3342
Comment: Add Flex VPN link
|
4941
Add IP SLA snipit
|
Deletions are marked like this. | Additions are marked like this. |
Line 9: | Line 9: |
* Cisco 3G cellular modem reset / power-cycle * {{{ #test cellular 0/3/0 modem-power-cycle }}} * Cisco 3G cellular - Firmware - NOT included with IOS on HWIC module download seperate extract .tar to flash * {{{ microcode reload cellular pa-bay slot gsm modem-provision }}} |
|
Line 12: | Line 18: |
* Use subnet 10.202.191.x and 10.202.192.x for tunnel termination. .1 IS HQ GW | * Example: Use subnet 10.202.191.x and 10.202.192.x for tunnel termination. .1 IS HQ GW |
Line 25: | Line 31: |
dialer-group 1 | dialer-group 98 |
Line 32: | Line 38: |
ppp timeout 600 | |
Line 41: | Line 48: |
bandwidth 100 | |
Line 50: | Line 58: |
tunnel path-mtu-discovery tunnel path-mtu-discovery age-timer 30 tunnel path-mtu-discovery min-mtu 1300 |
|
Line 55: | Line 66: |
bandwidth 100 | |
Line 64: | Line 76: |
tunnel path-mtu-discovery tunnel path-mtu-discovery age-timer 30 tunnel path-mtu-discovery min-mtu 1300 |
|
Line 128: | Line 143: |
* 2013 - put cellular network interface in own vrf. {{{ ! vrf definition vrf3gAPN rd 10.202.194.1:134 ! address-family ipv4 exit-address-family ! interface Tunnel194 tunnel vrf vrf3gAPN ! interface Cellular0/3/0 vrf forwarding vrf3gAPN ! no ip route 10.10.240.194 255.255.255.255 Cellular0/3/0 permanent name 3G-Central-APN-LB ip route vrf vrf3gAPN 10.10.240.194 255.255.255.255 Cellular0/3/0 permanent name 3G-Central-APN-LB ! }}} * IP SLA ping to force traffic on static route to bring-up Cellular to get IP to bring up Tunnel. {{{ ip sla 191 icmp-echo 10.10.240.191 tag 3G-tun191 frequency 600 ip sla schedule 193 life forever start-time now }}} |
|
Line 130: | Line 176: |
* 2013-01-21 Pieter Smit - chicken egg problem where tunnel down because no source IP on cellular, and cellular down due to no interesting traffic. * Two solutions possible, [1.] Fix ip on cellular (works for private apn with fixed ip's) or [2.] ip sla to ping static route to force cellular0/3/0 up. |
Cisco 3G GSM + GRE Config
Cisco/Gsm3G/Old2012 Older config with dialer, dialer not needed
Need to add IPSec see http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_ike2vpn/configuration/15-2mt/sec-flex-spoke.html
- Cisco 3G cellular modem reset / power-cycle
#test cellular 0/3/0 modem-power-cycle
- Cisco 3G cellular - Firmware - NOT included with IOS on HWIC module download seperate extract .tar to flash
microcode reload cellular pa-bay slot gsm modem-provision
- 3G Cisco router config
- Details:
- 2 - WWW GW IP's with gre tunnels
- Example: Use subnet 10.202.191.x and 10.202.192.x for tunnel termination. .1 IS HQ GW
! chat-script gsm "" "ATD*99*1#" TIMEOUT 60 CONNECT ! ! interface Cellular0/3/0 ip address negotiated no ip virtual-reassembly in encapsulation ppp dialer in-band dialer idle-timeout 0 dialer string gsm dialer-group 98 async mode interactive ppp authentication chap callin ppp chap hostname dummy ppp chap password 0 dummy ppp ipcp dns request ppp ipcp address accept ppp timeout 600 ! ! ##Dual Antenna HWIC## interface Cellular0/3/1 no ip address encapsulation ppp ! ! interface Tunnel191 description 3G-GRE bandwidth 100 ip address 10.202.191.143 255.255.255.0 ip nhrp group 191 ip nhrp map multicast 10.202.191.1 ip nhrp network-id 191 ip nhrp nhs 10.202.191.1 ip nhrp registration no-unique ip ospf network broadcast ip ospf flood-reduction ip ospf priority 0 tunnel path-mtu-discovery tunnel path-mtu-discovery age-timer 30 tunnel path-mtu-discovery min-mtu 1300 tunnel source Cellular0/3/0 tunnel destination {{IP-EXT-NAT-WWW1}} ! interface Tunnel192 description 3G-GRE-IS bandwidth 100 ip address 10.202.192.143 255.255.255.0 ip nhrp group 192 ip nhrp map multicast 10.202.192.1 ip nhrp network-id 192 ip nhrp nhs 10.202.192.1 ip nhrp registration no-unique ip ospf network broadcast ip ospf flood-reduction ip ospf priority 0 tunnel path-mtu-discovery tunnel path-mtu-discovery age-timer 30 tunnel path-mtu-discovery min-mtu 1300 tunnel source Cellular0/3/0 tunnel destination {{IP-EXT-NAT-WWW2}} ! ip route {{IP-EXT-NAT-WWW1}} 255.255.255.255 Cellular0/3/0 ip route {{IP-EXT-NAT-WWW2}} 255.255.255.255 Cellular0/3/0 ! dialer-list 98 protocol ip permit ! line 0/3/0 script dialer gsm no exec rxspeed 7200000 txspeed 2000000 ! router ospf 1 network 10.202.191.0 0.0.0.255 area 0 network 10.202.192.0 0.0.0.255 area 0 !
- Details:
Core routers, can be one or two routers, external IP's nated to 10.10.240.191 & 192
! interface Loopback191 description TunnelSRC-nat-{{IP-EXT-NAT-WWW1}} ip address 10.10.240.191 255.255.255.255 ! interface Loopback192 description TunnelSRC-nat-{{IP-EXT-NAT-WWW2}} ip address 10.10.240.192 255.255.255.255 ! interface Tunnel191 description 3G-ExtIP-{{IP-EXT-NAT-WWW1}} ip address 10.202.191.1 255.255.255.0 no ip redirects ip nhrp group 191 ip nhrp map multicast dynamic ip nhrp network-id 191 ip ospf network broadcast ip ospf flood-reduction ip ospf priority 191 tunnel source Loopback191 tunnel mode gre multipoint ! interface Tunnel192 description 3G-ExtIP-{{IP-EXT-NAT-WWW2}} ip address 10.202.192.1 255.255.255.0 no ip redirects ip nhrp group 192 ip nhrp map multicast dynamic ip nhrp network-id 192 ip ospf network broadcast ip ospf flood-reduction ip ospf priority 192 tunnel source Loopback192 tunnel mode gre multipoint ! router ospf 1 network 10.202.0.0 0.0.255.255 area 0 !
- 2013 - put cellular network interface in own vrf.
! vrf definition vrf3gAPN rd 10.202.194.1:134 ! address-family ipv4 exit-address-family ! interface Tunnel194 tunnel vrf vrf3gAPN ! interface Cellular0/3/0 vrf forwarding vrf3gAPN ! no ip route 10.10.240.194 255.255.255.255 Cellular0/3/0 permanent name 3G-Central-APN-LB ip route vrf vrf3gAPN 10.10.240.194 255.255.255.255 Cellular0/3/0 permanent name 3G-Central-APN-LB !
- IP SLA ping to force traffic on static route to bring-up Cellular to get IP to bring up Tunnel.
ip sla 191 icmp-echo 10.10.240.191 tag 3G-tun191 frequency 600 ip sla schedule 193 life forever start-time now
Comments
- Feel free to leave comments or corrections.
- 2013-01-21 Pieter Smit - chicken egg problem where tunnel down because no source IP on cellular, and cellular down due to no interesting traffic.
- Two solutions possible, [1.] Fix ip on cellular (works for private apn with fixed ip's) or [2.] ip sla to ping static route to force cellular0/3/0 up.
- 2012-10-20 Pieter Smit - Create page.
... Page hits:1293