| Need help configuring my Cisco871W with Optimum Static IP I've recently had issues with my Optimum Business Static IP service.
First, I work from my home and I have both a residential and a business service. On the residential side, I was given an Arris modem. From there, I have it plugged into a Cisco router and that configuration is working like a charm.
I also have the business modem which is a Cisco model DPQ3925. This was replacement for a Cisco 800 series router and a Motorola modem previously installed. Since then, it's been hell.
I have now a Cisco 871W (none of the radio interfaces configured) connected from FastEthernet4 (the WAN interface) to the Cisco DPQ3925 interface 1. I was told this would be a transparent replacement but I cannot get service. Presently, I have NOTHING connected to my Cisco871W wired interfaces. When I power up the router, after reload, the transmit and receive LED flash incessantly. I've tried to ping sites on the internet from the Cisco871W with no results. (ie. ping 8.8.8.8 repeat 1000 source 192.168.1.1 -- which is the NAT address on the WAN interface)
This is the same router configuration I've had on this device (in fact, it's backed up via a 'copy startup-config »ftp://:...' to an internal ftp server and I've copied it back too just to be certain). I'm thoroughly convinced that something is NOT configured as it was before in terms of this Cisco DPQ3925.
Optimum has sent out "technicians" who have replace splitters and even swapped the DPQ3925 with another.
I'm also at a loss since there's very little expertise when calling support WRT their service and Cisco routers. They seem to rely on the fact that people just plug commodity routers on these services.
I have my NAT in 192.168.1.0 with 4 of the 5 static IPs defined. The other I used as the address for anything DHCP on the inside network.
Can somebody please help me figure out what is going on? I plugged my Mac into the Cisco DPQ3925 and statically defined one of the IPs to its interface (after I removed the definition on the Cisco871W, of course) and it pings just fine. As soon as the router is connected, the ping from the Mac slow down dramatically.
HELP!!! |
|
 jaaPremium
join:2000-06-13
kudos:2 | You might try the networking forum for help with your Cisco router. »Networking
Perhaps backup you current configuration, and start with a more basic configuration and see how that works. |
|
efrem
join:2002-04-03
Westport, CT | reply to OOLost
Which of your fixed IP addresses did you assign to the WAN interface of your 871? |
|
| I have 5 addresses... .25 is the gateway. I have .26 through .30. I assigned the .26 address to the WAN interface.
What's strange is that this confige has been working. Now, all of a sudden and with nothing plugged in on the LAN side, there is traffic to the Cisco 871W... A LOT of traffic! The TXD and RXD are only almost solid. |
|
Reviews:
 ·Optimum Online
| reply to OOLost
The best way to confirm the DPQ3925 is operating correctlyis to check that you do not receive a connection to a PC connected directly in DHCP mode, and that you do when you configure it with a static IP. If it works with your PC & not your router, then it will definitely be something with your router. Since you couldn't ping from the router itself, I wouldn't focus on anything with the LAN config until that part is working. |
|
| I'm thinking I've been targeted for a DoS.
With nothing on the router at 192.168.1.2 NATted to ext.er.nal.26, there is little traffic showing on the TXD LED but the RXD is still nearly constant on. The other addresses, now back on the router, seem to be OK. However, if I add the server at 192.168.1.2, the proverbial brown-nasty hits the air impeller. Can OOL see what's happening or what's coming into that address??? |
|
 IllIlIlllIllEliteDataPremium
join:2003-07-06
Hampton Bays, NY
kudos:7 | said by OOLost :I'm thinking I've been targeted for a DoS.
your probably getting multicast/broadcast traffic.
nothing to worry about.
--
Suffolk County NY Police Feed - »www.scpdny.com
PS3 Gaming Feed - »www.livestream.com/elitedata |
|
| so much so that the RXD/TXD LEDs are lit continuously with nothing connected to the LAN side of the router??? |
|
IllIlIlllIllEliteDataPremium
join:2003-07-06
Hampton Bays, NY
kudos:7 | i know broadcast traffic is filtered (by the CM, set by CV's CFG file via SNMP) for subscriber based CM's but im not sure of its filtered on business accounts.
if broadcast traffic is not filtered on business accounts and you are on the same "node" with alot of other modems, you will get alot of broadcast traffic.
you should see the broadcast traffic for the cable boxes !
--
Suffolk County NY Police Feed - »www.scpdny.com
PS3 Gaming Feed - »www.livestream.com/elitedata |
|
jaaPremium
join:2000-06-13
kudos:2 Reviews:
·Optimum Online
 ·Vonage
| reply to OOLost
said by OOLost :I'm thinking I've been targeted for a DoS.
I think that is unlikely, and this statement seems to rule that out:
said by OOLost : I plugged my Mac into the Cisco DPQ3925 and statically defined one of the IPs to its interface (after I removed the definition on the Cisco871W, of course) and it pings just fine. If it works with your Mac it will likely work with your router. And the fact that both are Cisco devices would make some strange incompatibility less likely.
--
NOTHING justifies terrorism. We don't negotiate with terrorists. Those that support terrorists are terrorists. |
|
| reply to IllIlIlllIll
I was running for a bit and now the connection is toast. I'm ready to cancel my business account. This router was configured eons ago and it worked just fine. Now, all of a sudden, I'm getting these issues and they've been getting progressively worse in the past two weeks. I've also changed out the routers. I have 2 Cisco 851s and one Cisco 871W. The problem occurs with all, so I'm convinced it is not my kit.
interface FastEthernet4
description WAN
ip address 24.xx.yy.26 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
ip inspect MYFW out
ip nat outside
ip nat enable
ip virtual-reassembly
ip route-cache flow
duplex auto
speed auto
!
interface Vlan1
ip address 192.168.1.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip nat enable
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1452
!
ip classless
ip route 0.0.0.0 0.0.0.0 24.xx.yy.25
ip nat inside source list 1 interface FastEthernet4 overload
ip nat inside source static 192.168.1.2 24.xx.yy.26
ip nat inside source static 192.168.1.4 24.xx.yy.28
ip nat inside source static 192.168.1.64 24.xx.yy.29
ip nat inside source static 192.168.1.7 24.xx.yy.30
That should be right, is it not??? |
|
| reply to jaa
Re: Need help configuring my Cisco871W with Optimum Static IP I posted router config but it hasn't shown here yet. I can't fathom what has changed that might make it incorrect. If it shows, let me know. All I can state is that I've never seen the Cisco's LED on as steady as they are now.
Fortunately, I have residential service as well and can post here using it. The Cisco on it is quite content. I'd register for an account here, instead of using the OOLost anonymous name, but I need my Business network functional for the email. The ol' catch 22. |
|
|
|
jaaPremium
join:2000-06-13
kudos:2 Reviews:
·Optimum Online
·Vonage
| reply to OOLost
Do you still think it is a DoS attack on your IP?
I have no idea what a cisco configuration looks like, but to me it seems you are assigning the .26 address twice.
I think it is your router config - try a simpler config, perhaps for one attached device, and see if it works.
Or throw out the cisco equipment and spend $15 on a netgear.
--
NOTHING justifies terrorism. We don't negotiate with terrorists. Those that support terrorists are terrorists. |
|
| reply to OOLost
You could have some provisioning issue with your acct. i know you called and had people there. When they were at your house did they plug there laptop in or verify it worked before they left? You make just need the static deprovisioned then reprovisioned. If you call again and talk to business tsg they can do this. |
|
| reply to jaa
I had a "Cisco" guru give me the green-light on the configuration. The configuration of Fa4 is correct. Netgear? Toys. |
|
efrem
join:2002-04-03
Westport, CT | Just want to clarify that you are indeed using the correct subnet and IP addresses assigned to you by CV.
You say you have 5 addresses .... you really should have 7.
One is the subnet
One is the default gateway
Four are the addressable individual IP's
One is the broadcast address for the subnet.
It does not appear to me that you are using that scheme with the addresses you listed above.
You might want to double-check that. |
|
| reply to OOLost
said by OOLost :I'm also at a loss since there's very little expertise when calling support WRT their service and Cisco routers. They seem to rely on the fact that people just plug commodity routers on these services.
As they should be - for a $10/month service, you can't expect expert networking support.
Quick question: what area are you in (town,state)? Some areas seem to have gotten a new firmware for the 3925 recently: it was 120309a, now 120614a (e.g.: March to June release dates). If that turns out to be your problem, you'll not win this.
I've reviewed your config, and yes, ip proxy-arp was one of my suspects in this (the DPQ3925 does NOT support this), but you have it turned off on FE4, yet it remains a suspect.
What does your (871W) arp-table show after you generate some traffic?
Can you ping the default-gw (.25) when using .26 as the source-IP?
If you hook up a lowly sniffable hub between the FE4 and 3925-port1 interfaces, can you tell us for SURE that there is no proxy-arp going on, and absolutely all L2 traffic leaving your FE4 interface is using the one and only MAC-address of that interface, and ALL IP packet source addresses are .26-30?
Not sure if the 871 will do with its NAT what you expect with a ping source of 192.168.1.1 - does it correctly apply the NAT translation before sending that packet out FE4? Try the 24.x.x.26 address as the source. |
|
| said by cablewizzard:I've reviewed your config, and yes, ip proxy-arp was one of my suspects in this (the DPQ3925 does NOT support this), but you have it turned off on FE4, yet it remains a suspect.
What does your (871W) arp-table show after you generate some traffic?
Can you ping the default-gw (.25) when using .26 as the source-IP?
If you hook up a lowly sniffable hub between the FE4 and 3925-port1 interfaces, can you tell us for SURE that there is no proxy-arp going on, and absolutely all L2 traffic leaving your FE4 interface is using the one and only MAC-address of that interface, and ALL IP packet source addresses are .26-30?
Not sure if the 871 will do with its NAT what you expect with a ping source of 192.168.1.1 - does it correctly apply the NAT translation before sending that packet out FE4? Try the 24.x.x.26 address as the source.
FWIW, after calling Optimum and reading them the riot act, the "chatter" on the router just ceased about 20 minutes ago.
I did find, too, that Optimum wiped out all of my reverse DNS definitions. I told them that they will find them and recover them. I'm not touching anything in the interim. It's clear that they've mucked up a number of things.
Anyway, it's a joy to see RxD/TxD black, only to flash when there's traffic. Currently, since I've shutdown servers and services, the only flashing I see is an occasional email (or rejected SPAM) and when I type in one of my ssh sessions from my residential account to the server on the business account! 
I am awaiting a callback from OOL WRT to this issue and the restoration of my reverse-DNS. I'd love to hear what they found as the issue.
FWIW, I put a 100bT switch between the DPQ3925/Cosco router *just* in case I need to start sniffing what's been going on but... that looks unnecessary at the moment. |
|
| reply to efrem
said by efrem:Just want to clarify that you are indeed using the correct subnet and IP addresses assigned to you by CV.
You say you have 5 addresses .... you really should have 7.
One is the subnet
One is the default gateway
Four are the addressable individual IP's
One is the broadcast address for the subnet.
It does not appear to me that you are using that scheme with the addresses you listed above.
You might want to double-check that.
Really? Talk that over with the OOL folks then. I was told:
24.xx.yy.24/29
24.xx.yy.25 -- gateway
24.xx.yy.26 -- 1st assignable IP
24.xx.yy.27 -- 2nd assignable IP
24.xx.yy.28 -- 3rd assignable IP
24.xx.yy.29 -- 4th assignable IP
24.xx.yy.30 -- 5th assignable IP
24.xx.yy.31 -- broadcast |
|
