Unrestricted APN Needed ?

My guess is that this thread will end in silence when the OP realises the problem is on his side.
Im not so sure what the massive need for PAT is, surely you only have access to one external IP and therefore normal NAT would be sufficient?
 
Print Out #2

2.) Show IP Interface Brief
Code: 
Fangorn#sh ip int bri
Interface                  IP-Address      OK? Method Status                Protocol
FastEthernet0/0            192.168.40.3    YES NVRAM  up                    up
FastEthernet0/1            192.168.30.7    YES NVRAM  up                    down
Serial0/1/0                unassigned      YES NVRAM  administratively down down
Cellular0/0/0              unassigned      YES NVRAM  up                    up
Dialer0                    41.12.3.176     YES IPCP   up                    up
Loopback0                  128.1.1.1       YES NVRAM  up                    up
NVI0                       192.168.40.3    YES unset  up                    up
Fangorn#

3.) Show IP Route
Fangorn#sh ip route
Code: 
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, + - replicated route

Gateway of last resort is 0.0.0.0 to network 0.0.0.0

S*    0.0.0.0/0 is directly connected, Dialer0
      41.0.0.0/32 is subnetted, 1 subnets
C        41.12.3.176 is directly connected, Dialer0
      128.1.0.0/32 is subnetted, 1 subnets
C        128.1.1.1 is directly connected, Loopback0
      192.168.40.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.40.0/24 is directly connected, FastEthernet0/0
L        192.168.40.3/32 is directly connected, FastEthernet0/0
 
Print Out #4

4.) PPP debug

Code: 
Fangorn#ping saix.net

Translating "saix.net"...domain server (196.207.35.29)
*Jul 23 08:30:29.347 SAST: Di0: No free dialer - starting fast idle timer
*Jul 23 08:30:30.359 SAST: Ce0/0/0 DDR: re-enable timeout
*Jul 23 08:30:32.347 SAST: Ce0/0/0 DDR: rotor dialout [best] least recent failure is also most recent failure
*Jul 23 08:30:32.347 SAST: Ce0/0/0 DDR: rotor dialout [best] also has most recent failure
*Jul 23 08:30:32.347 SAST: Ce0/0/0 DDR: rotor dialout [best]
*Jul 23 08:30:32.347 SAST: Ce0/0/0 DDR: Dialing cause ip (s=128.1.1.1, d=196.207.35.29)
*Jul 23 08:30:32.347 SAST: Ce0/0/0 DDR: Attempting to dial GSM
*Jul 23 08:30:32.347 SAST: CHAT0/0/0: Attempting async line dialer script
*Jul 23 08:30:32.347 SAST: CHAT0/0/0: Dialing using Modem script: GSM & System script: none
*Jul 23 08:30:32.347 SAST: CHAT0/0/0: process started
*Jul 23 08:30:32.347 SAST: CHAT0/0/0: Asserting DTR
*Jul 23 08:30:32.347 SAST: CHAT0/0/0: Chat script GSM started
*Jul 23 08:30:32.347 SAST: CHAT0/0/0: Sending string: ATDT*99*1#
*Jul 23 08:30:32.347 SAST: CHAT0/0/0: Expecting string: CONNECT
*Jul 23 08:30:32.391 SAST: CHAT0/0/0: Completed match for expect: CONNECT
*Jul 23 08:30:32.391 SAST: CHAT0/0/0: Chat script GSM finished, status = Success
*Jul 23 08:30:32.535 SAST: TTY0/0/0: no timer type 1 to destroy
*Jul 23 08:30:32.535 SAST: TTY0/0/0: no timer type 0 to destroy
*Jul 23 08:30:32.535 SAST: TTY0/0/0: no timer type 2 to destroy
*Jul 23 08:30:34.535 SAST: %LINK-3-UPDOWN: Interface Cellular0/0/0, changed state to up
*Jul 23 08:30:34.535 SAST: Ce0/0/0 DDR: Dialer statechange to up
*Jul 23 08:30:34.535 SAST: %DIALER-6-BIND: Interface Ce0/0/0 bound to profile Di0
*Jul 23 08:30:34.535 SAST: Ce0/0/0 DDR: Dialer call has been placed
*Jul 23 08:30:34.535 SAST: Ce0/0/0 PPP: Sending cstate UP notification
*Jul 23 08:30:34.539 SAST: Ce0/0/0 PPP: Processing CstateUp message
*Jul 23 08:30:34.559 SAST: PPP: Alloc Context [65DBB590]
*Jul 23 08:30:34.559 SAST: ppp11 PPP: Phase is ESTABLISHING
*Jul 23 08:30:34.559 SAST: Ce0/0/0 PPP: Using dialer call direction
*Jul 23 08:30:34.559 SAST: Ce0/0/0 PPP: Treating connection as a callout
*Jul 23 08:30:34.559 SAST: Ce0/0/0 PPP: Session handle[4A00000B] Session id[11]
*Jul 23 08:30:34.559 SAST: Ce0/0/0 LCP: Event[OPEN] State[Initial to Starting]
*Jul 23 08:30:34.559 SAST: Ce0/0/0 PPP: No remote authentication for call-out
*Jul 23 08:30:34.559 SAST: Ce0/0/0 LCP: O CONFREQ [Starting] id 1 len 20
*Jul 23 08:30:34.559 SAST: Ce0/0/0 LCP:    ACCM 0x000A0000 (0x0206000A0000)
*Jul 23 08:30:34.559 SAST: Ce0/0/0 LCP:    MagicNumber 0x55DF57FD (0x050655DF57FD)
*Jul 23 08:30:34.559 SAST: Ce0/0/0 LCP:    PFC (0x0702)
*Jul 23 08:30:34.559 SAST: Ce0/0/0 LCP:    ACFC (0x0802)
*Jul 23 08:30:34.559 SAST: Ce0/0/0 LCP: Event[UP] State[Starting to REQsent]
*Jul 23 08:30:34.563 SAST: Ce0/0/0 LCP: I CONFREQ [REQsent] id 15 len 25
*Jul 23 08:30:34.563 SAST: Ce0/0/0 LCP:    ACCM 0x00000000 (0x020600000000)
*Jul 23 08:30:34.563 SAST: Ce0/0/0 LCP:    AuthProto CHAP (0x0305C22305)
*Jul 23 08:30:34.563 SAST: Ce0/0/0 LCP:    MagicNumber 0x08AC22F7 (0x050608AC22F7)
*Jul 23 08:30:34.563 SAST: Ce0/0/0 LCP:    PFC (0x0702)
*Jul 23 08:30:34.563 SAST: Ce0/0/0 LCP:    ACFC (0x0802)
*Jul 23 08:30:34.563 SAST: Ce0/0/0 LCP: O CONFACK [REQsent] id 15 len 25
*Jul 23 08:30:34.563 SAST: Ce0/0/0 LCP:    ACCM 0x00000000 (0x020600000000)
*Jul 23 08:30:34.563 SAST: Ce0/0/0 LCP:    AuthProto CHAP (0x0305C22305)
*Jul 23 08:30:34.563 SAST: Ce0/0/0 LCP:    MagicNumber 0x08AC22F7 (0x050608AC22F7)
*Jul 23 08:30:34.563 SAST: Ce0/0/0 LCP:    PFC (0x0702)
*Jul 23 08:30:34.563 SAST: Ce0/0/0 LCP:    ACFC (0x0802)
*Jul 23 08:30:34.567 SAST: Ce0/0/0 LCP: Event[Receive ConfReq+] State[REQsent to ACKsent]
*Jul 23 08:30:34.567 SAST: Ce0/0/0 LCP: I CONFACK [ACKsent] id 1 len 20
*Jul 23 08:30:34.567 SAST: Ce0/0/0 LCP:    ACCM 0x000A0000 (0x0206000A0000)
*Jul 23 08:30:34.567 SAST: Ce0/0/0 LCP:    MagicNumber 0x55DF57FD (0x050655DF57FD)
*Jul 23 08:30:34.567 SAST: Ce0/0/0 LCP:    PFC (0x0702)
*Jul 23 08:30:34.567 SAST: Ce0/0/0 LCP:    ACFC (0x0802)
*Jul 23 08:30:34.567 SAST: Ce0/0/0 LCP: Event[Receive ConfAck] State[ACKsent to Open]
*Jul 23 08:30:34.567 SAST: Ce0/0/0 PPP: Queue CHAP code[1] id[1]
*Jul 23 08:30:34.587 SAST: Ce0/0/0 PPP: No authorization without authentication
*Jul 23 08:30:34.587 SAST: Ce0/0/0 PPP: Phase is AUTHENTICATING, by the peer
*Jul 23 08:30:34.587 SAST: Ce0/0/0 CHAP: Redirect packet to Ce0/0/0
*Jul 23 08:30:34.587 SAST: Ce0/0/0 CHAP: I CHALLENGE id 1 len 35 from "UMTS_CHAP_SRVR"
*Jul 23 08:30:34.587 SAST: Ce0/0/0 PPP: Sent CHAP SENDAUTH Request
*Jul 23 08:30:34.591 SAST: Ce0/0/0 LCP: State is Open
*Jul 23 08:30:34.591 SAST: Ce0/0/0 PPP: Received SENDAUTH Response FAIL
*Jul 23 08:30:34.591 SAST: Ce0/0/0 CHAP: Using hostname from interface CHAP
*Jul 23 08:30:34.591 SAST: Ce0/0/0 CHAP: Using password from interface CHAP
*Jul 23 08:30:34.591 SAST: Ce0/0/0 CHAP: O RESPONSE id 1 len 28 from "Vodacom"
*Jul 23 08:30:34.595 SAST: Ce0/0/0 CHAP: I SUCCESS id 1 len 4
*Jul 23 08:30:34.595 SAST: Ce0/0/0 PPP: Phase is FORWARDING, Attempting Forward
*Jul 23 08:30:34.607 SAST: Ce0/0/0 PPP: Phase is ESTABLISHING, F (196.207.35.30)inish LCP
*Jul 23 08:30:34.607 SAST: Ce0/0/0 PPP: Phase is UP
*Jul 23 08:30:34.607 SAST: Ce0/0/0 IPCP: Protocol configured, start CP. state[Initial]
*Jul 23 08:30:34.611 SAST: Ce0/0/0 IPCP: Event[OPEN] State[Initial to Starting]
*Jul 23 08:30:34.611 SAST: Ce0/0/0 IPCP: O CONFREQ [Starting] id 1 len 10
*Jul 23 08:30:34.611 SAST: Ce0/0/0 IPCP:    Address 0.0.0.0 (0x030600000000)
*Jul 23 08:30:34.611 SAST: Ce0/0/0 IPCP: Event[UP] State[Starting to REQsent]
*Jul 23 08:30:34.611 SAST: %LINEPROTO-5-UPDOWN: Line protocol on Interface Cellular0/0/0, changed state to up
*Jul 23 08:30:35.611 SAST: Ce0/0/0 IPCP: I CONFNAK [REQsent] id 1 len 16
*Jul 23 08:30:35.611 SAST: Ce0/0/0 IPCP:    PrimaryDNS 10.11.12.13 (0x81060A0B0C0D)
*Jul 23 08:30:35.611 SAST: Ce0/0/0 IPCP:    SecondaryDNS 10.11.12.14 (0x83060A0B0C0E)
*Jul 23 08:30:35.611 SAST: Ce0/0/0 IPCP: O CONFREQ [REQsent] id 2 len 10
*Jul 23 08:30:35.615 SAST: Ce0/0/0 IPCP:    Address 0.0.0.0 (0x030600000000)
*Jul 23 08:30:35.615 SAST: Ce0/0/0 IPCP: Event[Receive ConfNak/Rej] State[REQsent to REQsent]
*Jul 23 08:30:36.615 SAST: Ce0/0/0 IPCP: I CONFNAK [REQsent] id 2 len 16
*Jul 23 08:30:36.615 SAST: Ce0/0/0 IPCP:    PrimaryDNS 10.11.12.13 (0x81060A0B0C0D)
*Jul 23 08:30:36.615 SAST: Ce0/0/0 IPCP:    SecondaryDNS 10.11.12.14 (0x83060A0B0C0E)
*Jul 23 08:30:36.615 SAST: Ce0/0/0 IPCP: O CONFREQ [REQsent] id 3 len 10
*Jul 23 08:30:36.615 SAST: Ce0/0/0 IPCP:    Address 0.0.0.0 (0x030600000000)
*Jul 23 08:30:36.615 SAST: Ce0/0/0 IPCP: Event[Receive ConfNak/Rej] State[REQsent to REQsent]
*Jul 23 08:30:37.619 SAST: Ce0/0/0 IPCP: I CONFNAK [REQsent] id 3 len 16
*Jul 23 08:30:37.619 SAST: Ce0/0/0 IPCP:    PrimaryDNS 10.11.12.13 (0x81060A0B0C0D)
*Jul 23 08:30:37.619 SAST: Ce0/0/0 IPCP:    SecondaryDNS 10.11.12.14 (0x83060A0B0C0E)
*Jul 23 08:30:37.619 SAST: Ce0/0/0 IPCP: O CONFREQ [REQsent] id 4 len 10
*Jul 23 08:30:37.619 SAST: Ce0/0/0 IPCP:    Address 0.0.0.0 (0x030600000000)
*Jul 23 08:30:37.619 SAST: Ce0/0/0 IPCP: Event[Receive ConfNak/Rej] State[REQsent to REQsent]
*Jul 23 08:30:38.623 SAST: Ce0/0/0 IPCP: I CONFNAK [REQsent] id 4 len 16
*Jul 23 08:30:38.623 SAST: Ce0/0/0 IPCP:    PrimaryDNS 10.11.12.13 (0x81060A0B0C0D)
*Jul 23 08:30:38.623 SAST: Ce0/0/0 IPCP:    SecondaryDNS 10.11.12.14 (0x83060A0B0C0E)
*Jul 23 08:30:38.623 SAST: Ce0/0/0 IPCP: O CONFREQ [REQsent] id 5 len 10
*Jul 23 08:30:38.623 SAST: Ce0/0/0 IPCP:    Address 0.0.0.0 (0x030600000000)
*Jul 23 08:30:38.623 SAST: Ce0/0/0 IPCP: Event[Receive ConfNak/Rej] State[REQsent to REQsent]
*Jul 23 08:30:39.363 SAST: Ce0/0/0 IPCP: I CONFREQ [REQsent] id 2 len 4
*Jul 23 08:30:39.363 SAST: Ce0/0/0 IPCP AUTHOR: Done. Her address 0.0.0.0, we want 0.0.0.0
*Jul 23 08:30:39.363 SAST: Ce0/0/0 IPCP: O CONFACK [REQsent] id 2 len 4
*Jul 23 08:30:39.363 SAST: Ce0/0/0 IPCP: Event[Receive ConfReq+] State[REQsent to ACKsent]
*Jul 23 08:30:39.363 SAST: Ce0/0/0 IPCP: I CONFNAK [ACKsent] id 5 len 10
*Jul 23 08:30:39.363 SAST: Ce0/0/0 IPCP:    Address 41.12.3.176 (0x0306290C03B0)
*Jul 23 08:30:39.363 SAST: Ce0/0/0 IPCP: O CONFREQ [ACKsent] id 6 len 10
*Jul 23 08:30:39.363 SAST: Ce0/0/0 IPCP:    Address 41.12.3.176 (0x0306290C03B0)
*Jul 23 08:30:39.363 SAST: Ce0/0/0 IPCP: Event[Receive ConfNak/Rej] State[ACKsent to ACKsent]
*Jul 23 08:30:39.367 SAST: Ce0/0/0 IPCP: I CONFACK [ACKsent] id 6 len 10
*Jul 23 08:30:39.367 SAST: Ce0/0/0 IPCP:    Address 41.12.3.176 (0x0306290C03B0)
*Jul 23 08:30:39.367 SAST: Ce0/0/0 IPCP: Event[Receive ConfAck] State[ACKsent to Open]
*Jul 23 08:30:39.411 SAST: Ce0/0/0 IPCP: State is Open
*Jul 23 08:30:39.411 SAST: Di0 IPCP: Install negotiated IP interface address 41.12.3.176
*Jul 23 08:30:39.419 SAST: Ce0/0/0 DDR: dialer protocol up [OK]

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 196.25.1.200, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 120/138/204 ms
 
Conclusion !

Just to compare with the details of a connection from my laptop

The WWAN card has NO setting for input of an IP ( as in a RJ45 ethernet connection )
So everything is DHCP ( and public )
An interface IP is supplied as well as a default gateway DNS and DHCP servers

Code: 
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\>route print

IPv4 Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10004 ...00 21 70 81 b9 d4 ...... Broadcom NetXtreme 57xx Gigabit Controller - Packet Scheduler Mi
niport
0x10005 ...00 1a 6b 3e a3 00 ...... Bluetooth Personal Area Network - Packet Scheduler Miniport
0x20006 ...02 80 37 ec 02 00 ...... Dell Wireless 5530 HSPA Mobile Broadband Minicard NetworkAdapter
 - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0   41.150.209.251   41.150.209.249     30
   41.150.209.248  255.255.255.248   41.150.209.249   41.150.209.249     30
   41.150.209.249  255.255.255.255        127.0.0.1        127.0.0.1     30
   41.255.255.255  255.255.255.255   41.150.209.249   41.150.209.249     30
        127.0.0.0        255.0.0.0        127.0.0.1        127.0.0.1      1
        224.0.0.0        240.0.0.0   41.150.209.249   41.150.209.249     30
  255.255.255.255  255.255.255.255   41.150.209.249   41.150.209.249      1
  255.255.255.255  255.255.255.255   41.150.209.249            10005      1
  255.255.255.255  255.255.255.255   41.150.209.249            10004      1
Default Gateway:    41.150.209.251
===========================================================================
Persistent Routes:
  None


Ethernet adapter Dell-5530-HSPA:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Dell Wireless 5530 HSPA Mobile Broadband Minicard NetworkAdapter
   Physical Address. . . . . . . . . : 02-80-37-EC-02-00
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IP Address. . . . . . . . . . . . : 41.150.209.249
   Subnet Mask . . . . . . . . . . . : 255.255.255.248
   Default Gateway . . . . . . . . . : 41.150.209.251
   DHCP Server . . . . . . . . . . . : 41.150.209.250
   DNS Servers . . . . . . . . . . . : 196.43.53.190
                                       196.43.54.190
   NetBIOS over Tcpip. . . . . . . . : Disabled
   Lease Obtained. . . . . . . . . . : 22 July 2012 23:14:PM
   Lease Expires . . . . . . . . . . : 22 July 2012 23:19:PM

In the routers route table there is only ONE public IP

Code: 
Gateway of last resort is 0.0.0.0 to network 0.0.0.0

S*    0.0.0.0/0 is directly connected, Dialer0
      41.0.0.0/32 is subnetted, 1 subnets
C        41.12.3.176 is directly connected, Dialer0

Looking at this example and ADSL then 41.0.0.0/32 should be subnetted into TWO subnets ( as far as I can work out both with /32 masks )

One for the actual interface ( which should be FA0/0 192.168.40.0 /24 )
One for the default gateway ( which should be the dialer0 interface -- which is not set but given and is present )

It is the interface ( which is private ) that needs to be NATTED ! -- but which does NOT have a PUBLIC IP allocated to be natted against !

It looks to me that 41.12.3.176 should be allocated to FA0/0 ????? ( and perhaps a 41.12.3.1 allocated to Dialer0 )


There is a difference in the connection methods
The router is using ip ipcp negotiated
The WWAN card is using ip ipcp DHCP


*Jul 23 08:30:32.347 SAST: Ce0/0/0 DDR: Dialing cause ip (s=128.1.1.1, d=196.207.35.29)

As you can see the loopback0 is the source calling saix.net
(from the console connection )
Loopback0 has no encapsulation set so I am sure it is not being routed.

The rest of the dialer config is standard as per the Cisco template and many other examples -- it is connecting and bringing up the line.

Anyway that is how I see it - see what you think and discover -- when my Cisco registration comes through I will go and ask on one of their support forums.

Be really interested to know where "Murphy" is hiding -- I am also known to make mistakes -- now and again :D

Thanks for the interest
 
PAT

Rocket-Boy said:
My guess is that this thread will end in silence when the OP realises the problem is on his side.
Im not so sure what the massive need for PAT is, surely you only have access to one external IP and therefore normal NAT would be sufficient?
Click to expand...
How many private IP's can you NAT without PAT ?
( Port Address Translation )

In ALL the examples I have seen it is used
 
PsyWulf said:
Fairly certain this guy is trolling,nobody could be this blindly oblivious
Click to expand...
Weell PLEASE point out the problem --AND -- the solution
(instead of bland useless statements)
You seem to know exactly what is wrong
We are NOT all rocket scientists !
 
b@nD said:
How many private IP's can you NAT without PAT ?
( Port Address Translation )

In ALL the examples I have seen it is used
Click to expand...

PAT is needed, yes.


Paste your running-config. pm to me if you're paranoid.
 
Hi

I suggest the following: activate InternetVPN on the sim card in the router/ modem you are using and change APN to InternetVPN. Connect and try whatever you are trying to do and see if it works. If you have tried that already, then ignore this message. Many friends try to do funny things that I dont understand :confused: but I found that the InternetVPN has sorted out most of their problems.

I doubt you will get any joy using the internet apn.
 
b@nD said:
I found it in a config test example :)
Click to expand...
Don't believe everything you read on the Internet
b@nD said:
Assumed as it was an example it could be used -- my bad
As I understand a loopback -- it allows you to access the router if there is a problem with a hardware interface ?
IF I understand correctly the IP I am using on loopback0 is not being used outside the router ?
Click to expand...
This is only relevant if you are running a network with multiple routers and an IGP like EIRGP, IS-IS or OSPF.

b@nD said:
What do you propose I change it to ( atm I only need it accessible to my own network -- private) ?
Click to expand...
Set it to 127.0.0.1 to avoid breaking anything.

b@nD said:
Code: 
Cellular0/0/0 is administratively down, line protocol is down

Dialer0 is administratively down, line protocol is down
Click to expand...
If the interfaces are down then obviously nothing will work.

We still have zero clarity on what's not working.
 
Rocket-Boy said:
My guess is that this thread will end in silence when the OP realises the problem is on his side.
Im not so sure what the massive need for PAT is, surely you only have access to one external IP and therefore normal NAT would be sufficient?
Click to expand...
We're all talking about the same thing when we refer to PAT and NAT. :) PAT is the slightly more correct term but functionally it is the same as the 'NAT' that most consumer routers use.
 
Up & UP

ambo said:
We're all talking about the same thing when we refer to PAT and NAT. :)
PAT is the slightly more correct term but functionally it is the same as the 'NAT' that most consumer routers use.
Click to expand...
Hi ,
Everything is up & up ( earlier output was from a test )
Following suggestions I have removed the loopback interface
I have changed the list that brings up the dialer ( simplified )
I have checked other access lists ( someone thought that they might be interfering with traffic)

I can bring up the dialer from the PC -- no problem
Logging shows that traffic is passing without any blocking

Code: 
Fangorn#
[color=blue][I]
Dialer brought up from PC
*Jul 23 11:36:00.058 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 192.168.40.26 -> 196.220.59.189, 1 packet
[/I][/color]

[color=blue][I]
Access to DNS servers allowed
Fangorn#
*Jul 23 11:36:01.058 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 192.168.40.26 -> 196.43.1.14, 1 packet

*Jul 23 11:36:02.058 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 192.168.40.26 -> 196.220.59.188, 1 packet
[/color][/I]

[color=blue][I]
Dialer coming up
*Jul 23 11:36:02.250 SAST: %LINK-3-UPDOWN: Interface Cellular0/0/0, changed state to up
*Jul 23 11:36:02.250 SAST: %DIALER-6-BIND: Interface Ce0/0/0 bound to profile Di0
Fangorn#
*Jul 23 11:36:02.322 SAST: %LINEPROTO-5-UPDOWN: Line protocol on Interface Cellular0/0/0, changed state to up
[/color][/I]

[color=blue][I]
Another DNS server
Fangorn#
*Jul 23 11:36:04.058 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 192.168.40.26 -> 196.43.38.190, 1 packet
[/color][/I]

Fangorn#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, + - replicated route

Gateway of last resort is 0.0.0.0 to network 0.0.0.0

S*    0.0.0.0/0 is directly connected, Dialer0
      41.0.0.0/32 is subnetted, 1 subnets
C        41.8.4.92 is directly connected, Dialer0
      192.168.40.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.40.0/24 is directly connected, FastEthernet0/0
L        192.168.40.3/32 is directly connected, FastEthernet0/0
Fangorn#

Code: 
[color=blue][I]
Traffic on the connected dialer interface with IP as allocated above
[/color][/I]
Fangorn#
*Jul 23 11:37:47.194 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 10.17.15.11 -> 41.9.249.255, 3 packets
*Jul 23 11:37:47.194 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 41.9.249.255 -> 196.207.35.29, 8 packets
*Jul 23 11:37:47.194 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 196.207.35.29 -> 41.9.249.255, 8 packets
*Jul 23 11:37:47.194 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 41.9.249.255 -> 196.25.1.200, 43 packets
*Jul 23 11:37:47.194 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 10.242.202.2 -> 41.9.249.255, 2 packets
*Jul 23 11:37:47.194 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 196.207.35.36 -> 41.9.249.255, 2 packets
*Jul 23 11:37:47.194 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 196.207.35.244 -> 41.9.249.255, 2 packets
*Jul 23 11:37:47.194 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 41.0.148.1 -> 41.9.249.255, 2 packets
*Jul 23 11:37:47.194 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 41.0.144.5 -> 41.9.249.255, 3 packets
*Jul 23 11:37:47.194 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 196.25.91.61 -> 41.9.249.255, 2 packets

[color=blue][I]
Internal interface trying to get to DNS again
[/color][/I]
Fangorn#
*Jul 23 11:41:47.194 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 192.168.40.26 -> 196.220.59.189, 1 packet
*Jul 23 11:41:47.194 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 192.168.40.26 -> 196.43.1.14, 1 packet
*Jul 23 11:41:47.194 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 192.168.40.26 -> 196.220.59.188, 1 packet
*Jul 23 11:41:47.194 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 192.168.40.26 -> 4.2.2.3, 1 packet

WHO are ........

*Jul 23 11:37:47.194 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 41.0.148.1 -> 41.9.249.255, 2 packets
*Jul 23 11:37:47.194 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 41.0.144.5 -> 41.9.249.255, 3 packets

That look like they are broadcasting ? ESSR ??????


As far as I ( moi ) can work out things are OK on my side ??????
 
That's probably someone doing some kind of scan...

Are your inside machines able to access the net now?
 
Scanning -- NOT !

Sinbad said:
That's probably someone doing some kind of scan...
Are your inside machines able to access the net now?
Click to expand...
NO
Those are ALL Voda addresses -- I do not see "my" address 41.8.4.92 in those logs anywhere
[Edit]
196.25.1.200 is saix.net
196.25.x.x is normally a Telkom / SAIX IP
196.43.x.190 is normally Telkom / SAIX DNS
It looks to me like an internal ping-pong on the Voda drum
But anyway what do I know -- I know nothing about Cisco or IP ! )
http://en.ntunhs.net/IPInfo/EN/41/0.htm
[/Edit]
NO
Until I get a second public INTERFACE /32 IP address I will NEVER be able to

THIS is the absolute main crucial point that I NOT getting any feedback on !
 
Last edited:
b@nD said:
NO
Those are ALL Voda addresses -- I do not see "my" address 41.8.4.92 in those logs anywhere
NO
Until I get a second public INTERFACE /32 IP address I will NEVER be able to
Click to expand...
You only get one IP and you NAT/PAT everything behind that... surely?
Code: 
C        41.8.4.92 is directly connected, Dialer0

b@nD said:
THIS is the absolute main crucial point that I NOT getting any feedback on !
Click to expand...
You still haven't provided the trace from the router that I requested:
Code: 
traceroute 8.8.8.8
 
Last edited:
ambo said:
b@nD said:
NO
Those are ALL Voda addresses -- I do not see "my" address 41.8.4.92 in those logs anywhere
NO
Until I get a second public INTERFACE /32 IP address I will NEVER be able to
You only get one IP and you NAT/PAT everything behind that... surely?
Code: 
C        41.8.4.92 is directly connected, Dialer0

You still haven't provided the trace from the router that I requested:
Code: 
traceroute 8.8.8.8
Click to expand...


You don't need a second IP.
The whole point of overload NAT is that your traffic appears to come from the dialer0 interface.

turn on debug ip nat and show us the output?
Click to expand...
 
Last edited:
One ring to bind them all

Sinbad said:
You don't need a second IP.
Click to expand...
I am afraid it looks like you DO
Sinbad said:
The whole point of overload NAT is that your traffic appears to come from the dialer0 interface.
turn on debug ip nat and show us the output?
Click to expand...
One for the GATEWAY -- One for the INTERFACE !

Dialer0 is the GATEWAY ................
 
b@nD said:
I am afraid it looks like you DO

One for the GATEWAY -- One for the INTERFACE !
Click to expand...

Nope. Never ever seen an interface needing two IPs before.
Do me a favour - take the hardcoded ip route 0.0.0.0 out of your config and let the router do the routing itself? It might be that you need the next hop to be the PPP peer rather than your own interface.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X