Dialer Watch failure

Similar Messages

• Dialer Watch List on Pri dialer????????

  Dear All,
  I have a 2811 router...
  In which I want to configure the dialer watch list..
  Plz clarify which ip shud we put on dialer watch list...????
  Is it the route . plz find the example below..
  boot-start-marker
  boot system flash c2800nm-entbase-mz.123-8.T11.bin
  boot-end-marker
  controller E1 1/0
  framing NO-CRC4
  pri-group timeslots 1-31
  interface Serial0/2/0
  description
  ip address 139.158.79.89 255.255.255.252
  encapsulation ppp
  fair-queue
  interface Serial1/0:15
  no ip address
  ip accounting output-packets
  encapsulation ppp
  dialer pool-member 10 max-link 2
  dialer pool-member 20 max-link 2
  isdn switch-type primary-net5
  ppp multilink
  interface Dialer1
  description
  ip address 139.158.79.93 255.255.255.252
  encapsulation ppp
  dialer pool 20
  dialer idle-timeout 2147483
  dialer string 08041259117
  dialer load-threshold 1 either
  dialer watch-group 10
  dialer-group 1
  no fair-queue
  ppp multilink
  interface Dialer10
  description
  ip address 139.158.79.85 255.255.255.252
  encapsulation ppp
  dialer pool 10
  dialer idle-timeout 2147483
  dialer string 02240057435
  dialer load-threshold 1 either
  dialer-group 1
  fair-queue 64 32 0
  ppp multilink
  ip route 10.179.27.0 255.255.255.0 139.158.79.90
  ip route 10.179.27.0 255.255.255.0 Dialer1 100
  ip http server
  dialer-list 1 protocol ip permit
  Plz give me the solution for the back up for the serial link...using the dialer watch list..
  Thanks...

  configuring dialer-watch
  ~~~~~~~~~~~~~~~~~~~~~
  1) check the ip routing table for the particular route for which you have to create a dialer watch and note it down as it is.
  2) create a watch list using the command # Dialer watch-list ip < exact mask>
  3) go to the dialer interface and bind it using the command # dialer watch-group
  4) Bind it to the interface
  For more information regarding the configuration of dialer watch follow the url given below ,
  http://www.cisco.com/en/US/products/sw/iosswrel/ps1828/products_configuration_guide_chapter09186a00800872ed.html#18075
  4)

• Dialer watch over Ethernet

  I want to use DSL for backup of my MPLS network. I plan to use an external ethernet connected device for DSL access. I plan to use a GRE tunnel over the DSL connection. Can I use dialer watch to bring up the tunnel interface?

  I do not know the answer for sure, but I believe that Dialer Watch will not work for the Ethernet/DSL connection. And I wonder why the original post believes that they want it. The motivation for dialer watch is for traditional dial environments where you pay connect time charges and do not want to pay for connectivity when the primary link is available. But with DSL you are not paying connect time charges. You pay the same whether the DSL is actively carrying traffic or not. So why would you want to try to keep the Ethernet or the GRE down while the MPLS was up?
  It seems to me that what is needed here is a reliable fail-over mechanism so that traffic is sent over the MPLS when it is available and is sent over the Ethernet/DSL/GRE when MPLS is not available. Without knowing a little more about the environment it is hard to suggest an optimum solution. But I have implemented something that seems a bit similar where DSL/GRE was a backup connection. We ran a dynamic routing protocol over the primary link and over the backup DSL/GRE and configured it so that the protocol preferred the main link and would use the DSL/GRE only when it lost the neighbor relationship on the primary link. It seems like the same approach should work here.
  HTH
  Rick

• Is there a problem if I use dialer watch without dialer-group?

  I use isdn as back up intface,and use dialer watch to monitor.
  my configuration is :
  interface BRI0/0
  description ***To 11.228.244.1***
  ip address 11.228.244.2 255.255.255.128
  encapsulation ppp
  no ip route-cache
  no ip mroute-cache
  dialer map ip 11.228.244.1 name C-3640-01 broadcast 02080000759
  dialer map ip 11.228.8.62 name C-3640-01 broadcast 02080000759
  dialer watch-disable 10
  dialer watch-group 1
  isdn switch-type basic-net3
  no peer neighbor-route
  no cdp enable
  ppp authentication chap
  dialer load-threshold 128 either
  ppp multilink
  dialer watch-list 1 ip 11.228.8.62 255.255.255.255
  dialer watch-list 1 ip 11.228.8.61 255.255.255.255
  dialer watch-list 1 delay disconnect 10
  As you can see,no "dialer-group" command in my configuration.
  When I shut down the primary interface,my isdn dialer up correctly,and learn the route from bri0/0.When my primary interface up again,my isdn interface disconnect as expected.
  All seems good,so is the "dialer-group" needed in the configuration of dialer watch ?

  Hello,
  that is actually the default behaviour of dialer watch, it does not depend solely on interesting traffic to trigger the backup. As soon as the primary link goes down, dialer watch brings up the secondary link.
  Check the explanation on CCO regarding dialer watch:
  Dialer Watch Overview
  http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fdial_c/fnsprt6/dcdbakdw.htm#wp1000889
  HTH,
  GP

• Multiple entries in dialer watch-list

  Hi,
  If I have multiple entries in my dialer watch-list:
  dialer watch-list 1 ip 192.168.10.3 255.255.255.255
  dialer watch-list 1 ip 192.168.20.3 255.255.255.255
  And just one of the routes gets removed (for example 192.168.10.3) - will this trigger my router to dial the backup link? OR Do both the routes have to be removed before the router will dial?
  (Just a little background - the host routes I'm watching are loopback interfaces of head-end MPLS routers and I'd only like the remote router with the dialer watch-list to dial if BOTH loopbacks are removed from the routing table)
  Thanks!
  Brad

  Brad
  In my limited experience with dialer watch, I believe that you are going to get the results that you want. Dialer Watch will initiate the backup when all of the specified routes are removed from the routing table.
  HTH
  Rick

• ISDN dialer watch feature with

  Hi Friends,
  Iam running bgp as PE-CE routing protocol with MPLS service provider. we use ISDN for backup, I want to know is dialer watch feature supported with bgp.
  regards
  ravi

  According to the documentation, the dialer watch feature for dial backup is only applicable for EIGRP and IGRP.
  The dialerwatch list needs to have an exact match on the route watched and needs to present at the time dialer watch is initialized.
  See also:
  http://www.cisco.com/warp/public/471/backup_cookbook.html#ts_watch
  http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/dial_c/dcdbakdw.htm

• Rp-pppoe problem (probability of the dialing's failure)

  network environment: adsl
  i use rp-pppoe to dial. sometimes the 'pppoe-start' was 'TimeOut'. In the process of 'pppoe-start', there was any signal of dialing on my modem(the 'data indicator light' of the modem is always off).
  And i have to reboot my computer and try 'pppoe-start' again, there's a chance that 'connected'.
  error.log:
  pppoe: Timeout waiting for PADO packets
  pppoe: Timeout waiting for PADO packets
  pppoe: Timeout waiting for PADO packets
  message.log:
  pppd[2558]: pppd 2.4.4 started by root, uid 0
  pppd: Using interface ppp0
  pppd: Connect: ppp0 <--> /dev/pts/0
  pppd: LCP: timeout sending Config-Requests
  pppd: Connection terminated.
  pppd: Modem hangup
  pppd: Exit.
  pppoe-connect: PPPoE connection lost; attempting re-connection.
  any sugesstion, please?

  x33a wrote:
  could be a line problem, modem problem or server side problem.
  log into your modem, and post your line stats (snr, attenuation, etc.)
  but i had tried to dial in my XP os , there was not  any problem. So i believe the line and the modem are ok.  and  thanks for your reply

• Modem dial-up failure

  hi
  i have been experiencing some problems with my modem connection in the last few days.
  my modem (powerbook12" internal) dials, whistles, negotiates, and eventually disconnects.
  all the times.
  the connection parameters are ok, i swear.
  i have no clue. please help.
  thanks
  ciao
  enrico

  It's part of the motherboard not a separate part.

• ADSL and dialer interface

  Hi
  I was wondering if you can use things such as dialer watch when you use a dialer interface on an ADSL connection. I have an ADSL connection I don't want used unless my main leased line goes down so I want to keep the interface down until needed. I'll get a chance to test this later this week but would be interested if anyone knows the answer beforehand.
  Thanks, Stephen.

  The configuration is;
  A site has a leased line terminating on a router intended to take all traffic to and from a site under normal circumstances. There is another router on the site with an ADSL line intended as a backup to the leased line. So for traffic leaving that site I can easily choose that it goes via the leased line. The ADSL terminates on a particular BAS which receives a per-user static route from a radius server once ppp authentication occers.
  Now, a second site only has an ADSL line. It terminates on the same BAS. So when traffic from that site hits the BAS going to the site with ADSL as backup it sees a static route with an AD of 1 via what is supposed to be the backup ADSL line and it sends traffic that way. If the backup ADSL line wasn't up there is another route that will go to a PE and over the leased line. The radius server is sending the per-user static route with an AD of 210 but the BAS seems to ignore this and installs it with AD of 1 hence beating the dynamic protocol AD.
  My thought was since the ADSL line is configured as a dialer we could try to emply some of the ISDN type dialer configurations to keep the line from coming up and authenticating until it is needed and therefore keeping the per user static route out of the BAS routing table until the line is needed.
  I have no idea why the BAS is not accepting the AD of 210 supplied by Radius but I am not in control of that part of the circuit. I am in control of the ADSL router used for backup and as such hoped there was something I could do there to influence the problem. I could run a routing protocol but wanted to try and see if I could keep the ADSL down somehow first.
  S.

• Urgent--dial backup with a PPPOE configuration

  Hi all. I have a pppoe for my DSL connection. I cannot get the dial backup to work while the dsl is working.

  Hi,
  I think there are few problems:
  1. the backup interface command should be applied under the dialer interface
  2. the dialer interface will never go down unless you shut it
  Let' try to configure dialer watch (http://www.cisco.com/en/US/docs/ios/12_0/dial/configuration/guide/dcdbakdw.html) or may be enhanced object tracking (http://www.cisco.com/en/US/products/sw/iosswrel/ps5413/products_feature_guide09186a00801d862d.html).
  Hope it helps, rate if does
  Krisztian

• Options: dial backup not using ISDN

  This is my first post here. I hope I'm in the right place. I need to provide dial backup to one of our locations but it is too far to run an ISDN circuit to them. Mgt. says too expensive and wants a dial backup solution across a POTS line. The site was just upgraded to VOIP. We only need to allow data traffic.
  We have a 2821 router running 12.4(3) version IOS. Not sure what the best option is here. Maybe another alternate way other than a modem and a POTS line. I am just looking for ideas if anyone has them. Thanks

  Hello,
  since cost is a concern, you could just use the AUX port (provided the device at the remote location has one) to configure a dial backup solution. This would still involve using a POTS line, but that is probably the cheapest way to get any sort of backup accomplished. Below is a configuration example. Regarding the voice traffic that should not traverse the backup connection, you would need to deny that traffic to trigger the backup, as well as to get across. In order to accomplish this, you would need to configure an access list that denies VoIP traffic, for Cisco, this would typically look like this:
  access-list 101 deny tcp any any eq 1720
  access-list 101 deny udp any any range 16384 32767
  access-list permit ip any any
  This access list then would need to be applied to the async interface (based on the configuration example given), as well as to the dialer list that triggers the backup:
  interface Async65
  ip access-group 101 out
  dialer-list 1 protocol ip list 101
  Configuring AUX-to-AUX Port Async Backup with Dialer Watch
  http://www.cisco.com/en/US/tech/tk801/tk36/technologies_configuration_example09186a0080093d2b.shtml
  HTH,
  GP

• Dial-backup in 1841 and 2801

  Please, does anyone know if the AUX ports in 1841 and 2801 support dial-backup, for example, using PPP ?
  Thanks,
  Cleber

  Hello,
  TMBK they do. Check this document for configuration details:
  Configuring AUX-to-AUX Port Async Backup with Dialer Watch
  http://www.cisco.com/en/US/tech/tk801/tk36/technologies_configuration_example09186a0080093d2b.shtml
  HTH,
  GNT

• C819G-4G-V-K9 help (no ip address) Cellular0 is up (spoofing), line protocol is up (spoofing)

  We recently purchased a C819G-4G-V-K9 for a remote site that has no ISP available.  I can't seem to get this working properly.  I can tell the cell portion is up and working becuase I can send the router a text message and I receive it on the router.  The cell 0 interface however, is not getting a dhcp address.  Below is my configuration:
  hostname Router
  boot-start-marker
  boot system flash:c800-universalk9-mz.SPA.153-3.M.bin
  boot-end-marker
  aqm-register-fnf
  no aaa new-model
  memory-size iomem 10
  ip cef
  no ipv6 cef
  multilink bundle-name authenticated
  chat-script lte "" "AT!CALL1" TIMEOUT 60 "OK"
  license udi pid C819G-4G-V-K9 sn FTX180680R8
  vtp domain MobileCell
  vtp mode transparent
  controller Cellular 0
  interface Cellular0
   ip address negotiated previous
   ip nat outside
   ip virtual-reassembly in
   encapsulation slip
   dialer in-band
   dialer string lte
   dialer-group 1
   async mode interactive
  interface FastEthernet0
   no ip address
  interface FastEthernet1
   no ip address
  interface FastEthernet2
   no ip address
  interface FastEthernet3
   no ip address
  interface GigabitEthernet0
   no ip address
   shutdown
   duplex auto
   speed auto
  interface Serial0
   no ip address
   shutdown
   clock rate 2000000
  interface Vlan1
   ip address 192.168.0.1 255.255.255.0
   ip nat inside
   ip virtual-reassembly in
  ip forward-protocol nd
  no ip http server
  no ip http secure-server
  ip nat inside source list 1 interface Cellular0 overload
  ip route 0.0.0.0 0.0.0.0 Cellular0
  dialer-list 1 protocol ip list 1
  access-list 1 permit any
  control-plane
  mgcp behavior rsip-range tgcp-only
  mgcp behavior comedia-role none
  mgcp behavior comedia-check-media-src disable
  mgcp behavior comedia-sdp-force disable
  mgcp profile default
  line con 0
   script dialer lte
   no modem enable
  line aux 0
   script dialer lte
   modem InOut
   no exec
  line 2
   no activation-character
   no exec
   transport preferred none
   transport input all
   stopbits 1
  line 3
   script dialer lte
   modem InOut
   no exec
  line vty 0 4
   login
   transport input all
  scheduler allocate 20000 1000
  end
  Cellular0 is up (spoofing), line protocol is up (spoofing)
    Hardware is 4G WWAN Modem - Verizon Multimode LTE/eHRPD/EVDO RevA/Rev0/1xRTT
    Internet address will be assigned dynamically by the network
    MTU 1500 bytes, BW 9 Kbit/sec, DLY 100000 usec,
       reliability 255/255, txload 1/255, rxload 1/255
    Encapsulation SLIP, loopback not set
    Keepalive not supported
    Last input never, output never, output hang never
    Last clearing of "show interface" counters never
    Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
    Queueing strategy: fifo
    Output queue: 0/10 (size/max)
    5 minute input rate 0 bits/sec, 0 packets/sec
    5 minute output rate 0 bits/sec, 0 packets/sec
       0 packets input, 0 bytes, 0 no buffer
       Received 0 broadcasts (0 IP multicasts)
       0 runts, 0 giants, 0 throttles
       0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
       0 packets output, 0 bytes, 0 underruns
       0 output errors, 0 collisions, 0 interface resets
       0 unknown protocol drops
       0 output buffer failures, 0 output buffers swapped out
       0 carrier transitions
       DCD=down  DSR=down  DTR=up  RTS=up  CTS=up
  Router#sh ip int bri
  Interface                  IP-Address      OK? Method Status                Protocol
  Cellular0                  unassigned      YES manual up                    up
  FastEthernet0              unassigned      YES unset  down                  down

  Not sure if you solved your problem yet, but my Cell0 has a few extra lines. I also have a static IP, so it might not be exactly the same as yours.
  interface Cellular0
  ip address negotiated
  no ip unreachables
  ip nat outside
  ip virtual-reassembly in
  encapsulation slip
  load-interval 30
  dialer in-band
  dialer idle-timeout 0
  dialer string lte
  dialer watch-group 1
  async mode interactive
  routing dynamic
  ip sla auto discovery
  access-list 100 permit ip any any
  dialer watch-list 1 ip 5.6.7.8 0.0.0.0
  dialer watch-list 1 delay route-check initial 60
  dialer watch-list 1 delay connect 1
  dialer-list 1 protocol ip permit
  Cellular0 is up, line protocol is up
    Hardware is 4G WWAN Modem - Verizon Multimode LTE/eHRPD/EVDO RevA/Rev0/1xRTT
    Internet address is xxx.xxx.xxx.xxx/32
    MTU 1500 bytes, BW 50000 Kbit/sec, DLY 100000 usec,
       reliability 255/255, txload 1/255, rxload 1/255
    Encapsulation SLIP, loopback not set
    Keepalive not supported
    Last input 00:00:00, output never, output hang never
    Last clearing of "show interface" counters never
    Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 264
    Queueing strategy: fifo
    Output queue: 0/10 (size/max)
    30 second input rate 11000 bits/sec, 16 packets/sec
    30 second output rate 11000 bits/sec, 16 packets/sec
       1242186 packets input, 660512785 bytes, 0 no buffer
       Received 0 broadcasts (0 IP multicasts)
       0 runts, 0 giants, 0 throttles
       0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
       1164618 packets output, 233386561 bytes, 0 underruns
       0 output errors, 0 collisions, 2 interface resets
       0 unknown protocol drops
       0 output buffer failures, 0 output buffers swapped out
       0 carrier transitions
       DCD=up  DSR=up  DTR=up  RTS=up  CTS=up

• Cisco 876w: wlan client - routing problem

  I configured a Cisco 876w to connect to an existing WLAN as a client. Now I would like to connect 3 PCs to the 876w which should be able to access the internet via the 876w.
  Problem:
  Being at the console (ssh) of the 876w, I can ping hosts in the internet (even with their name like www.google.com) but when I'm using a client PC, I can't... What am I missing here? Could it be a NAT problem?
  Config:
  Internet <--->  DSL Router 192.168.1.1 (and WLAN AccessPoint)  <--->  Cisco 876w (gets IP per DHCP, VLAN1 IP: 10.10.10.1) <---> PC (10.10.10.101)
  Current configuration : 9897 bytes
  version 12.4
  no service pad...dot11 vlan-name wlan-lan vlan 1
  dot11 ssid WLAN
  vlan 1
  authentication open
  authentication key-management wpa
  wpa-psk ascii 7 0923467F1B2E52789807132F7A202E3D31
  no ip source-route
  ip dhcp excluded-address 10.10.10.1 10.10.10.9
  ip dhcp excluded-address 10.10.10.101 10.10.10.254
  ip dhcp pool ccp-pool1
     import all
     network 10.10.10.0 255.255.255.0
     default-router 10.10.10.1
     domain-name cisco.test.com
     dns-server 208.67.222.222
  ip cef
  no ip bootp server
  ip domain name test.com
  ip name-server 208.67.222.222ip ddns update method sdm_ddns1
  HTTP
    add http://[email protected]/nic/update?system=dyndns&hostname=//[email protected]/nic/update?system=dyndns&hostname=<h>&myip=<a>
    remove http://[email protected]/nic/update?system=dyndns&hostname=//[email protected]/nic/update?system=dyndns&hostname=<h>&myip=<a>
  no ipv6 cef
  multilink bundle-name authenticated
  isdn switch-type basic-net3
  username admin privilege 15 secret 5 $1$uiouLKjbLIUBlKbj
  username service privilege 15 secret 5 $1$LKjblkJNBLKkjlbkm
  archive
  log config
    hidekeys
  ip tcp synwait-time 10
  ip ssh time-out 60
  ip ssh authentication-retries 2
  class-map type inspect match-all sdm-cls--1
  match access-group name AllowAny
  policy-map type inspect sdm-policy-sdm-cls--1
  class type inspect sdm-cls--1
    inspect
  class class-default
    drop
  zone security wan
  zone security lan
  zone-pair security sdm-zp-lan-wan source lan destination wan
  service-policy type inspect sdm-policy-sdm-cls--1
  interface BRI0
  description <--
  no ip address
  ip flow ingress
  ip virtual-reassembly
  encapsulation ppp
  shutdown
  dialer pool-member 1
  isdn switch-type basic-net3
  isdn point-to-point-setup
  ppp multilink!        
  interface ATM0
  backup interface BRI0
  no ip address
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip flow ingress
  shutdown
  no atm ilmi-keepalive
  interface ATM0.3 point-to-point
  description <--
  ip flow ingress
  shutdown
  pvc 1/32
    pppoe-client dial-pool-number 2
  interface FastEthernet0
  interface FastEthernet1
  interface FastEthernet2
  interface FastEthernet3
  interface Dot11Radio0
  description <--
  no ip address
  no ip proxy-arp
  ip flow ingress
  ip virtual-reassembly
  no ip route-cache cef
  no ip route-cache
  encryption mode ciphers aes-ccm
  encryption vlan 1 mode ciphers aes-ccm
  ssid WLAN
  speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
  station-role non-root
  no cdp enable
  interface Dot11Radio0.1
  encapsulation dot1Q 1 native
  ip address dhcp
  ip nat outside
  ip virtual-reassembly
  no ip route-cache
  no cdp enable
  interface Vlan1
  description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
  ip address 10.10.10.1 255.255.255.0
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip flow ingress
  ip nat inside
  ip virtual-reassembly
  zone-member security lan
  ip tcp adjust-mss 1412
  interface Dialer0
  ip ddns update hostname blahblah.dnsalias.com
  ip ddns update sdm_ddns1
  ip address negotiated
  ip nat outside
  ip virtual-reassembly
  zone-member security wan
  encapsulation ppp
  shutdown
  dialer pool 1
  dialer idle-timeout 600
  dialer string 01919214124
  dialer load-threshold 20 outbound
  dialer watch-group 1
  dialer-group 1
  no cdp enable
  ppp authentication chap pap callin
  ppp chap hostname asfa
  ppp chap password 7 128763520
  ppp pap sent-username asfa password 7 0302141555
  ppp multilink
  interface Dialer2
  ip ddns update sdm_ddns1
  ip address negotiated
  ip mtu 1452
  ip nat outside
  ip virtual-reassembly
  zone-member security wan
  encapsulation ppp
  dialer pool 2
  dialer-group 2
  no cdp enable
  ppp authentication chap pap callin
  ppp chap hostname gast
  ppp chap password 7 095B239876473F06090A
  ppp pap sent-username gast password 7 1239847629873693D
  router rip
  network 10.0.0.0
  ip forward-protocol nd
  ip route 0.0.0.0 0.0.0.0 192.168.1.1
  ip http server
  ip http access-class 23ip http authentication local
  ip http secure-server
  ip http timeout-policy idle 60 life 86400 requests 10000
  ip nat inside source list 105 interface Dialer0 overload
  ip nat inside source list 106 interface Dot11Radio0.1 overload
  ip access-list extended AllowAny
  remark CCP_ACL Category=128
  permit ip 10.10.10.0 0.0.0.255 any
  ip access-list extended nix
  remark tut nix
  remark CCP_ACL Category=2
  permit tcp any any
  permit udp any any
  permit icmp any any
  permit ip any any
  logging trap debugging
  access-list 1 remark INSIDE_IF=Vlan1
  access-list 1 remark CCP_ACL Category=2
  access-list 1 permit 10.10.10.0 0.0.0.255
  access-list 100 remark CCP_ACL Category=2
  access-list 100 permit ip any any
  access-list 101 remark CCP_ACL Category=2
  access-list 101 permit ip 10.10.10.0 0.0.0.255 any
  access-list 102 remark CCP_ACL Category=2
  access-list 102 permit ip 10.10.10.0 0.0.0.255 any
  access-list 103 remark CCP_ACL Category=2
  access-list 103 permit ip 10.10.10.0 0.0.0.255 any
  access-list 105 remark Alles
  access-list 105 remark CCP_ACL Category=2
  access-list 105 permit ip 10.10.10.0 0.0.0.255 any
  access-list 105 permit icmp 10.10.10.0 0.0.0.255 any
  access-list 105 permit udp 10.10.10.0 0.0.0.255 any
  access-list 105 permit tcp 10.10.10.0 0.0.0.255 any
  access-list 106 remark NAT wlan
  access-list 106 remark CCP_ACL Category=2
  access-list 106 permit ip 10.10.10.0 0.0.0.255 any
  access-list 106 permit icmp 10.10.10.0 0.0.0.255 any
  access-list 106 permit udp 10.10.10.0 0.0.0.255 any
  access-list 106 permit tcp 10.10.10.0 0.0.0.255 any
  dialer watch-list 1 ip 208.67.222.222 255.255.255.255
  dialer-list 1 protocol ip permit
  no cdp run
  radius-server attribute 32 include-in-access-req format %h
  radius-server vsa send accounting
  control-plane
  banner exec ^C
  % Password expiration warning.
  Cisco Configuration Professional (Cisco CP) is installed on this device
  and it provides the default username "cisco" for  one-time use. If you have
  already used the username "cisco" to login to the router and your IOS image
  supports the "one-time" user option, then this username has already expired.
  You will not be able to login to the router with this username after you exit
  this session.
  It is strongly suggested that you create a new username with a privilege level
  of 15 using the following command.
  username <myuser> privilege 15 secret 0 <mypassword>
  Replace <myuser> and <mypassword> with the username and password you
  want to use.
  ^C
  banner login ^CAuthorized access only!
  Disconnect IMMEDIATELY if you are not an authorized user!^C
  line con 0
  no modem enable
  transport output telnet
  line aux 0
  transport output telnet
  line vty 0 4
  transport input telnet ssh
  scheduler max-task-time 5000
  scheduler allocate 4000 1000
  scheduler interval 500
  end
  #sh ip int brief
  ndrmedienturm#sh ip int brief
  Interface                  IP-Address      OK? Method Status                Protocol
  FastEthernet0              unassigned      YES unset  up                    up     
  FastEthernet1              unassigned      YES unset  up                    down   
  FastEthernet2              unassigned      YES unset  up                    down   
  FastEthernet3              unassigned      YES unset  up                    down   
  BRI0                       unassigned      YES NVRAM  standby mode/disabled down   
  BRI0:1                     unassigned      YES unset  administratively down down   
  BRI0:2                     unassigned      YES unset  administratively down down   
  Dot11Radio0                unassigned      YES TFTP   up                    up     
  Dot11Radio0.1              unassigned      YES DHCP   up                    up     
  ATM0                       unassigned      YES NVRAM  administratively down down   
  ATM0.3                     unassigned      YES unset  administratively down down   
  SSLVPN-VIF0                unassigned      NO  unset  up                    up     
  Vlan1                      10.10.10.1      YES NVRAM  up                    up     
  NVI0                       unassigned      YES unset  administratively down down   
  Dialer0                    unassigned      YES NVRAM  administratively down down   
  Dialer2                    unassigned      YES NVRAM  up                    up     
  Virtual-Dot11Radio0        unassigned      YES TFTP   up                    up     
  Virtual-Dot11Radio0.1      192.168.1.54    YES DHCP   up                    up

  Hi,
  Just check it out few things from client are you able to ping the wan interface of the cisco 876w and when you ping the internt address from client pc what is the out put of the nat translation in router.
  The command to check the same is show ip nat translation is packet is gettin translated or not.
  Hope to Help !!
  Ganesh.H

• User-maxlinks bug

  I am seeing a curious bug concerning maxlinks and currlinks.
  In my dialin router, I have several users defined locally. Each username is allowed to use ppp multilink, and I have also defined a maxlinks in the username command:
  <b>
  username xxxx user-maxlinks 2 secret ...
  </b>
  Sometimes, I find that users cannot add a second link to their bundle. If I debug dialer events, I see that currlinks=2, maxlinks=2, so the new call is rejected. But the user has only one link up.
  This looks like a bug in the router's running count of currlinks. I have the impression that sometimes when a call gets cleared, the currlinks gets decremented against the wrong username, or something like that. My evidence is two debug messages:
  Se1/0:2: Dialer-peruser: Decremented user yyyy's currlinks, currlinks=0 maxlinks=2
  Se1/0:1: Dialer-peruser: User yyyy's dialerperuser structure freed already
  Serial1/0:1: Dialer-peruser: failure decrementing currlinks during mlp_remove_link
  Maybe the error message above occurs because the bundle can be dialout as well as dialin. Is is possible that currlinks gets incremented on dial in, but not on dial out, but decremented when both types of call get cleared? Certainly the pattern for the case above was for a user that was allowed 4 links. I dialed out one channel, then he added another two to the ML bundle.
  Maybe we are dealing with two different bugs here?
  Anyone else seen this?
  Kevin Dorrell
  Luxembourg

  Whether I persue it or not will depend on how much pain it gives me, how easy it is to demonstrate, and whether my time is better spent doing other work like learning in the lab or on NetPro.
  This bug actually is likely to give quite a lot of pain in the long term, because it will limit the capacity of the dialins over time. But there is a workaround, which is not to limit the number of links.
  The real reason for exposing the bug here is to see if anyone else has noticed it, and help me characterize it. When presenting a bug to Cisco, if you can present a repeatable set of conditions that produce it, then they are more likely to take notice.
  Characterizing the bug also makes it easier to test if it has been fixed in the next release. I think this one should be quite easy to reproduce. It just needs a bit of detective work, which is presicely the sort of work I really enjoy!
  Kevin Dorrell
  Luxembourg