France Hardware : Forums de discussion - Découvrez notre nouveau comparateur d'offres Internet
Retrouvez les prix près de chez vous :  
Index du forum | Liste des membres | Liste des groupes | Inscription | F-A-Q | Recherche
Pseudo :    Password :     
29 521 membres enregistrés - 2 069 419 posts - 122 057 topics
Index des forums FH  | Index des forums DegroupNews
      Internet et réseaux
           Routeurs Câble/xDSL
                Probleme Connexion Cisco router FREE 10M
123 connectés(record : 2799 le 29 May 2016 - 15 h 34)

Vous devez vous connecter pour répondre au topic.
1,2,3 | Suivant
Probleme Connexion Cisco router FREE 10M

yelwoci


Messages : 17
Inscrit le 12/10/06
Non connecté
  Posté le 13 October 2006 - 14 h 41 m 21 s
Messieurs

Pardonnez-moi que mon Français est pauvre, je suis Anglais, "un boeuf de rôtis" , me pardonne encore un fois!

Nous avons un client dans les sud de la France avec un FREE DSL 10M/1M ADSL2+.
Nous essayons d'établir un connexion avec un ADSL router de Cisco 877.

Le problème est que nous ne pouvons pas trouver les spécifications complètes du connexion d'ADSL.
Nous avon chercher sur faq.free.fr, support.free.fr, www.google.fr et ici.

Si nous avons employer un modem, que nous n'avon pas l'access, pour commençer la ligne, puis remonter le RJ11 DSL câble sur
le Cisco il marche, mais nous ne pouvons pas commencer, ou relancement, la ligne avec le Cisco.

Nous connaissons absolument les détails d'enregistrement.

Nous avons:-
ADSL
int atm0
....
pvc 8/35
encapsulation aal5mux ppp dialer
====> Ceci ici pour PPPoA VCMUX (aal5mux), peut-être LLC (aal5snap), mais il marche avec aal5mux.
====> Cisco aussi offre aal5autoppp, aal5ciscoppp et aal5nlpid nous n'avons pas utiliser


int dialer
.....
ppp authentication chap pap callin
ppp chap hostname USERNAME
ppp chap password PASSWORD
ppp pap sent-username USERNAME password PASSWORD

====> Cisco aussi offre 'ppp eap', 'ppp ms-chap', 'ppp
ms-chap-v2'


Aidez-nous s'il vous plait

Salut




Woofy
Totalement inutile, complètement indispensable

Messages : 31 551
Inscrit le 11/01/02
Ville : Lyon
Non connecté
  Posté le 13 October 2006 - 16 h 50 m 39 s
Hello.
I will speak in english because I haven't understood all of what you wrote in french. And it's a good exercise for me because my english is not perfect so sorry for the mistakes.

I haven't really understood the problem.. in fact, you want to configure a modem-router ADSL Cisco on a Free connection ? Is the connexion is... "degroupee" or an ATM connexion ?

Does your client have the Free's paper where all indications about the connection are given ? I never see an ATM connection so I'm not sure I can help you, but we can saw this.

And do you use the command line interface or the web interface ?

Why don't use the freebox as a modem, and the Cisco as a router ?




yelwoci


Messages : 17
Inscrit le 12/10/06
Non connecté
  Posté le 13 October 2006 - 17 h 27 m 41 s
Many thanks for your response
Your English is obviously better than my French..but it was worth a try.

We believed it is an ATM connection...as it will work in one fashion.
Because we can get it to work by hacking around and starting it with the
Freebox, then swapping the line over to the Cisco.

We don't have any technical specifications and can't find any online

Regards
Y




yelwoci


Messages : 17
Inscrit le 12/10/06
Non connecté
  Posté le 13 October 2006 - 17 h 32 m 56 s
Sorry
I forgot to mention we need the Cisco to build a site to site VPN.
We have the line configured for a fixed/permanent IP address

Y




yelwoci


Messages : 17
Inscrit le 12/10/06
Non connecté
  Posté le 13 October 2006 - 19 h 12 m 08 s
In English!

We have a customer in the south of France with a FREE DSL 10M/1M ADSL2+.

We are trying to establish a connection with an Cisco 877 ADSL router.
The problem is that we cannot find the full specifications ADSL connection.

We have looked on faq.free.fr, support.free.fr, www.google.fr.
If we initially start the line with the Freebox and then move the RJ11 DSL cables onto the Cisco it works, but we cannot start, or restart the line with the Cisco.

We have the correct logon details.
Y




Woofy
Totalement inutile, complètement indispensable

Messages : 31 551
Inscrit le 11/01/02
Ville : Lyon
Non connecté
  Posté le 13 October 2006 - 19 h 39 m 28 s
Ok, but the Cisco can build the VPN without be connected directly to the net. I mean, he can act as a router only behind the Freebox.
Or maybe his Wan port is a RJ11 and cannot be connected to an RJ45...
The other site, I think yours, it has to be on a permanant IP. In this case, the other maybe doesn't need to be on a permanent IP address.
And does the free support respond to you ?




Woofy
Totalement inutile, complètement indispensable

Messages : 31 551
Inscrit le 11/01/02
Ville : Lyon
Non connecté
  Posté le 13 October 2006 - 19 h 43 m 32 s
Can you send me the running config ? In the client mode, type show running-config (or sh ru, it's quicker^^) ; excluding passwords, secret passphrase for the VPN and all which might be sensible.




yelwoci


Messages : 17
Inscrit le 12/10/06
Non connecté
  Posté le 14 October 2006 - 17 h 51 m 28 s
Can't send a true running config as the router is now disconnected and is 1200km away!

here is the psuedo config - I have very good Cisco skills by the way .. I just don't know the FREE ADSL parameters.
Crypto maps and Radio interfaces removed
This is an ADSL router with 4-port 10/100 Switch and ADSL2+ modem driven by ATM and Dialer interface.


no service pad
service nagle
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec show-timezone
service timestamps log datetime msec show-timezone
service password-encryption

hostname xxx.xxxx.xxx

logging queue-limit 100
logging buffered 16000 warnings
no logging console
enable secret fffffffffffffffffffffffffffffffffffff

username zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz
username ayyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy
aaa new-model
!
aaa authentication login userauthenticate local
aaa authorization network groupauthorise local
aaa session-id common
ip subnet-zero
no ip source-route
no ip domain-lookup
ip domain name dddddddddddddd.local
!
ip dhcp pool CLIENT
network 10.46.46.8 255.255.255.248
default-router 10.46.46.8
dns-server 172.21.46.239 213.120.62.97 194.42.224.130
lease 7
!
! MANUALLY FIRST ENTER CRYPTO KEYS USING DEFAULT 512
crypto key gen rsa
!
ip cef
ip tcp synwait-time 10
ip inspect hashtable-size 8192
ip inspect name firewall tcp
ip inspect name firewall udp
ip inspect name firewall cuseeme
ip inspect name firewall h323
ip inspect name firewall rcmd
ip inspect name firewall realaudio
ip inspect name firewall streamworks
ip inspect name firewall vdolive
ip inspect name firewall sqlnet
ip inspect name firewall tftp
ip inspect name firewall ftp
ip inspect name firewall icmp
ip inspect name firewall sip
ip inspect name firewall fragment maximum 256 timeout 1
ip inspect name firewall pptp
ip inspect name firewall rtsp
ip inspect name firewall isakmp
no ip bootp server
no ip domain lookup
ip ssh time-out 60
ip ssh authentication-retries 2
no ftp-server write-enable



!
bridge irb

interface Null0
no ip unreachables
!
interface ATM0
mtu 4470
no ip address
no ip mroute-cache
no ip proxy-arp
ip verify unicast reverse-path
no ip route-cache cef
atm vc-per-vp 64
no atm ilmi-keepalive
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
dsl operating-mode auto
no shut


interface Dot11Radio0
! NOT IMPORTANT


interface BVI1
description Localnet 10.46.46.9-10.46.46.14 255.255.255.248
ip address 10.46.46.14 255.255.255.248
ip access-group E0-in in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip tcp adjust-mss 1392
ip route-cache flow
no ip mroute-cache
no cdp enable

interface Vlan1
no ip address
bridge-group 1
bridge-group 1 spanning-disabled
hold-queue 224 in
hold-queue 244 out
!
interface FastEthernet1
no ip address
duplex auto
speed auto
!
interface FastEthernet2
no ip address
duplex auto
speed auto
!
interface FastEthernet3
no ip address
duplex auto
speed auto
!
interface FastEthernet4
no ip address
duplex auto
speed auto
!
interface Dialer1
ip address negotiated
ip access-group Internet-in in
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1492
ip nat outside
ip inspect firewall in
ip inspect firewall out
encapsulation ppp
no ip route-cache
ip tcp adjust-mss 1392
dialer pool 1
dialer remote-name redback
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname xxxxxxxxxxxxxxxxxxxx
ppp chap password xxxxxxxxxxxxxxxxxxxx
ppp pap sent-username xxxxxxxxxxxxx password xxxxxxxxxxxxxxxxx
hold-queue 224 in
hold-queue 224 out

ip nat inside source route-map nonat interface Dialer1 overload

ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server


ip access-list extended E0-in
remark SDM_ACL Category=17
permit tcp 10.46.46.8 0.0.0.7 host 10.46.46.14 eq telnet
permit tcp 10.46.46.8 0.0.0.7 host 10.46.46.14 eq 22
permit tcp 10.46.46.8 0.0.0.7 host 10.46.46.14 eq www
permit tcp 10.46.46.8 0.0.0.7 host 10.46.46.14 eq 443
permit tcp 10.46.46.8 0.0.0.7 host 10.46.46.14 eq cmd
permit udp 10.46.46.8 0.0.0.7 host 10.46.46.14 eq snmp
remark ### General Internet Access ###
permit tcp 10.46.46.8 0.0.0.7 gt 1023 any eq www
permit tcp 10.46.46.8 0.0.0.7 gt 1023 any eq 443
permit udp 10.46.46.8 0.0.0.7 gt 1023 any eq domain
permit tcp 10.46.46.8 0.0.0.7 gt 1023 any eq 123
permit udp 10.46.46.8 0.0.0.7 gt 1023 any eq ntp
permit tcp 10.46.46.8 0.0.0.7 gt 1023 any eq 554
permit udp 10.46.46.8 0.0.0.7 gt 1023 any eq 554
permit tcp 10.46.46.8 0.0.0.7 gt 1023 any eq 7070
permit udp 10.46.46.8 0.0.0.7 gt 1023 any eq 7070
permit tcp 10.46.46.8 0.0.0.7 gt 1023 any eq smtp
permit tcp 10.46.46.8 0.0.0.7 gt 1023 any eq pop3
permit tcp 10.46.46.8 0.0.0.7 gt 1023 any eq ftp
permit icmp 10.46.46.8 0.0.0.7 any
permit udp host 0.0.0.0 any eq bootps
permit udp host 0.0.0.0 any eq bootpc
remark ### VPN Access to HQ ###
permit ip any 172.21.46.0 0.0.0.255
deny ip any any log
!
ip access-list extended Internet-in
remark ### Dialer 1 Access Control List ###
permit ip host zzzzzzzzzzzzzzz any
permit ip host zzzzzzzzzzzzzzz any
permit ip 172.21.46.0 0.0.0.255 any
permit icmp any any
permit udp any any eq ntp
deny ip any any log
logging trap warning
logging zzzzzzzzzzzzzzzzzzzz
!

!
access-list 23 remark VTY Access Control
access-list 23 permit xxxxxxxxxxxxxxxxx
access-list 23 permit xxxxxxxxxxxxxxxxx
access-list 23 permit 10.46.46.8 0.0.0.7
access-list 23 deny any log
!
access-list 120 remark No NAT list
access-list 120 deny ip 10.46.46.0 0.0.0.7 172.21.46.0 0.0.0.255
access-list 120 permit ip 10.46.46.0 0.0.0.7 any
!
dialer-list 1 protocol ip permit
no cdp run

route-map nonat permit 5
match ip address 120

snmp-server community ggggggggggggggg RW
snmp-server location vvvvvvvvvvvvv
snmp-server contact vvvvvvvvvvvvvvvvvvvvvvvvvv
snmp-server chassis-id Cisco877W
snmp-server enable traps tty
radius-server authorization permit missing Service-Type
banner login ^C
Access to this device is only permitted by authorised users
All access to this device is logged
^C

line con 0
exec-timeout 60 0
no modem enable
transport output none
stopbits 1
line aux 0
exec-timeout 0 1
no exec
stopbits 1
line vty 0 4
access-class 23 in
exec-timeout 60 0
privilege level 15
transport input telnet ssh

scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500

sntp server 128.86.8.123
sntp server 130.88.200.6

end




Woofy
Totalement inutile, complètement indispensable

Messages : 31 551
Inscrit le 11/01/02
Ville : Lyon
Non connecté
  Posté le 14 October 2006 - 20 h 11 m 58 s
Ok... sorry but I really can't help you here.
The MTU might be good if you can connect after initiating connection with the freebox, then it can be the authentication.
Maybe it's something more secure than pap or chap, but I don't know.
I saw you went to support.free.fr . But did you try to send a mail to them ?




Loading
Coordinateur
Chef de projet IS

Messages : 5 531
Inscrit le 21/09/02
Ville : Lyon
Non connecté
  Posté le 14 October 2006 - 20 h 53 m 21 s
hi,
where the router is ? France, UK ?
what is the type of connection ? freebox ? commutated network ?
details of the other part (router, firewall, provider, wan & lan ip class) ?

thk




Woofy
Totalement inutile, complètement indispensable

Messages : 31 551
Inscrit le 11/01/02
Ville : Lyon
Non connecté
  Posté le 14 October 2006 - 21 h 11 m 56 s
I think the router is in France, on a freebox connexion.
The problem seems to be the authentication of the router on the free's network.




amon2010
Coordinateur
Attention Chien d'un Patron très Mechant

Messages : 25 702
Inscrit le 12/02/02
Ville : Saint Egreve
Non connecté
  Posté le 14 October 2006 - 21 h 12 m 38 s
Loading, it seems to be a Freebox connection

yelwoci : do you know if your client is fully Free or if he has a part of his connection managed by France Telecom ?

More over, I suppose Free uses a PPoE



Adherez au don d'organe !!!! : France adot et Le cercle Bleu
(pour préserver l'environnement, ce post est entièrement réalisé avec des electrons recyclés)


amon2010
Coordinateur
Attention Chien d'un Patron très Mechant

Messages : 25 702
Inscrit le 12/02/02
Ville : Saint Egreve
Non connecté
  Posté le 14 October 2006 - 21 h 22 m 47 s


Le 13 octobre 2006 - 19 h 12, yelwoci a écrit :
If we initially start the line with the Freebox and then move the RJ11 DSL cables onto the Cisco it works, but we cannot start, or restart the line with the Cisco.


From where to where ??

Client -> You or reverse or both ?



Adherez au don d'organe !!!! : France adot et Le cercle Bleu
(pour préserver l'environnement, ce post est entièrement réalisé avec des electrons recyclés)


yelwoci


Messages : 17
Inscrit le 12/10/06
Non connecté
  Posté le 14 October 2006 - 21 h 50 m 48 s
At the client's home, we bring the line up using the Freebox then move the DSL cable across to the Cisco and it works!! I am stunned but it does work.
The router is configured for PPPoA..buit since it works above ..I am guessing this is correct..though I have seen some reference to PPPoE.
Also I'm not sure what the PPP authentication protocol is PAP/CHAP/MS-CHAP/MS-CHAP-V2/EAP
the router currently supports PAP & CHAP common in UK

We know that when the dialer interface negotiates an IP it gets a 81.56.###.### with 255.255.255.0 netmask.
In UK we normally get a 255.255.255.252 or 255.255.255.255. We also no the network terminating kit is Cisco 6500 Layer3/4 switches...because Cisco is boasting about it.

Y




amon2010
Coordinateur
Attention Chien d'un Patron très Mechant

Messages : 25 702
Inscrit le 12/02/02
Ville : Saint Egreve
Non connecté
  Posté le 14 October 2006 - 22 h 06 m 49 s
in a 1st time try with PPoE may be ...

who knows

for the cisco conf, i'm sorry but it's over my skills



Adherez au don d'organe !!!! : France adot et Le cercle Bleu
(pour préserver l'environnement, ce post est entièrement réalisé avec des electrons recyclés)


Loading
Coordinateur
Chef de projet IS

Messages : 5 531
Inscrit le 21/09/02
Ville : Lyon
Non connecté
  Posté le 14 October 2006 - 22 h 22 m 40 s
oula je pige pas tout, il a testé à la maison de son client c ca ?
sa freebox c quelle version ? il a testé en bridge ?
il a mit quoi comme vpi et vci ?
c quoi le serveur vpn ? les plages d'ip de ses 2 réseaux ?
il ne sait pas quel protocole d'authentification mettre c ca?
y'a pas LEAP pour CISCO ?
la config du routeur est claire mais sans infos on peut pas vérifier...




Woofy
Totalement inutile, complètement indispensable

Messages : 31 551
Inscrit le 11/01/02
Ville : Lyon
Non connecté
  Posté le 14 October 2006 - 22 h 44 m 12 s
Loading : en gros, il arrive pas a remplacer la freebox par son routeur. C'est pas un problème de faire monter le VPN, mais il n'arrive pas a initier une connexion avec son routeur.
Par contre, dès qu'elle est initiée et qu'il a obtenu l'adresse des DHCP de free, il peux remplacer la freebox par son routeur et ça marche.
En gros, il arrive pas a configurer le dialer car il n'a pas les infos de cryptage et d'authentification.

Yelwoci : PAP and CHAP are very weak in security (no security for PAP, low for CHAP), so I'm not sur that it's the way used here.




amon2010
Coordinateur
Attention Chien d'un Patron très Mechant

Messages : 25 702
Inscrit le 12/02/02
Ville : Saint Egreve
Non connecté
  Posté le 14 October 2006 - 22 h 48 m 06 s
why don't use a static Ip @ ???

Free gives statics IP easily



Adherez au don d'organe !!!! : France adot et Le cercle Bleu
(pour préserver l'environnement, ce post est entièrement réalisé avec des electrons recyclés)


Woofy
Totalement inutile, complètement indispensable

Messages : 31 551
Inscrit le 11/01/02
Ville : Lyon
Non connecté
  Posté le 15 October 2006 - 10 h 53 m 51 s
Static IP isn't the problem, it's just the authentication on the free gateway.




Loading
Coordinateur
Chef de projet IS

Messages : 5 531
Inscrit le 21/09/02
Ville : Lyon
Non connecté
  Posté le 15 October 2006 - 14 h 35 m 34 s
euh mais le routeur cisco fait aussi modem adsl ????




1,2,3 | Suivant
Page genérée en 0.3530 secondes par RahForum 2.0 | Gzip off |  Stats |  Metaforums |  RSS
© 2004 Cerbere Systems.
Prix Matériel Informatique | Informatique Lyon | Informatique Grenoble | Informatique Annecy | Informatique Marseille | Informatique Bordeaux | Forum Informatique
ADSL | Actualité ADSL | Deligo | Appareil photo | Commande Au Volant
Creative Commons
Message Boards and Forums Directory