Cisco 2620 with WIC-1ADSL with Covad /29 Block

Hey y'all

I just recently had business dsl installed on my line. i opted for the 6.0/768 line speed with a /29 block. once i received their modem, i ran the web configuration and pulled the data from it, wuch as the pvc values and ip information. when i matched up my configuration with that of their router to my 2600, following a ppoe static ip template from cisco's site; i can not access the internet. I contacted covad and the third party provider and they both give me the same story, explaining how they dont support third party hardware.

i did manage to find out that i can not use nat (or so their tech says) however im confused as to how i should go about configuring this device. on their router the wan port is a dynamically assigned private partial class b address and the lan is one of my public addresses.

please help, i have been pounding at the terminal session for just over a week and now my head hurts.

thanks in advance Daniel

Reply to
BlueMonkeyFish
Loading thread data ...

There's no reason why you can't use NAT! Maybe you could post the config? Has the router authenticated and been assigned the outside IP address? Can you ping anything on the ISP's network from the router?

Chris.

Reply to
chris

Post your config ? i.e. show run

Reply to
corb

Daniel,

As per the other posts please send in your config.

Does this config use IRB (integrated routing and bridging) by any chance ?

In the UK we had a telco give us 2 x public IP's and a private WAN IP

10.X.X.X. We had to configure IRB to get it working on 1 x router (Cisco 877). Config excerts below but PLEASE IGNORE !!!! if this is not IRB.

interface Loopback1 ip address PUBLIC_IP + Netmask ! ! interface ATM0 no ip address no atm ilmi-keepalive dsl operating-mode auto ! interface ATM0.1 point-to-point no snmp trap link-status pvc 1/50 encapsulation aal5snap ! bridge-group 1 ! interface FastEthernet0 ! interface FastEthernet1 speed 100 ! interface FastEthernet2 ! interface FastEthernet3 ! interface Vlan1 description LAN Connection ip address 192.168.24.1 255.255.255.0 ! interface BVI1 ip address 10.10.10.10 255.255.255.0 ip access-group outside in ! ip route 0.0.0.0 0.0.0.0 10.10.10.255 ! ! bridge 1 protocol ieee bridge 1 route ip

Whilst we didn't have nat on this (it was for a site to site VPN) you should be able to add an access-list & nat to the loopback interface.

e.g. access-list 1 permit 192.168.24.0 255.255.255.0

nat inside source-list 1 int lo1 overload

Add the relevant nat inside & outside statements to the interfaces.

Regards

Darren

Reply to
Darren Green

i dont believe i have been authenticated, i know the user information is correct however. i am waiting for a response from the isp to find out the authentication protocol (pap, chap) as well as to verify the PVC value. the latest configuration im using is the following.

! version 12.3 service timestamps debug uptime service timestamps log uptime ! hostname CPTNYC_2621_R1 ! enable secret thepassword enable password thepassword ! ip subnet-zero ! ! ip domain name CPTNYC.COM ip name-server 64.105.124.154 ip name-server 64.105.159.250 ! ip audit notify log ip audit po max-events 100 ! ! ! ! ! ! ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! ! ! ! ! interface ATM0/0 description LB aDSL 6.0\\768 no ip address no atm ilmi-keepalive bundle-enable dsl operating-mode auto ! interface ATM0/0.1 point-to-point pvc 0/35 pppoe-client dial-pool-number 1 ! ! interface FastEthernet0/0 description EthernetLAN ip address 192.168.2.1 255.255.255.252 ip nat inside duplex auto speed auto ! interface Dialer1 mtu 1492 ip address negotiated ip nat outside encapsulation ppp dialer pool 1 ppp chap hostname 4940958@bz8 ppp chap password thepassword ppp pap sent-username 4940958@bz8 password thepassword ! ip nat inside source list 1 interface Dialer1 overload ip http server ip http secure-server ip classless ip route 0.0.0.0 0.0.0.0 Dialer1 ! ! ! snmp-server community CPTNYC RO snmp-server community CPTNYC.COM RW snmp-server location Third Floor MDF snmp-server enable traps tty ! ! ! ! banner motd ^ ********* Unauthorized Access Prohibited

********** * If you are not authorized to access this device * * please disconnect immediately. All access to & * * from this device is logged and reviewed daily. * * Any unauthorized access will be reported to the * * FBIs Computer Crime Devision immediately. To * * avoid any criminal prosecution, disconnect now! * * ----------------------------------------------- * * Property of Crackpot Technologies, Inc. 2006 * ***************************************************^ ! line con 0 exec-timeout 20 0 password 7 051F03012D495A1D1C1704 login line aux 0 password 7 051F03012D495A1D1C1704 login line vty 0 4 password 7 051F03012D495A1D1C1704 login ! ! ! end

I have pretty much followed the basic configuration off ciscos site, as well as others sites who have posted config examples and when i run a SH INT ATM0/0 i get the follwing.

Router#sh int atm0/0 ATM0/0 is up, line protocol is up Hardware is DSLSAR (with Alcatel ADSL Module) Internet address will be negotiated using DHCP MTU 4470 bytes, sub MTU 4470, BW 768 Kbit, DLY 2660 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ATM, loopback not set Encapsulation(s): AAL5 AAL2, PVC mode 23 maximum active VCs, 256 VCs per VP, 1 current VCCs VC Auto Creation Disabled. VC idle disconnect time: 300 seconds Last input never, output 00:00:14, output hang never Last clearing of "show interface" counters never Input queue: 0/224/0/0 (size/max/drops/flushes); Total output drops:

0 Queueing strategy: Per VC Queueing 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 3908 packets output, 1214206 bytes, 0 underruns 0 output errors, 0 collisions, 4 interface resets 0 output buffer failures, 0 output buffers swapped out

which shows what i think is it not autenticated, being it hastnt received any packets. thte CD light is on, and the router shows the dsl is on the line and working when i run a sh dsl int atm0/0

Router# sh dsl int atm0/0 Alcatel 20150 chipset information ATU-R (DS) ATU-C (US) Modem Status: Showtime (DMTDSL_SHOWTIME) DSL Mode: ITU G.992.1 (G.DMT) ITU STD NUM: 0x01 0x1 Vendor ID: 'ALCB' 'TSTC' Vendor Specific: 0x0000 0x0000 Vendor Country: 0x00 0xB5 Capacity Used: 79% 94% Noise Margin: 11.5 dB 8.0 dB Output Power: 20.0 dBm 10.0 dBm Attenuation: 27.0 dB 16.0 dB Defect Status: None None Last Fail Code: None Selftest Result: 0x00 Subfunction: 0x15 Interrupts: 2663 (0 spurious) PHY Access Err: 0 Activations: 2 Init FW: embedded Operation FW: embedded SW Version: 3.8131 FW Version: 0x1A04

Interleave Fast Interleave Fast Speed (kbps): 6016 0

768 0 Reed-Solomon EC: 0 0 0 0 CRC Errors: 2 0 3 0 Header Errors: 2 0 1 0 Bit Errors: 0 0 BER Valid sec: 0 0 BER Invalid sec: 0 0

DMT Bits Per Bin

00: 0 0 0 0 0 0 0 6 6 8 9 A B B B B 10: A B B B B B A A A 9 8 8 7 6 0 0 20: 0 0 0 0 0 0 5 5 6 6 7 7 7 8 8 8 30: 9 9 9 A A A A A B B A A B B B B 40: 0 B B A B A A A A A A A A A A A 50: A A A A A A A A A 2 A A A A A A 60: A A A A A A A A A A A A A A A A 70: A A A 9 A A A 9 9 9 9 9 9 9 9 9 80: 9 9 9 9 8 9 9 9 9 9 9 9 9 9 9 9 90: 8 9 9 9 9 9 8 9 8 3 8 9 8 9 8 9 A0: 8 8 8 8 6 5 7 8 8 8 8 8 8 8 8 8 B0: 8 8 8 7 8 8 8 8 7 7 7 7 7 7 7 7 C0: 7 7 7 7 7 7 7 7 7 7 7 7 3 6 6 6 D0: 6 5 5 5 5 5 5 5 5 5 5 5 5 5 5 5 E0: 5 5 5 5 4 4 4 2 0 2 2 3 4 4 4 4 F0: 4 4 3 2 2 0 0 0 0 0 0 0 0 0 0 0

DSL: Training log buffer capability is not enabled

i dont remember the configuration which i used that gave me 1 packet input(s), however it never went past that.

regards daniel

Reply to
BlueMonkeyFish

Reply to
BlueMonkeyFish

how can i tell if it is IRB? i know i have tried to configure it for bridging and then connect as a pc using ppoe client, with no luck. what i do know is that the isp router provided has nat disabled their wan port reveives a private dynamically assigned address and the lan has one of my static public addresses

Reply to
BlueMonkeyFish

"> how can i tell if it is IRB? i know i have tried to configure it for

IRB is a technique to allow a single protocol to be both bridged and routed.

We only knew we had to use IRB on our solution because we were told by the ISP (after some haggling to get support). They took the same stance 'we don't support third party devices blah blah'.

Out setup was:

WWW-----ISP---------(Private WAN IP's 10.X.X.X /24)--------877 Router--------2 x Public IP's

What they expected us to do was to put a firewall behind our 877 router and so the 877 router (inside) firewall (outside) would use the 2 x public IP's assigned like this:

WWW-----ISP---------(Private WAN IP)--------877 Router------Firewall---(2 x Public IP's /30)----Private LAN

Traffic from the LAN would NAT to the outside of the firewall which was then forwarded to the router. In this way the ISP only needed to be aware of our firewall address to send traffic back.

As someone forgot to sell a firewall to the customer we ended up doing it all on one box, the 877. IRB allowed us to create a bridged interface, tie it to the ATM and bridge traffic to the ISP using a public address on the loopback.We were then able to allocate our normal private LAN IP to the Vlan on the 877.

I am afraid I cannot tell you whether this will achieve what you want it to. I just had a hunch tat IRB may help as your scenario was fairly similar to my own.

If it were me I think I would ring the ISP and ask them to steer me in the right direction as a sign of goodwill.

HTH

Regards

Darren

Reply to
Darren Green

Im going to see what they say, i just contacted the isp and since there is a 21 day satisfaction guarantee, i told them im not satisfied due to the lack of support for answers to basic questions needed. they may feel pressured because im sure they want me as a customer since i signed a 2yr.

Reply to
BlueMonkeyFish

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.