2

Sorry never been on this site before so I apologise if not the right section or even forum.

I have users complaining of very slow internetn connectivity on site and have checked with our ISP who have said that the line is testing at 8mb.

We have 2 x BT lines that have our ISP broadand on them. Both lines go into a Cisco 2600 series router that then has a PIX firewall off that. Connectivity is successful just gone really slow and unable to download anything.

Config is below:

version 12.3
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname ROUTER-ADSL-INTERNET
!
logging buffered 16384 informational
enable secret xxx
enable password xxx
!
username xxx
username xxx
clock summer-time UK recurring last Sun Mar 1:00 last Sun Oct 1:00
aaa new-model
!
!
aaa authentication login default local
aaa authorization exec default local 
aaa session-id common
ip subnet-zero
no ip source-route
!
!
!
ip audit notify log
ip audit po max-events 100
no ip bootp server
ip name-server 213.208.106.212
no mpls ldp logging neighbor-changes
no ftp-server write-enable
!
!
!
!
!
!
!
!
!
!         
no voice hpi capture buffer
no voice hpi capture destination 
!
!
!
!
!
!
!
!
interface ATM0/0
 description 01270 111111
 no ip address
 no atm ilmi-keepalive
 pvc 0/38 
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
 !
 dsl operating-mode auto
!
interface FastEthernet0/0
 ip address 82.133.32.9 255.255.255.248
 shutdown 
 speed 100
 full-duplex
 no cdp enable
!
interface ATM0/1
 description 01270 222222
 no ip address
 no atm ilmi-keepalive
 pvc 0/38 
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
 !
 dsl operating-mode auto
!
interface FastEthernet0/1
 ip address 217.146.115.49 255.255.255.240
 duplex auto
 speed auto
 no cdp enable
!
interface Dialer0
 ip address 217.146.115.250 255.255.255.248
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 ppp authentication chap callin
 ppp chap hostname bond2@ISP.net
 ppp chap password 7 xxxxx
 ppp multilink
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
no ip http server
no ip http secure-server
!
no logging trap
access-list 10 permit 217.146.115.50
access-list 10 permit 82.133.32.10
access-list 10 deny   any
access-list 22 permit 217.146.115.50
access-list 22 permit 217.206.239.86
access-list 22 permit 82.133.32.10
access-list 22 deny   any
dialer-list 1 protocol ip permit
no cdp run
!
!
snmp-server community xxxxxx RO 10
snmp-server enable traps tty
radius-server authorization permit missing Service-Type
!
!
!
!
!
!
line con 0
 exec-timeout 5 0
 password 7 xxxxxx
line aux 0
 no exec
line vty 0 4
 access-class 22 in
 exec-timeout 5 0
 password 7 xxxxxx
 transport input telnet ssh
 transport output none
line vty 5 15
 password 7 xxxxxx
 transport input telnet ssh
!
ntp clock-period 17180095
ntp server 130.88.200.98
!
!
end

Now my knowledge is very limited but ISP have said that while the lines are bonded each needs a seperate login as they've recently changed their L2TP router and that enforces the use of seperate logins - when the lines were configured we were given two logins.

So, my question is what changes do I need to make to the config in order to get this working? it was ok before their change and I do have another login :-

01270 111111 - bond1@ISP.net
01270 222222 - bond2@ISP.net

Does the IP address for dialer1 need to be the same as dialer0 as its just the authentication that is the problem?

Do I need to make a change to ip route 0.0.0.0 0.0.0.0 Dialer0 as I've created another dialer interface?

current config below:

version 12.3
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname XT-ADSL-INTERNET
!
logging buffered 16384 informational
no logging console
enable secret 5 x
enable password 7x
!
username x
clock summer-time UK recurring last Sun Mar 1:00 last Sun Oct 1:00
aaa new-model
!
!
aaa authentication login default local
aaa authorization exec default local 
aaa session-id common
ip subnet-zero
no ip source-route
!
!
!
ip audit notify log
ip audit po max-events 100
no ip bootp server
ip name-server 213.208.106.212
no mpls ldp logging neighbor-changes
no ftp-server write-enable
!
!
!
!
!
!
!
!
!
!
no voice hpi capture buffer
no voice hpi capture destination 
!
!
!
!
!
!
!
!
interface ATM0/0
 description 01270 111111
 no ip address
 no atm ilmi-keepalive
 pvc 0/38 
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
 !
 dsl operating-mode auto
!
 interface FastEthernet0/0
shutdown
 speed 100
 full-duplex
 no cdp enable
!
interface ATM0/1
 description 01270 222222
 no ip address
 no atm ilmi-keepalive
 pvc 0/38 
  encapsulation aal5mux ppp dialer
  dialer pool-member 2
 !
 dsl operating-mode auto
!
interface FastEthernet0/1
 ip address 217.146.115.49 255.255.255.240
 duplex auto
 speed auto
 no cdp enable
!
 interface Dialer0
 ip address 217.146.115.250 255.255.255.248
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 ppp authentication chap callin
 ppp chap hostname bond2@ISP.net
 ppp chap password xxxx
 ppp multilink
!
interface Dialer1 
 ip address 217.146.115.250 255.255.255.248 
 encapsulation ppp 
 dialer pool 2 
 dialer-group 2 
 ppp authentication chap callin 
 ppp chap hostname bond1@ISP.net 
 ppp chap password xxxx 
 ppp multilink 
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
no ip http server
no ip http secure-server
!
no logging trap
access-list 10 permit 217.146.115.50
access-list 10 permit 82.133.32.10
access-list 10 deny   any
access-list 22 permit 217.146.115.50
access-list 22 permit 217.206.239.86
access-list 22 permit 82.133.32.10
access-list 22 deny   any
dialer-list 1 protocol ip permit
no cdp run
!
!
snmp-server community caudwell-xt RO 10
snmp-server enable traps tty
radius-server authorization permit missing Service-Type
!
!
!
!
!
!
line con 0
 exec-timeout 5 0
 password 7 xxx
line aux 0
 no exec
line vty 0 4
 access-class 22 in
 exec-timeout 5 0
 password 7 xxx
 transport input telnet ssh
 transport output none
line vty 5 15
 password 7 xxx
 transport input telnet ssh
!
ntp clock-period 17180095
ntp server 130.88.200.98
!
!
end

Apologies for the long question and thanks for taking the time to read it. Any more info I can provide please let me know.

Mark Henderson
  • 68,823
  • 31
  • 180
  • 259
2020mobile
  • 21
  • 1
  • I think your bandwidth is probably rated in Mb, not mb, – MDMarra Mar 30 '10 at 11:56
  • wow, it's amazing how much security info you left in your config, I now know your phone number, your access list policies, your dialup username. Why are you using adsl? cant you get a fibre link, rather than a technology which is a horrible hack. – The Unix Janitor Apr 13 '10 at 12:56

2 Answers2

0

I think what you need to add is another dailer interface like this: 

interface Dialer1
 ip address x.x.x.x 255.255.255.248
 encapsulation ppp
 dialer pool 2
 dialer-group 2
 ppp authentication chap callin
 ppp chap hostname bond2@ISP.net
 ppp chap password 7 xxxxx
 ppp multilink
!

then you use the new dailer pool for the second ATM interface. 

interface ATM0/1
 description 01270 222222
 no ip address
 no atm ilmi-keepalive
 pvc 0/38 
  encapsulation aal5mux ppp dialer
  dialer pool-member 2
 !
 dsl operating-mode auto
!

Modify and fill in as needed. You might want to have a look at the cisco ios documentation: http://www.cisco.com/en/US/docs/ios/12_0/dial/configuration/guide/dcdbakdp.html#wp3753

pehrs
  • 8,789
  • 1
  • 30
  • 46
  • sorry me again, i'll have to try this after 5pm as any changes may affect current users. Just wanted to confirm something Does each dialer interface have to have a seperate login? your answer uses the same login as existing setup but thought I needed a seperate one? I've been given: 01270 111111 u/n bond1@dsl.net (currently being used on Dialer0) p/w password 01270 222222 u/n bond2@dsl.net p/w password Thanks Again In Advance, – 2020mobile Mar 30 '10 at 11:36
  • The dialer interface specifies the settings used for the connection, including login/password, so you would have to modify what I wrote to include the correct phone number and such, yes. – pehrs Mar 31 '10 at 15:56
0
interface ATM0/0
 description 01270 111111
 no ip address
 logging event subif-link-status
 no atm ilmi-keepalive
 pvc 0/38
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
 !
 dsl operating-mode auto
!
!
interface ATM0/1
 description 01270 222222
 no ip address
 logging event subif-link-status
 no atm ilmi-keepalive
 pvc 0/38
  encapsulation aal5mux ppp dialer
  dialer pool-member 2
 !
 dsl operating-mode auto
!

interface FastEthernet0/1
 ip address 217.146.115.49 255.255.255.240
 duplex auto
 speed auto
 no cdp enable
!

interface Dialer0
 ip address negotiated
 ip nat outside
 ip load-sharing per-packet
 encapsulation ppp
 dialer pool 1
 dialer idle-timeout 0
 dialer persistent
 ppp authentication chap callin
 ppp chap hostname bond1@dsl.net
 ppp chap password 7 xxxxxxxx
!

interface Dialer1
 ip address negotiated
 ip nat outside
 ip load-sharing per-packet
 encapsulation ppp
 dialer pool 2
 dialer idle-timeout 0
 dialer persistent
 no cdp enable
 ppp authentication chap callin
 ppp chap hostname bond2@dsl.net
 ppp chap password 7 xxxxxxxx
!
ip classless
no ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 0.0.0.0 0.0.0.0 217.146.96.145
ip route 0.0.0.0 0.0.0.0 Dialer1 200
Mark Henderson
  • 68,823
  • 31
  • 180
  • 259