.e can ping the routers Fa0/0 (192.168.0.254) interface? And you have correctly set this as your default gateway on the client?

    Can you post the routing table on the router. I would possibly also remove the unused NAT config at the minute from the router, i.e. the ACL and NAT statement.

    EDIT: Also stick some debugs on. Try debug ip packet (presume this isn't actually servicing anything else as this command will tax an active router to crash point!) Also debug the NAT.
     
    Last edited: Jan 10, 2013
    Certifications: CCENT, CCNA
    WIP: CCNP

Share This Page

Loading...