no joy. i guess that it really needs to work in both directions, so
even if they get fragmented on the way out on the inside device, it
would come back as a whole packet and need fragmenting on the way back
in again (for a ping that is)
i'll maybe get wireshark on it and take a look at some point.
On 17/02/2011 20:43, Carlos G Mendioroz wrote:
> Hey Paul,
> glad it worked out. You may want to reduce the ASA MTU in case
> your CPE is not doing the fragments (ASA should, I guess :)
>
> -Carlos
>
> Paul Cocker @ 17/02/2011 17:37 -0300 dixit:
>> hi Carlos,
>>
>> looked into a bit more and apparently you can use pppoA or pppoE, so
>> I tried pppoe and seemed to get it working. only problem is one of
>> the routers seems to refuse to fragment packets now, which is a bit
>> odd (I have adjusted the mtu to take account of the larger ppp packets).
>>
>> for any interested readers, below is the basic config to get the
>> assigned IP from the telco onto another router.
>>
>> Paul
>>
>>
>>
>> ------------------------
>> PPPOE client
>> !
>> vpdn enable
>> vpdn-group 1
>> !
>> interface GigabitEthernet0/1
>> no ip address
>> duplex auto
>> speed auto
>> pppoe enable group global
>> pppoe-client dial-pool-number 1
>>
>> int gig0/0
>> desc inside
>> ip tcp adjust-mss 1452
>> ip address �..
>> !
>> interface Dialer0
>> mtu 1492
>> ip tcp adjust-mss 1452
>> ip address negotiated
>> ip flow ingress
>> ip nat outside
>> ip virtual-reassembly
>> encapsulation ppp
>> dialer pool 1
>> dialer-group 1
>> no cdp enable
>> ppp authentication chap callin
>> ppp chap hostname xxxxxxxxx_at_hg39.btclick.com
>> ppp chap password 7 xxxxxxxxxxxxxxxxxxx
>> ppp ipcp dns request accept
>> !
>> ip route 0.0.0.0 0.0.0.0 Dialer0
>>
>> ---------------------------------------
>>
>> hostname bridging_router
>>
>> bridge irb
>> !
>> interface ATM0
>> no ip address
>> no atm ilmi-keepalive
>> pvc 0/38
>> encapsulation aal5snap
>> !
>> dsl operating-mode auto
>> bridge-group 1
>> !
>> interface FastEthernet3
>> switchport access vlan 1
>>
>> interface Vlan1
>> bridge-group 1
>> !
>> bridge 1 protocol ieee
>> bridge 1 route ip
>> !
>>
>> On 11/02/2011 20:25, Paul Cocker wrote:
>>> Hi Carlos,
>>>
>>> At home it's just standard ADSL, not ATM. I don't really understand
>>> why you don't need the dialer interface for it.
>>>
>>> Afraid the other ISP is PPPoA not PPPoE
>>>
>>> Thanks for your input,
>>> Paul
>>>
>>>
>>>
>>> On 11/02/2011 10:53, Carlos G Mendioroz wrote:
>>>> Paul,
>>>> at home it seems you are getting IP over ATM.
>>>> But now, with the dialer interface, you might be using PPPoA or PPPoE.
>>>> In the first case, I guess you are OOL.
>>>> If PPPoE, you could bridge at the CPE and terminate the pppoe link
>>>> directly at the ASA.
>>>>
>>>> http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080ab7ce9.shtml
>>>>
>>>>
>>>> -Carlos
>>>>
>>>>
>>>> Paul Cocker @ 10/02/2011 15:22 -0300 dixit:
>>>>> Hi,
>>>>>
>>>>> Sort of off topic, but interesting to me :-) I wonder if anyone
>>>>> has any experience of this.
>>>>>
>>>>> At home i like to run an ASA with the real outside address, so I
>>>>> use this setup to bridge the ATM interface to the ethernet. The
>>>>> ASA then just picks up an IP with DHCP. I also get a 2nd IP off
>>>>> the BVI interface. My ISP doesn't require PPP.
>>>>>
>>>>> ----------------------------------------------
>>>>> bridge irb
>>>>> bridge 5 protocol ieee
>>>>> bridge 5 route ip
>>>>>
>>>>> !
>>>>> interface ATM0
>>>>> no ip address
>>>>> no atm ilmi-keepalive
>>>>> !
>>>>> interface ATM0.1 point-to-point
>>>>> ip virtual-reassembly in
>>>>> atm route-bridged ip
>>>>> bridge-group 5
>>>>> pvc 0/101
>>>>> encapsulation aal5snap
>>>>>
>>>>> interface FastEthernet8
>>>>> description link to ASA outside - bridging ATM
>>>>> switchport access vlan 5
>>>>>
>>>>> interface Vlan5
>>>>> description bridge group for internet
>>>>> no ip address
>>>>> bridge-group 5
>>>>>
>>>>> interface BVI5
>>>>> ip address dhcp
>>>>> ip flow ingress
>>>>> ip nat outside
>>>>> ip virtual-reassembly in
>>>>>
>>>>> ----------------------------------------------
>>>>>
>>>>>
>>>>> That all seems to work ok, hoever I've tried to do it with another
>>>>> ISP that requires a dialer interface for the ADSL, in line with
>>>>> this doc from cisco which is about bridging ISDN...
>>>>>
>>>>> http://www.cisco.com/en/US/tech/tk801/tk379/technologies_configuration_example09186a008009457f.shtml
>>>>>
>>>>>
>>>>> Now. I guess dhcp isn't going to work on the PC/ASA attached to
>>>>> the fastethernet interface as DHCP ain't the same as PPP IP
>>>>> negotiate.
>>>>>
>>>>> Anyone see a way to make this work? Maybe if the ISP provided a
>>>>> static IP?
>>>>>
>>>>> A bit weird I know, and more for fun than anything else. Any ideas?
>>>>>
>>>>> Paul
>>>>>
>>>>>
>>>>> Blogs and organic groups at http://www.ccie.net
>>>>>
>>>>> _______________________________________________________________________
>>>>>
>>>>> Subscription information may be found at:
>>>>> http://www.groupstudy.com/list/CCIELab.html
>>>
>>>
>>> Blogs and organic groups at http://www.ccie.net
>>>
>>> _______________________________________________________________________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Thu Feb 17 2011 - 21:38:15 ART