INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Jobs

RE: Cisco 887VA on O2 Broadband

RE: Cisco 887VA on O2 Broadband

(OP)
Hi,

We are replacing an O2 Technicolor router with a Cisco 887VA as we will be configuring a site to site VPN. The configuration is detailed below but FYI, the information on the ADSL line is as follows:

02, PPPoA, ADSL2, Annex A, PVC 0/38 and we have a Static IP. The router is connected directly to the ADSL circuit.

We cannot seem to get to the internet and debug ppp authentication is showing that everything is connected OK and all interfaces are up. I have used similar configurations on BT Infinity with no issues. I have also tried setting the operator mode on the VDSL 0 Controller to "ADSL2 Annex A". Any assistance would be greatly appreciated.

Current configuration : 7214 bytes
!
version 15.5
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname RouterA
!
boot-start-marker
boot config usbflash0:CVO-BOOT.CFG
boot-end-marker
!
!
logging buffered 51200 warnings
!
aaa new-model
!
!
!
!
!
!
!
aaa session-id common
ethernet lmi ce
!
crypto pki trustpoint TP-self-signed-3394232975
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3394232975
revocation-check none
rsakeypair TP-self-signed-3394232975
!
!
crypto pki certificate chain TP-self-signed-3394232975
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33333934 32333239 3735301E 170D3136 30343031 30363130
30385A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 33393432
33323937 3530819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
81009BE3 9D0596A0 7787A01B 9B86AB43 F35352D8 EE50B70F A8DE96AD 618946AC
2F87FA74 7857C1B5 02C1C279 F89DFC9C 39A51943 53D16502 77A5BE40 F26889C5
C48A24C2 E351D653 94298331 EA1D5E35 EFED6E13 D2F1BC14 89F5505B 6827A8D0
D9FAEC21 D1B857D5 FDE6D5F4 A9F0BF98 4784B6E7 868F3CC8 6E3A19C0 764F280B
CC0B0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 14F5461B DF852A10 CED64799 9FCE1964 98A02ABF 0C301D06
03551D0E 04160414 F5461BDF 852A10CE D647999F CE196498 A02ABF0C 300D0609
2A864886 F70D0101 05050003 8181006E B7915E56 62FFE9B3 F9C7E79E B17C1091
832A2029 7E14B0C0 5D2211D8 41B4F5F7 2573AEE2 3B416CE6 AB5C3FBC 4D1421CA
683313C9 9630AE65 EB81DE96 69A9317C 90D2D175 CB5CC4DC 2AA6D8AD 981E3362
75C0F1DE 4991333A 8AE2ACE6 1A3D34CA 792DD33C 023B6EF7 921E5ECB F85A5D83
ABB52C3F 86EDC59D F473C4C7 4E7FB7
quit
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!


!
!
!
!
no ip domain lookup
ip domain name yourdomain.com
ip inspect name DEFAULT100 ftp
ip inspect name DEFAULT100 h323
ip inspect name DEFAULT100 icmp
ip inspect name DEFAULT100 netshow
ip inspect name DEFAULT100 rcmd
ip inspect name DEFAULT100 realaudio
ip inspect name DEFAULT100 rtsp
ip inspect name DEFAULT100 esmtp
ip inspect name DEFAULT100 sqlnet
ip inspect name DEFAULT100 streamworks
ip inspect name DEFAULT100 tftp
ip inspect name DEFAULT100 tcp
ip inspect name DEFAULT100 udp
ip inspect name DEFAULT100 vdolive
ip cef
no ipv6 cef
!
!
!
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
license udi pid C887VA-K9 sn FCZ20069041
!
!
username xxxx privilege 15 secret yyyy
username xxxx privilege 15 password yyyy
username xxxx privilege 15 secret yyyy
!
!
!
!
!
controller VDSL 0
!
!
!
crypto isakmp policy 10
encr aes 256
authentication pre-share
group 2
crypto isakmp key ******** address a.a.a.a
crypto isakmp key ******** address b.b.b.b
!
!
crypto ipsec transform-set *** esp-aes 256 esp-sha-hmac
mode tunnel
crypto ipsec transform-set *** esp-aes 256 esp-sha-hmac
mode tunnel
!
!
!
crypto map *** 1 ipsec-isakmp
set peer a.a.a.a.
set security-association lifetime seconds 28800
set transform-set ***
match address ACL
crypto map *** 2 ipsec-isakmp
set peer b.b.b.b
set security-association lifetime seconds 28800
set transform-set ***
match address ACL
!
!
!
!
!
!
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
no atm ilmi-keepalive
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface Ethernet0
no ip address
shutdown
!
interface FastEthernet0
no ip address
spanning-tree portfast
!
interface FastEthernet1
no ip address
spanning-tree portfast
!
interface FastEthernet2
no ip address
spanning-tree portfast
!
interface FastEthernet3
no ip address
spanning-tree portfast
!
interface Vlan1
description Connection to LAN on c.c.c.c/29 Subnet
ip address c.c.c.c 255.255.255.248
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1452
!
interface Dialer0
mtu 1492
ip address d.d.d.d 255.255.255.248
ip nat outside
ip virtual-reassembly in
encapsulation ppp
shutdown
dialer pool 1
ppp authentication chap callin
ppp chap hostname ahostname@whatever
ppp chap password 0 ***
no cdp enable
!
ip forward-protocol nd
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
ip nat inside source list 100 interface Dialer0 overload
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip access-list extended ACL
permit ip c.c.c.c 0.0.0.7 f.f.f.f 0.15.255.255
!
dialer-list 1 protocol ip permit
!
access-list 23 permit c.c.c.c 0.0.0.7
access-list 100 deny ip c.c.c.c 0.0.0.7 f.f.f.f 0.15.255.255
access-list 100 permit ip any any
access-list 101 permit udp any eq bootps any eq bootpc
access-list 101 deny ip 10.10.10.0 0.0.0.255 any
access-list 101 permit icmp any any echo-reply
access-list 101 permit icmp any any time-exceeded
access-list 101 permit icmp any any unreachable
access-list 101 deny ip 10.0.0.0 0.255.255.255 any
access-list 101 deny ip 172.16.0.0 0.15.255.255 any
access-list 101 deny ip 192.168.0.0 0.0.255.255 any
access-list 101 deny ip 127.0.0.0 0.255.255.255 any
access-list 101 deny ip host 255.255.255.255 any
access-list 101 deny ip any any
!
!
!
control-plane
!
!
!
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
!
mgcp profile default
!
!
!
!
!
!
!
line con 0
no modem enable
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
password xxx
transport input telnet ssh
!
scheduler allocate 20000 1000
!
end



RE: RE: Cisco 887VA on O2 Broadband

(OP)
If anyone does view this thread and for future reference the configuration worked fine. The issue was with incorrect IP addressing information that was supplied to us by a 3rd-party. After checking with 02 we discovered the error and once the change was put into effect everything worked fine.

Also for the more observant of you, you may notice that the Site-to-Site configuration detailed here was missing the appropriate "crypto map" statement on the Dialer 0 interface.

Thanks

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Resources

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close