ddervin
join:2004-04-27
Columbus, OH
| "Basic" 831 SDM config not letting me "out"...
Folks-
I'm a newbie with the Cisco gear and have an 831 that I have received some good help with in this forum. The continuing saga is that I now have it upgraded in IOS and now have enough flash memory to install the SDM files. That went well, and now the liitle @#$@# boots right up to SDM!
Of course I thought that would really help me out as the CRWS was so crude. Well heck, now the SDM brings a whole lot more confusion to the party!
I went through about 15 total resets and setups using different combinations but could not get the thing to let me out to the Internet! I am assuming at this point I must be missing something. I also suspect that in this day and age of security cmplaints, the "basic" setups I am doing are still probably hardened just enough to not let me "out".
The basics here are an SBC DSL modem connected to the WAN port, and then running through the wizards. My LAN has full connectivity just fine, but can't get 'out". I don't want to set the router itself up for PPOE- I need the DSL modem to do that because I have no idea what the ID and passwords are due to how SBC configures this stuff.
Anyone know where I have to rub this thing just right to let me out to the Internet so I can really begin to learn and use this thing?
I appreciate everyone's patience, and thanks A LOT.
ddervin
misc@dataflowtechnologiesinc.com |
|
nozero
Eschew Obfuscation
Premium,MVM,ExMod 2003-06
join:1999-12-29
InnerSanctum
clubs:
 ·Comcast
·Comcast Formerly ..
·RoadRunner Cable
 ·PowWeb
| Regarding your post, are you aware of the possible ramifications of posting your [full name] [email] [telephone number] [MAC address] [IP number] in the forums, which puts them in public view? There are numerous mechanisms, sometimes called "bots" or "spyders" that harvest such information from the internet to be used for purposes that could be considered less than beneficial to you, such as SPAM, hacking, identity theft or worse. You are certainly welcome to include it in your post, but we just want to make sure you understand the potential consequences if you choose to do so. I generally only provide this information via IM.
Thanks.
If you wish to change it and find that you cannot, let me know, and I will be happy to do it for you.
--
Every moment is another chance to turn it all around.
If only one cure is to be found, don't you want to be part of that?
Here's how... |
|
mbruno
join:2003-07-03
Fruitland, MD
·Comcast
| reply to ddervin
Hey ddervin, Do you mind if I ask you a question about your 831? I have one as well and I also have to agree that the help you get in here is execellent. But the question I wanted to ask you about your 831 is what is the size of your flash memory? did you add more flash memory to it and also what is the size of your IOS you have loaded? The reason I am asking is because I am still trying to load the SDM on my 831 and I don't have enought room. I really don't want to buy more Flash because it is really expensive for what Cisco is charging. Do you have both the CRWS and the SDM loaded on the router. Thanks waiting to hear back from you. |
|
ddervin
join:2004-04-27
Columbus, OH
| My 831 was sold to me from a person on eBay telling me it had 12 mb of flash. I think the guy just copied the **CURRENT** spec of the 831 to his eBay ad. What he sold me ended up being only 8 mb of flash, which won't hold the SDM files and the current IOS release Cisco told me to put on it (c831-k9o3y6-mz.123-7.T1.bin).
I agree that the flash memory is a little on the high side, but I found a fellow through these forums that sold me a 4 mb flash upgrade for $25.00. Use my email address above and email me and I'll put you in contact with him so that you can get a card for yours cheap if you need one.
Now, if anyone has any information regarding my problems, I'd appreciate it.
Regards-
ddervin |
|
mbruno
join:2003-07-03
Fruitland, MD
·Comcast
| You may want to call SBC for that information on the ID and passwords or they can prob. direct you to the right place. Another thing that just came to mind is that if you can somehow get to the internet "which I know that is what you are trying to do" you could look at the SBC tech. support pages and see what they have listed. Of course if someone else knows they could always tell you. |
|
aryoba
Premium,MVM
join:2002-08-22
| reply to ddervin
Is my assumption correct?
I assumed that you have a DSL router/modem from SBC (is it Netopia?) and you wanted to put the 831 behind the router?
If yes, how was your original network setup before the 831 came? Was it like this:
Internet -- SBC DSL router/modem -- switch -- LAN
or more like this:
Internet -- SBC DSL router/modem -- LAN |
|
ddervin
join:2004-04-27
Columbus, OH
| Thanks for your reply... This thing is REALLY making me look stupid! Kinda funny, but not too productive!
The LAN setup is;
SBC DSL modem (Speedstream)- Linksys RV082 Router (w/8port switch)- LAN
I'd like it to be-
SBC DSL modem (Speedstream)- Cisco 831 Router (w/4port switch)- LAN
I have supposedly the latest IOS (c831-k9o3y6-mz.123-7.T1.bin) so I can use upload and SDM instead of CRWS. I "thought" SDM would be easier than CRWS. Nope. BUT, it obviously is more functional. Eitherway, I just can't get the thing to "let me out".
I am thinking the WAN port isn't getting an IP. I've tried using both "unencapsulated" and "PPPOE encapsulation" to no avail. I was under the impression that the DSL modem handles the PPPOE, so I have been focusing more on the "unencapsulated" route. One tell tale thing for me is that under any circumstance of how I set this thing up, my "internet" light on my DSL modem won't light up. The other "activity", "dsl", "ethernet" and "power" lights always light up. Of course when I'm using my Linksys RV082 router as now, the "internet" lights up.
Is my 831 not getting an IP on the Internet?
You have NO IDEA how appreciative I am for your help...
DSD
I have to say, it's weird that this thing won't hook up after a fresh "factory reset"- I thought this would be simpler. |
|
ddervin
join:2004-04-27
Columbus, OH | Please help!
Someone, anyone- assitance would be appreciated.
Thanks-
dsd |
|
Covenant
Premium,MVM
join:2003-07-01
England
1 edit | Since no one else has got stuck into this, I will try to help but my knowledge as regards the speedstream product is non-existent.
Is the speedstream in routing mode?
Since I know nothing about it, and its performing PPPoE, I will presume it is unless told otherwise, i.e. half-bridging.
If its in routing mode, the DHCP assigned address from the ISP will never reach the 831.
INTERNET====speedstream----831--(LAN)
The address will be assigned to the speadstream's WAN interface with, I am presuming again, a default LAN IP assigned by the manufacturer. Maybe something like 192.168.0.1 or 192.168.1.1.
If that is the case, you will have to configure the 831's wan facing interface to be in the same subnet as the speadstream's default IP.
Once that is done, you will need to configure the LAN facing interface of the 831 into another network, 10.1.1.0/24 is fine if you havent changed it.
Setup static routes on the speedstream and the 831. Not sure how to do it on the speedstream but on the 831, its:
ip route 0.0.0.0 0.0.0.0 e0 OR e1 depending on which one is the wan facing interface.
Setup something similar on the speedstream which should look like this:
ip route 10.1.1.0 255.255.255.0 192.168.1.2
This is assuming that the LAN network address is indeed 10.1.1.0/24 and that the WAN interface of the 831 is 192.168.1.2.
Phew... need to give my fingers a rest now from all this typing  . Can you please clarify the situation if that is not how the speedstream is setup with an ASCII diagram of your IPs, etc as well as the config of the 831 and the model of the speedstream.
--
If only my employers can see how much effort I put into the Cisco forum. They would then understand why I sleep at my desk.
|
|
ddervin
join:2004-04-27
Columbus, OH
| Thanks very much for the assistance!
I have very little idea about the speedstream mode that is working, except that the SBC conncetion requires PPPOE which I can change to be "on the modem", or "on the pc". I currently have it set to "on the pc" and it is hooked to a linksys rv082 router that is configured for the PPPOE.
I want to repleace the linkshys rv082 router, but it "is" working at least...
Anyway, the diagram looks like thus;
speedstream---831---lan
lan ip range 192.168.0.0 - .254
I guess I'm stil really wondering why the 831 doesn't connect "out of the box" using the sdm wizards. It seems to prompt me for PPPOE and the basic stuff, but it just doesn't work. I've combed the newsgroups for hours and it seems that nobody else in the world has this problem (go figure), and this is very troubling. It makes me think that something is wrong with the unit..
Thanks very much- I hope my information is useful...
DSD |
|
Covenant
Premium,MVM
join:2003-07-01
England
1 edit | Configure the speedstream to allow PPPoE on the PC...
Then follow this config:
router>en
router#config t
router(config)#ip name-server x.x.x.x
router(config)#ip name-server x.x.x.x
router(config)#interface Ethernet0/0
router(config-if)#description INSIDE LAN
router(config-if)#ip address 192.168.0.1 255.255.255.0
router(config-if)#ip nat inside
router(config-if)#ip tcp adjust-mss 1452
!
router(config-if)#interface Ethernet0/1
router(config-if)#description DSL Interface
router(config-if)#no ip address
router(config-if)#pppoe enable
router(config-if)#pppoe-client dial-pool-number 1
router(config-if)#no cdp enable
!
router(config-if)#interface Dialer1
router(config-if)#description SBC ADSL
router(config-if)#ip address negotiated
router(config-if)#ip mtu 1492
router(config-if)#ip nat outside
router(config-if)#encapsulation ppp
router(config-if)#no ip mroute-cache
router(config-if)#dialer pool 1
router(config-if)#dialer remote-name redback
router(config-if)#dialer idle-timeout 0
router(config-if)#dialer-group 1
router(config-if)#no cdp enable
router(config-if)#ppp authentication pap chap callin
router(config-if)#ppp chap hostname username@sbcglobal.net
router(config-if)#ppp chap password xxxxxx
router(config-if)#ppp pap sent-username username@sbcglobal.net password xxxxxx
!
router(config-if)#exit
router(config)#ip nat inside source list 1 interface Dialer1 overload
!
router(config)#access-list 1 permit 192.168.0.0 0.0.0.255
!
router(config)#ip route 0.0.0.0 0.0.0.0 Dialer1
router(config)#ip route 0.0.0.0 0.0.0.0 Null0 255
router(config)#ip route 127.0.0.0 255.0.0.0 Null0
router(config)#ip route 172.16.0.0 255.240.0.0 Null0
router(config)#ip route 192.168.0.0 255.255.0.0 Null0
!
router(config)#dialer-list 1 protocol ip permit
Once that is done, type END and then follow the steps below:
c2600#ping
Protocol [ip]: press Enter
Target IP address: www.yahoo.com
Repeat count [5]: press Enter
Datagram size [100]: press Enter
Timeout in seconds [2]: press Enter
Extended commands [n]: Y
Source address or interface: 192.168.0.1
Type of service [0]: press Enter
Set DF bit in IP header? [no]: press Enter
Validate reply data? [no]: press Enter
Data pattern [0xABCD]: press Enter
Loose, Strict, Record, Timestamp, Verbose[none]: press Enter
Sweep range of sizes [n]: press Enter
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 216.109.117.205, timeout is 2 seconds:
Packet sent with a source address of 192.168.0.1
!!!!!
Success rate is 100 percent (5/5)
That is what you want to see.
HTH.
--
If only my employers can see how much effort I put into the Cisco forum. They would then understand why I sleep at my desk.
|
|
ddervin
join:2004-04-27
Columbus, OH
| WOW. Wow, wow, wow.
You ARE THE MAN (or woman as the case may be)!
Two weeks, numerous calls, too many emails, and a couple of language translators with Cisco, and here you are hiding on the Internet all the time. The darn thing began working IMMEDIATELY! I don't know whether or not you work for Cisco, but you just won their "Employee of the Month" award, that's for sure!
What I did was enter your commands without any "reset" or whatever, so there may be some of what was already existing in my config here. I will certainly experiment with this and I CANNOT thank you enough for this assistance. Being a newbie to Cisco equipment, I will attempt to study and understand what I just commanded the thing to do....
THANK YOU VERY MUCH!
DSD |
|
Covenant
Premium,MVM
join:2003-07-01
England
| WOW, dont get a response like that often but its brill when you do. 
You are correct in assuming I am a man.
BUT I do not work for Cisco, sometimes I wish I did though. Dont know how much someone can learn by working for TAC. I just have to look at my friends in there to see the extent of their knowledge. They would put any CCIE to shame.
Your welcome and please feel free to post any queries you may have regarding your config. I would appreciate it immensely if you could provide your config as an example for connecting the speedstream to the Cisco router, i.e. create an FAQ.
The link is below for submitting it as an FAQ:
»Cisco Forum FAQ
--
If only my employers can see how much effort I put into the Cisco forum. They would then understand why I sleep at my desk. |
|
ddervin
join:2004-04-27
Columbus, OH
| No problem- I will post it as a FAQ.
I do have a couple questions now though about the above config...
1. For some reason, I can connect to my outbound mail server and retrieve mail, but I cannot send mail. I DID MESS with the firewall settings after I entered this config, and I HAVE NOT had the time to enter this config "purely" on it's own- if you remember I already had some settings in there.
2. The next questions might need to be in another thread- "port forwarding". How does one get incoming traffic on a particular port got to a particular ip address on the internal lan on a particular (the same) port? For example- I'd like to be able to use Win 2003 Remote Desktop (term serv) into the 831 from the Internet, and forward it to a managment serve on the LAN...
Thanks again very much!
DSD |
|
Covenant
Premium,MVM
join:2003-07-01
England
| I can only guess as to what your mail problem is without the config. If you do have a line similar to the one below:
ip inspect name firewall smtp...
take it out by putting no infront of it when in global config mode.
If that doesnt solve it, post your config and we will have a look at it.
Per your second question about port forwarding for your terminal server access:
Praetorian>en
Praetorian#conf t
Praetorian(config)#ip nat inside source static tcp 192.168.0.5 3389 interface dialer 1 3389
Praetorian(config)#end
Praetorian#
That should do it.
--
If only my employers can see how much effort I put into the Cisco forum. They would then understand why I sleep at my desk. |
|
ddervin
join:2004-04-27
Columbus, OH | Sounds great on both items. The first thing I will do after the holiday today is to completely reset this thing ans start from the beginning with your config, and go from there.
Thanks!
DSD |
|
