- Posts: 1
- Thank you received: 0
Cisco871 and ADSL Modem (Bridged) problems
18 years 9 months ago #12894
by sharol
Cisco871 and ADSL Modem (Bridged) problems was created by sharol
I am having trouble installing my Cisco 871. I have reset to factory default and configured with SDM but once I am connected I cannot even ping my ISP from the outside IP address of the router without 50% packet loss. I do get a negotiated IP address. I get many TCP retransmissions and duplicate ACKs if I try to browse from my PC. It is not possible for me to even completely load google.com unless I wait a really long time, like 15 minutes.
I have tried different crossover cables and the ADSL modem works fine when my Linux box is being used as a firewall router.
I thought maybe the 871 router was bad so I configured it just as a router behind my linux box and I was able to surf the web just fine on my laptop connected to fa0 and out fa4 to the Net. It has something to do with the pppoe and dialer 0 config I guess. Can anyone see a problem with the config?
Current configuration : 5150 bytes
[code:1]
!
version 12.3
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname c871
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 debugging
logging console critical
enable secret <deleted>
!
username <deleted> privilege 15 secret <deleted>
clock timezone PCTime -8
clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
no aaa new-model
ip subnet-zero
no ip source-route
ip cef
ip dhcp excluded-address 10.10.10.1 10.10.10.9
!
ip dhcp pool sdm-pool1
import all
network 10.10.10.0 255.255.255.0
dns-server 64.118.98.90 64.118.98.89
default-router 10.10.10.1
!
!
ip inspect name SDM_LOW cuseeme
ip inspect name SDM_LOW ftp
ip inspect name SDM_LOW h323
ip inspect name SDM_LOW icmp
ip inspect name SDM_LOW netshow
ip inspect name SDM_LOW rcmd
ip inspect name SDM_LOW realaudio
ip inspect name SDM_LOW rtsp
ip inspect name SDM_LOW esmtp
ip inspect name SDM_LOW sqlnet
ip inspect name SDM_LOW streamworks
ip inspect name SDM_LOW tftp
ip inspect name SDM_LOW tcp
ip inspect name SDM_LOW udp
ip inspect name SDM_LOW vdolive
ip tcp synwait-time 10
no ip bootp server
ip domain name home
ip name-server 64.118.98.90
ip name-server 64.118.98.89
ip ssh time-out 60
ip ssh authentication-retries 2
no ftp-server write-enable
!
bridge irb
interface Null0
no ip unreachables
interface FastEthernet0
no ip address
no cdp enable
spanning-tree portfast
!
interface FastEthernet1
no ip address
no cdp enable
spanning-tree portfast
!
interface FastEthernet2
no ip address
no cdp enable
spanning-tree portfast
!
interface FastEthernet3
no ip address
no cdp enable
spanning-tree portfast
!
interface FastEthernet4
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
duplex auto
speed auto
pppoe enable
pppoe-client dial-pool-number 1
no cdp enable
!
interface Dot11Radio0
no ip address
!
ssid cisco
authentication open
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0
54.0
station-role root
no cdp enable
bridge-group 1
bridge-group 1 spanning-disabled
interface Vlan1
no ip address
bridge-group 1
!
interface Dialer0
ip address negotiated
ip access-group 101 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1452
ip inspect SDM_LOW out
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname <deleted>
ppp chap password <deleted>
ppp pap sent-username <deleted> password <deleted>
!
interface BVI1
ip address 10.10.10.1 255.255.255.0
ip access-group 100 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1452
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 5 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
!
logging trap debugging
access-list 1 remark INSIDE_IF=BVI1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 10.10.10.0 0.0.0.255
access-list 100 remark auto generated by SDM firewall configuration
access-list 100 remark SDM_ACL Category=1
access-list 100 deny ip host 255.255.255.255 any
access-list 100 deny ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 101 remark auto generated by SDM firewall configuration
access-list 101 remark SDM_ACL Category=1
access-list 101 permit udp host 64.118.98.89 eq domain any
access-list 101 permit udp host 64.118.98.90 eq domain any
access-list 101 deny ip 10.10.10.0 0.0.0.255 any
access-list 101 permit icmp any any echo-reply
access-list 101 permit icmp any any time-exceeded
access-list 101 permit icmp any any unreachable
access-list 101 deny ip 10.0.0.0 0.255.255.255 any
access-list 101 deny ip 172.16.0.0 0.15.255.255 any
access-list 101 deny ip 192.168.0.0 0.0.255.255 any
access-list 101 deny ip 127.0.0.0 0.255.255.255 any
access-list 101 deny ip host 255.255.255.255 any
access-list 101 deny ip host 0.0.0.0 any
access-list 101 deny ip any any log
dialer-list 1 protocol ip permit
no cdp run
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
[/code:1]
Thanks ahead of time.
I have tried different crossover cables and the ADSL modem works fine when my Linux box is being used as a firewall router.
I thought maybe the 871 router was bad so I configured it just as a router behind my linux box and I was able to surf the web just fine on my laptop connected to fa0 and out fa4 to the Net. It has something to do with the pppoe and dialer 0 config I guess. Can anyone see a problem with the config?
Current configuration : 5150 bytes
[code:1]
!
version 12.3
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname c871
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 debugging
logging console critical
enable secret <deleted>
!
username <deleted> privilege 15 secret <deleted>
clock timezone PCTime -8
clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
no aaa new-model
ip subnet-zero
no ip source-route
ip cef
ip dhcp excluded-address 10.10.10.1 10.10.10.9
!
ip dhcp pool sdm-pool1
import all
network 10.10.10.0 255.255.255.0
dns-server 64.118.98.90 64.118.98.89
default-router 10.10.10.1
!
!
ip inspect name SDM_LOW cuseeme
ip inspect name SDM_LOW ftp
ip inspect name SDM_LOW h323
ip inspect name SDM_LOW icmp
ip inspect name SDM_LOW netshow
ip inspect name SDM_LOW rcmd
ip inspect name SDM_LOW realaudio
ip inspect name SDM_LOW rtsp
ip inspect name SDM_LOW esmtp
ip inspect name SDM_LOW sqlnet
ip inspect name SDM_LOW streamworks
ip inspect name SDM_LOW tftp
ip inspect name SDM_LOW tcp
ip inspect name SDM_LOW udp
ip inspect name SDM_LOW vdolive
ip tcp synwait-time 10
no ip bootp server
ip domain name home
ip name-server 64.118.98.90
ip name-server 64.118.98.89
ip ssh time-out 60
ip ssh authentication-retries 2
no ftp-server write-enable
!
bridge irb
interface Null0
no ip unreachables
interface FastEthernet0
no ip address
no cdp enable
spanning-tree portfast
!
interface FastEthernet1
no ip address
no cdp enable
spanning-tree portfast
!
interface FastEthernet2
no ip address
no cdp enable
spanning-tree portfast
!
interface FastEthernet3
no ip address
no cdp enable
spanning-tree portfast
!
interface FastEthernet4
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
duplex auto
speed auto
pppoe enable
pppoe-client dial-pool-number 1
no cdp enable
!
interface Dot11Radio0
no ip address
!
ssid cisco
authentication open
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0
54.0
station-role root
no cdp enable
bridge-group 1
bridge-group 1 spanning-disabled
interface Vlan1
no ip address
bridge-group 1
!
interface Dialer0
ip address negotiated
ip access-group 101 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1452
ip inspect SDM_LOW out
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname <deleted>
ppp chap password <deleted>
ppp pap sent-username <deleted> password <deleted>
!
interface BVI1
ip address 10.10.10.1 255.255.255.0
ip access-group 100 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1452
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 5 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
!
logging trap debugging
access-list 1 remark INSIDE_IF=BVI1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 10.10.10.0 0.0.0.255
access-list 100 remark auto generated by SDM firewall configuration
access-list 100 remark SDM_ACL Category=1
access-list 100 deny ip host 255.255.255.255 any
access-list 100 deny ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 101 remark auto generated by SDM firewall configuration
access-list 101 remark SDM_ACL Category=1
access-list 101 permit udp host 64.118.98.89 eq domain any
access-list 101 permit udp host 64.118.98.90 eq domain any
access-list 101 deny ip 10.10.10.0 0.0.0.255 any
access-list 101 permit icmp any any echo-reply
access-list 101 permit icmp any any time-exceeded
access-list 101 permit icmp any any unreachable
access-list 101 deny ip 10.0.0.0 0.255.255.255 any
access-list 101 deny ip 172.16.0.0 0.15.255.255 any
access-list 101 deny ip 192.168.0.0 0.0.255.255 any
access-list 101 deny ip 127.0.0.0 0.255.255.255 any
access-list 101 deny ip host 255.255.255.255 any
access-list 101 deny ip host 0.0.0.0 any
access-list 101 deny ip any any log
dialer-list 1 protocol ip permit
no cdp run
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
[/code:1]
Thanks ahead of time.
Time to create page: 0.108 seconds