Cisco 887 Config for FTTP

Services provided via NBN Co, Opticomm, Open Networks, Red Train, LBN Co, and TPG FttB
Post Reply
oldmate800
Posts: 12
Joined: Tue Apr 06, 2010 10:39 am
Location: Newcastle

Cisco 887 Config for FTTP

Post by oldmate800 » Wed Aug 03, 2016 3:08 pm

Hi everyone,
Wondering if anyone has connected a Cisco 887 or similar to a FTTP service? I'm trying to connect to an Exetel service which terminates as copper (so I'm using Fe0 port on the 887) with PPPoE for authentication. I'll post my existing config below which I cant get to work, so if anyone can help me with any changes i need to make that would be awesome. Any input would be appreciated as I'm fairly fresh on Cisco, even tips on how to test connection from the 887 itself. I'm running latest IOS on the Cisco and the FTTP service itself is definitely operational (tested with usual Exetel issue modem).

Thanks

hostname RTR01

clock timezone AEST 10
clock summer-time AEDT recurring 1 Sun Oct 2:00 1 Sun Apr 3:00

no ip source-route
ip cef

username admin privilege 15 secret xxxpassxxx

archive
log config
hidekeys
exit
exit

interface Ethernet0
shut
exit

Controller VDSL 0
shut
exit

interface ATM0
no ip address
shutdown
no atm ilmi-keepalive
exit

interface FastEthernet0
description --- Ethernet WAN ---
no shut
pppoe enable
pppoe-client dial-pool-number 1
exit
interface FastEthernet1
no shut
exit
interface FastEthernet2
shut
exit
interface FastEthernet3
shut
exit

interface Vlan1
description --- Ethernet LAN ---
no shut
ip address 192.168.5.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
exit

interface Dialer0
description EXETEL FTTP
mtu 1492
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer idle-timeout 0
dialer-group 1
no keepalive
ppp authentication chap callin
ppp chap hostname 0123456789@nsw.exetel.com.au
ppp chap password xxxxxxxxx
ppp ipcp dns request accept
ppp ipcp route default
ppp ipcp address accept
no cdp enable
exit

ip route 0.0.0.0 0.0.0.0 Dialer0

ip flow-cache timeout inactive 10
ip flow-cache timeout active 5
ip flow-export version 5
ip flow-export destination 192.168.2.248 9999

no ip http server
ip http access-class 2
ip http authentication local
ip http secure-server
ip nat inside source list Outbound_NAT interface Dialer0 overload

ip access-list extended Outbound_NAT
permit ip 192.168.5.0 0.0.0.255 any
exit

no cdp run

ntp clock-period 17180370
ntp server 129.143.2.23

webvpn cef

crypto key generate rsa usage-keys label router-key

1024

1024

line vty 0 4
access-class 1 in
no exec-timeout
privilege level 15
password xxxpassxxx
login local
transport preferred ssh
transport input ssh
exit

enable secret xxxpassxxx

exit
clock set 17:08:30 May 21 2016

wr mem

KavindaS
Exetel Staff
Posts: 2715
Joined: Wed Dec 23, 2009 3:59 pm
Location: Sydney

Re: Cisco 887 Config for FTTP

Post by KavindaS » Wed Aug 03, 2016 4:04 pm

oldmate800 wrote:Hi everyone,
Wondering if anyone has connected a Cisco 887 or similar to a FTTP service? I'm trying to connect to an Exetel service which terminates as copper (so I'm using Fe0 port on the 887) with PPPoE for authentication. I'll post my existing config below which I cant get to work, so if anyone can help me with any changes i need to make that would be awesome. Any input would be appreciated as I'm fairly fresh on Cisco, even tips on how to test connection from the 887 itself. I'm running latest IOS on the Cisco and the FTTP service itself is definitely operational (tested with usual Exetel issue modem).

Thanks
By looking at the radius logs, I can see the connection is properly online and it appears to be accurately configured.

oldmate800
Posts: 12
Joined: Tue Apr 06, 2010 10:39 am
Location: Newcastle

Re: Cisco 887 Config for FTTP

Post by oldmate800 » Thu Aug 04, 2016 4:06 pm

Thanks for checking its online. I got lucky and tried out a new config using a switchport (with the wan service) to a separate VLAN and it worked. I'll post my config for anyone else out there with a weird Cisco obsession like myself.

hostname RTR01

clock timezone AEST 10
clock summer-time AEDT recurring 1 Sun Oct 2:00 1 Sun Apr 3:00

no ip source-route
ip cef

username admin privilege 15 secret xxxpassxxx

archive
log config
hidekeys
exit
exit

interface Ethernet0
shut
exit

Controller VDSL 0
shut
exit

interface ATM0
no ip address
shutdown
no atm ilmi-keepalive
exit

interface Vlan1
description --- LAN ---
no shut
ip address 192.168.5.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1452
exit

interface Vlan2
description --- WAN ---
no ip address
ip nat outside
ip tcp adjust-mss 1452
ip virtual-reassembly in
pppoe enable group global
pppoe-client dial-pool-number 1
exit

interface FastEthernet0
description --- Ethernet WAN ---
switchport access vlan 2
no ip address
exit

interface FastEthernet1
description --- Ethernet LAN ---
no ip address
exit

interface FastEthernet2
no ip address
shut
exit

interface FastEthernet3
no ip address
shut
exit

interface Dialer0
description --- EXETEL FTTP ---
mtu 1492
ip nat outside
ip virtual-reassembly in
ip address negotiated
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap callin
ppp chap hostname 13246798@nsw.exetel.com.au
ppp chap password xxxxxxxxxxxxx
ppp ipcp dns request accept
no cdp enable
ip forward-protocol nd
no ip http server
ip http access-class 2
ip http authentication local
ip http secure-server

ip route 0.0.0.0 0.0.0.0 Dialer0

ip nat inside source list Outbound_NAT interface Dialer0 overload

ip access-list extended Outbound_NAT
permit ip 192.168.5.0 0.0.0.255 any
exit

no cdp run

ntp clock-period 17180370
ntp server 129.143.2.23

webvpn cef

crypto key generate rsa usage-keys label router-key

1024

1024

line vty 0 4
access-class 1 in
no exec-timeout
privilege level 15
password xxxpassxxx
login local
transport preferred ssh
transport input ssh
exit

enable secret xxxpassxxx

exit
clock set 19:30:30 aug 03 2016

wr mem

KavindaS
Exetel Staff
Posts: 2715
Joined: Wed Dec 23, 2009 3:59 pm
Location: Sydney

Re: Cisco 887 Config for FTTP

Post by KavindaS » Thu Aug 04, 2016 4:11 pm

oldmate800 wrote:Thanks for checking its online. I got lucky and tried out a new config using a switchport (with the wan service) to a separate VLAN and it worked. I'll post my config for anyone else out there with a weird Cisco obsession like myself.
That is great. Thanks for sharing valuable information to the other customers. :)

darylp
Posts: 20
Joined: Sat Aug 27, 2005 6:21 pm
Location: Sydney, Australia

Re: Cisco 887 Config for FTTP

Post by darylp » Mon Oct 17, 2016 12:01 pm

Thanks oldmate800,
I have a Cisco 877W, (yes 877W not 887), however your config I think will be an excellent start to configuring my 877W, so thanks!
The key thing is configuring fe0 as a WAN PPPoE port.
I noticed you used a MTU of 1492, Exetel support told me 1300, do you have any information on what is best?

I will let you know how I go configuring my Cisco 877W.

KavindaS
Exetel Staff
Posts: 2715
Joined: Wed Dec 23, 2009 3:59 pm
Location: Sydney

Re: Cisco 887 Config for FTTP

Post by KavindaS » Mon Oct 17, 2016 3:06 pm

darylp wrote:Thanks oldmate800,
I noticed you used a MTU of 1492, Exetel support told me 1300, do you have any information on what is best?
Leave the MTU with the default value 1492 if there is no issue with the service when working. We recommend to lower the MTU when there is an issue only, for testing purpose during the troubleshooting process.

Raghav
Posts: 3
Joined: Sat Jun 27, 2020 5:56 pm

FTTP Cisco ISR C1111

Post by Raghav » Thu Jul 30, 2020 7:48 pm

Can anyone help with the config for Cisco ISR C1111

NajikaM
Exetel Staff
Posts: 47
Joined: Tue Sep 24, 2019 1:39 pm

Re: FTTP Cisco ISR C1111

Post by NajikaM » Thu Jul 30, 2020 10:00 pm

Raghav wrote:
Thu Jul 30, 2020 7:48 pm
Can anyone help with the config for Cisco ISR C1111
Hi,

Unfortunately we are not trained to configure 3rd party devices. Therefore we strongly suggest you to contact the relevant device manufacturer in order to have a better assistance.

Raghav
Posts: 3
Joined: Sat Jun 27, 2020 5:56 pm

Re: Cisco 887 Config for FTTP

Post by Raghav » Sat Aug 01, 2020 1:13 pm

thank you, i know exetel does not provide support. I am looking for someone in the forum who can help me to configure Cisco ISR C1100

Raghav
Posts: 3
Joined: Sat Jun 27, 2020 5:56 pm

Re: Cisco 887 Config for FTTP

Post by Raghav » Tue Aug 04, 2020 4:10 pm

CISCO ISR - C1111-8PLTELA

Router#show run
Building configuration...

Current configuration : 4300 bytes
!

! Last configuration change at 05:21:57 UTC Tue Aug 4 2020
!

version 16.9
service timestamps debug datetime msec
service timestamps log datetime msec
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
!

hostname Router
!

boot-start-marker
boot-end-marker
!

!
!

no aaa new-model
!

!
ip dhcp pool webuidhcp
!

!
!

!
!

!
!

!
!

!
subscriber templating
multilink bundle-name authenticated
!

!
!

crypto pki trustpoint TP-self-signed-611806773
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-611806773
revocation-check none
rsakeypair TP-self-signed-611806773
!

!
crypto pki certificate chain TP-self-signed-611806773
certificate self-signed 01
3082032E 30820216 A0030201 02020101 300D0609 2A864886 F70D0101 05050030

quit
!

license udi pid C1111-8PLTELA sn FGL2xxxxxxx
no license smart enable
!

diagnostic bootup level minimal
!

spanning-tree extend system-id
!

!
!

redundancy
mode none
!

controller Cellular 0/2/0
lte modem link-recovery rssi onset-threshold -110
lte modem link-recovery monitor-timer 20
lte modem link-recovery wait-timer 10
lte modem link-recovery debounce-count 6
!

--More--

vlan internal allocation policy ascending
!

!
!

!
!

!
interface GigabitEthernet0/0/0
description NBN
no ip address
negotiation auto
pppoe enable group global
pppoe-client dial-pool-number 1
!

interface GigabitEthernet0/0/1
no ip address
shutdown
negotiation auto
!

interface GigabitEthernet0/1/0
!

interface GigabitEthernet0/1/1
!
interface GigabitEthernet0/1/2
!

interface GigabitEthernet0/1/3
!

interface GigabitEthernet0/1/4
!

interface GigabitEthernet0/1/5
!

interface GigabitEthernet0/1/6
!

interface GigabitEthernet0/1/7
!

interface Cellular0/2/0
ip address negotiated
shutdown
ipv6 enable
!

interface Cellular0/2/1
no ip address
shutdown
!

interface Vlan1
ip address 192.168.1.1 255.255.255.0
ip nat inside
!

interface Dialer1
ip address negotiated
no ip redirects
no ip proxy-arp
ip nat outside
encapsulation ppp
dialer pool 1
dialer-group 1
ppp chap hostname xxxxxxxxxx@nsw.exetel.com.au
ppp chap password 0 xxxxxxxxxxxx
!

ip nat inside source list 100 interface Dialer1 overload
ip forward-protocol nd
no ip http server
ip http authentication local
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 Dialer1
!

!
access-list 100 permit ip 192.168.1.0 0.0.0.255 any
--More--

!
!

!
control-plane
!

!
line con 0
transport input none
stopbits 1
line vty 0 4
login
!

!
!

!
!

!
end

i am repeatedly getting the below messages.

*Aug 4 05:32:47.217: %DIALER-6-BIND: Interface Vi2 bound to profile Di1
*Aug 4 05:32:47.221: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up
*Aug 4 05:32:48.300: %DIALER-6-UNBIND: Interface Vi2 unbound from profile Di1
*Aug 4 05:32:48.301: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to down

i have also added the dhcp config as below:

ip dhcp excluded-address 192.168.1.1
!

ip dhcp pool LAN
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 208.67.222.222 208.67.220.220

i am getting the Ip address from the router but unable to reach internet.

Post Reply