Questions

Cisco 871 with cable modem conf not enabling WAN traffic

+
0 Votes
Locked

Cisco 871 with cable modem conf not enabling WAN traffic

Jantje85
Dear all,

I have been trying for the past few days to migrate my cisco 871 currently configured with a DSL modem to use my new cable modem. It has been a few years though since I last had to make any major changes to it and I seem to have lost my 'touch' - if ever I had it...

Eventually I intend to have it fail-over between from the cable modem to the dsl line by putting a switched port in a vlan and placing the dialer on that... but first I have to get the cable modem working on the WAN port.. the WAN interface is assigned an IP just fine through DHCP and there s a static default route pointing to the interface, but I cannot ping anything outside my network - not even from the router itself.

I might be overlooking something really simple, but I can't seem to find the issue.. most of the new config is just copied over from my old dsl config so I think bad access lists can't be to blame..

I am running the Advanced IP Services image;I have pasted my configuration below.

Any advice you could offer would be greatly appreciated.

Kind Regards,
Jan
------
version 15.1
no parser cache
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug uptime
service timestamps log uptime
service password-encryption
service sequence-numbers

hostname Central

boot-start-marker
boot-end-marker

security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200
logging console notifications
!enable secret 5 *****

aaa new-model

aaa authentication login local_authen local
aaa authentication ppp default local
aaa authorization exec default local

aaa session-id common

clock timezone WEST 1 0
clock summer-time WEST recurring
no ip source-route
ip cef

service dhcp
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.1 192.168.1.20
ip dhcp excluded-address 192.168.2.1 192.168.2.10
ip dhcp excluded-address 192.168.1.240 192.168.1.254

ip dhcp pool PrivNet
import all
network 192.168.1.0 255.255.255.0
domain-name MWeb
default-router 192.168.1.1
dns-server 192.168.1.1
lease 30

ip dhcp pool PubNet
import all
network 192.168.2.0 255.255.255.0
domain-name PubMWeb
default-router 192.168.2.1
dns-server 192.168.2.1

dot11 mbssid
dot11 vlan-name default vlan 1
dot11 vlan-name PubMWeb vlan 2

dot11 ssid MWeb
vlan 1
authentication open
authentication key-management wpa
mbssid guest-mode
!wpa-psk ascii 7 ***********

dot11 ssid PubMWeb
vlan 2
authentication open
authentication key-management wpa
mbssid guest-mode
!wpa-psk ascii 7 ***********

ip tcp synwait-time 10
no ip bootp server
ip domain name MWeb
ip name-server 8.8.8.8
ip name-server 208.67.222.222
ip name-server 8.8.4.4
ip name-server 208.67.220.222
ip ssh time-out 60
ip ssh authentication-retries 2

ip inspect max-incomplete low 200
ip inspect max-incomplete high 400
ip inspect one-minute low 200
ip inspect one-minute high 400
ip inspect tcp synwait-time 15
ip inspect name FW1 appfw FW1
ip inspect name FW1 ftp timeout 3600
ip inspect name FW1 h323 timeout 3600
ip inspect name FW1 icmp timeout 360
ip inspect name FW1 netshow timeout 3600
ip inspect name FW1 rcmd timeout 3600
ip inspect name FW1 realaudio timeout 3600
ip inspect name FW1 rtsp timeout 3600
ip inspect name FW1 esmtp timeout 3600
ip inspect name FW1 sqlnet timeout 3600
ip inspect name FW1 streamworks timeout 360
ip inspect name FW1 tftp timeout 30
ip inspect name FW1 tcp timeout 3600
ip inspect name FW1 udp timeout 15
ip inspect name FW1 vdolive timeout 3600
ip inspect name FW1 https timeout 3600
ip inspect name FW1 dns timeout 60

bridge irb
bridge 1 protocol ieee
bridge 1 route ip

interface Null0
no ip unreachables

interface FastEthernet0
description Downlink to Private LAN Switch.
switchport mode trunk
no ip address
no shutdown

interface FastEthernet1
no cdp enable
no shutdown

interface FastEthernet2
no cdp enable
no shutdown

interface FastEthernet3
no cdp enable
no shutdown

interface FastEthernet4
description WAN
ip address dhcp
ip access-group ACL-Internet-Inbound in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly in
ip inspect FW1 in
ip inspect FW1 out
ip flow ingress
duplex auto
speed auto
no cdp enable
no shutdown

interface Dot11Radio0
no ip address
no dot11 extension aironet
encryption vlan 1 mode ciphers aes-ccm
encryption vlan 2 mode ciphers aes-ccm
ssid MWeb
ssid PubMWeb
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
mbssid
station-role root
no cdp enable
no shutdown

interface Dot11Radio0.1
description Main Wireless by MWeb
encapsulation dot1Q 1 native
bridge-group 1
bridge-group 1 spanning-disabled

interface Dot11Radio0.2
description Guest Wireless by MWeb
bandwidth 2000
encapsulation dot1Q 2
ip address 192.168.2.1 255.255.255.0
ip access-group Guest-ACL in
no ip redirects
no ip unreachables
no ip proxy-arp
ip inspect FW1 out
ip nat inside
ip virtual-reassembly in

interface Vlan1
description Internal Private LAN
bridge-group 1
bridge-group 1 spanning-disabled

interface BVI1
ip address 192.168.1.1 255.255.255.0
ip access-group 100 in
ip inspect FW1 out
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly in
no shutdown

ip http server
ip http access-class 2
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000

ip dns server
ip dns spoofing
ip nat pool DJanPool 192.168.1.10 192.168.1.10 netmask 255.255.255.0 type rotary
ip nat pool LServ1Pool 192.168.1.7 192.168.1.7 netmask 255.255.255.0 type rotary
ip nat inside source list 1 interface FastEthernet4 overload
ip nat inside destination list DJanF pool DJanPool
ip nat inside destination list LServ1F pool LServ1Pool
ip route 0.0.0.0 0.0.0.0 FastEthernet4

ip access-list extended ACL-Internet-Inbound
remark Restrict access from the internet to the LAN.
permit udp any eq bootps any eq bootpc
permit udp any eq domain any
permit udp host 81.246.92.139 eq ntp any eq ntp
permit udp any eq ntp any eq ntp
deny ip 192.168.2.0 0.0.0.255 any
permit icmp any any echo-reply
permit icmp any any time-exceeded
permit icmp any any unreachable
permit gre any any
permit esp any any
permit udp any any eq 8887
permit udp any any eq 41170
permit udp any any range 10500 12500
permit tcp any any range 10500 12500
permit tcp any any eq smtp
permit tcp any any eq pop3
permit tcp any any eq 3306
permit tcp any any eq 5901
permit tcp any any range 6650 8000
permit udp any any range 6650 8000
permit tcp any any range 13000 15000
permit tcp any any eq 9418
permit udp any any range 13000 15000
deny ip 10.0.0.0 0.255.255.255 any
deny ip 172.16.0.0 0.15.255.255 any
deny ip 192.168.0.0 0.0.255.255 any
deny ip 127.0.0.0 0.255.255.255 any
deny ip host 255.255.255.255 any
deny ip host 0.0.0.0 any
deny ip any any log
ip access-list extended DJanF
permit udp any any eq 8887
permit udp any any eq 41170
permit tcp any any range 10500 12500
permit udp any any range 10500 12500
ip access-list extended Guest-ACL
deny ip host 255.255.255.255 any
deny ip 127.0.0.0 0.255.255.255 any
deny ip any 192.168.1.0 0.0.0.255
permit ip any any
ip access-list extended LServ1F
permit tcp any any eq smtp
permit tcp any any eq pop3
permit tcp any any eq 3306
permit tcp any any eq 5901
permit tcp any any range 6650 8000
permit udp any any range 6650 8000
permit tcp any any range 13000 15000
permit udp any any range 13000 15000
permit tcp any any eq 9418
permit tcp any any eq www

logging esm config
logging trap notifications
access-list 1 remark Allow both VLANs access to the dialer
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 1 permit 192.168.2.0 0.0.0.255
access-list 2 remark HTTP Access-class list
access-list 2 remark SDM_ACL Category=1
access-list 2 permit 192.168.1.0 0.0.0.255
access-list 2 deny any
access-list 100 remark Incoming Traffic from main VLAN.
access-list 100 deny ip host 255.255.255.255 any
access-list 100 deny ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 102 remark VTY Access-class list
access-list 102 permit ip 192.168.1.0 0.0.0.255 any
access-list 102 deny ip any any
no cdp run

control-plane

line con 0
login authentication local_authen
no modem enable
transport preferred none
transport output telnet
line aux 0
login authentication local_authen
transport output telnet
line vty 0 4
access-class 102 in
login authentication local_authen
transport preferred none
transport input telnet ssh

scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
ntp server 81.246.92.139
ntp server 81.246.92.140
ntp server 193.110.251.50
ntp server 93.94.105.122
end
+
0 Votes
NetMan1958

If you log in to your router and run a traceroute to something like yahoo.com, how far does it get and what is the ip address of the first hop?

+
0 Votes
robo_dev

Thus a router-behind-a-firewall router complicates things a lot.

Can you get to the web config page of the cable modem?

+
0 Votes
Jantje85

Seems you are correct.. traffic isn't getting anywhere..

It seems the problem was/is being caused by the default route.. :S
When I add the following to the configuration
ip route 0.0.0.0 0.0.0.0 fastEthernet 4

I end up with this route table:
Gateway of last resort is 0.0.0.0 to network 0.0.0.0

S* 0.0.0.0/0 is directly connected, FastEthernet4
81.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
...
After I again unset the default route I get this:
Gateway of last resort is 81.82.192.1 to network 0.0.0.0

S* 0.0.0.0/0 [254/0] via 81.82.192.1
81.0.0.0/8 is variably subnetted, 2 subnets, 2 masks

The routing tables are not otherwise affected, but it seems that specifying the default gateway breaks the routing of all WAN traffic; instead of being send out F4, it s going to into null...
I will need to be able to set 2 default routes though, one out the primary interface and a second out my backup interface at a higher cost.

Any ideas why simply manually adding a default route could break the routing?

+
1 Votes
NetMan1958

Remove any existing default route(s) and add:
ip route 0.0.0.0 0.0.0.0 dhcp

Post back with the results.

+
0 Votes
Jantje85

this leaves the default gateway to 81.82.192.1 (my cable modem) intact and I can still reach the WAN side..
Gateway of last resort is 81.82.192.1 to network 0.0.0.0

i think it also added an extra record to the routing table for my dialer..
213.49.94.0/32 is subnetted, 2 subnets
C 213.49.94.1 is directly connected, Dialer1
C 213.49.94.153 is directly connected, Dialer1

Will this handle the automatic fail-over entirely though..? as i understood it i needed 2 static routes with different weights and a echo probe to check the gateway on the cable (primary) interface..

+
0 Votes
NetMan1958

I did not see the Dialer interface in the config you posted. Maybe if you post your entire config I can get a better idea of what's going on.

+
0 Votes
Jantje85

This is the complete routing table at the moment (currently using the default route to 'dhcp' as you suggested; cf config):
Gateway of last resort is 81.82.192.1 to network 0.0.0.0

S* 0.0.0.0/0 [1/0] via 81.82.192.1
81.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 81.82.192.0/18 is directly connected, FastEthernet4
L 81.82.20?.???/32 is directly connected, FastEthernet4
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, BVI1
L 192.168.1.1/32 is directly connected, BVI1
192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.2.0/24 is directly connected, Dot11Radio0.2
L 192.168.2.1/32 is directly connected, Dot11Radio0.2
195.130.137.0/32 is subnetted, 1 subnets
S 195.130.137.10 [254/0] via 81.82.192.1, FastEthernet4
213.49.94.0/32 is subnetted, 2 subnets
C 213.49.94.1 is directly connected, Dialer1
C 213.49.94.153 is directly connected, Dialer1

And this is the entire config.. only keys and passwords have been left out.

version 15.1
no parser cache
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug uptime
service timestamps log uptime
service password-encryption
service sequence-numbers
!
hostname MCentral
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200
logging console notifications
!
aaa new-model
!
aaa authentication login local_authen local
aaa authentication ppp default local
aaa authorization exec default local
!
!
aaa session-id common
!
clock timezone WEST 1 0
clock summer-time WEST recurring
!
!
dot11 mbssid
dot11 syslog
dot11 vlan-name default vlan 1
dot11 vlan-name PubMWeb vlan 2
!
dot11 ssid MWeb
vlan 1
authentication open
authentication key-management wpa
mbssid guest-mode
! wpa-psk ascii 7 ******************
!
dot11 ssid PubMWeb
vlan 2
authentication open
authentication key-management wpa
mbssid guest-mode
! wpa-psk ascii 7 ******************
!
no ip source-route
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.1 192.168.1.20
ip dhcp excluded-address 192.168.2.1 192.168.2.10
ip dhcp excluded-address 192.168.1.240 192.168.1.254
!
ip dhcp pool MWeb
network 192.168.1.0 255.255.255.0
domain-name MWeb
default-router 192.168.1.1
dns-server 192.168.1.1
lease 30
!
ip dhcp pool PubNet
network 192.168.2.0 255.255.255.0
domain-name PubMWeb
default-router 192.168.2.1
dns-server 192.168.2.1
!
!
ip cef
no ip bootp server
ip domain name MWeb
ip name-server 8.8.8.8
ip name-server 208.67.222.222
ip name-server 8.8.4.4
ip name-server 208.67.220.222
ip inspect max-incomplete low 200
ip inspect max-incomplete high 400
ip inspect one-minute low 200
ip inspect one-minute high 400
ip inspect tcp synwait-time 15
ip inspect name FW1 appfw FW1
ip inspect name FW1 ftp timeout 3600
ip inspect name FW1 h323 timeout 3600
ip inspect name FW1 icmp timeout 360
ip inspect name FW1 netshow timeout 3600
ip inspect name FW1 rcmd timeout 3600
ip inspect name FW1 realaudio timeout 3600
ip inspect name FW1 rtsp timeout 3600
ip inspect name FW1 esmtp timeout 3600
ip inspect name FW1 sqlnet timeout 3600
ip inspect name FW1 streamworks timeout 360
ip inspect name FW1 tftp timeout 30
ip inspect name FW1 tcp timeout 3600
ip inspect name FW1 udp timeout 15
ip inspect name FW1 vdolive timeout 3600
ip inspect name FW1 https timeout 3600
ip inspect name FW1 dns timeout 60
no ipv6 cef
!
multilink bundle-name authenticated
!
vpdn enable
!
!
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
!
! Track the ICMP echo to our primary WAN interface gateway with a 20s delay
track 300 ip sla 2147483647 reachability
delay down 20
!
!
!
bridge irb
!
!
interface Null0
no ip unreachables
!
interface FastEthernet0
description Downlink to Private LAN Switch.
switchport mode trunk
no ip address
!
interface FastEthernet1
no ip address
!
interface FastEthernet2
no ip address
spanning-tree portfast
!
interface FastEthernet3
description WAN DSL interface through VLAN 5
switchport access vlan 5
no ip address
!
interface FastEthernet4
description WAN Cable Interface
ip address dhcp
ip access-group ACL-Internet-Inbound in
ip nat outside
ip inspect FW1 in
ip inspect FW1 out
ip virtual-reassembly in
duplex auto
speed auto
no cdp enable
!
interface Dot11Radio0
no ip address
no dot11 extension aironet
!
encryption vlan 1 mode ciphers aes-ccm
!
encryption vlan 2 mode ciphers aes-ccm
!
ssid MWeb
!
ssid PubMWeb
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
no cdp enable
!
interface Dot11Radio0.1
description Main Wireless by MWeb
encapsulation dot1Q 1 native
no cdp enable
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio0.2
description Guest Wireless by MWeb
bandwidth 2000
encapsulation dot1Q 2
ip address 192.168.2.1 255.255.255.0
ip access-group Guest-ACL in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip inspect FW1 out
ip virtual-reassembly in
no cdp enable
!
interface Vlan1
description Internal Private LAN
no ip address
bridge-group 1
bridge-group 1 spanning-disabled
!
interface Vlan5
description VLAN to isolate DSL dialer
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
pppoe-client dial-pool-number 1
!
interface Dialer1
description WAN link to Scarlet
ip address negotiated
ip access-group ACL-Internet-Inbound in
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip inspect FW1 in
ip inspect FW1 out
ip virtual-reassembly in
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
dialer-group 1
ppp authentication chap callin
! ppp chap hostname **************
! ppp chap password 7 **************
ppp ipcp dns request
ppp ipcp address accept
no cdp enable
!
interface BVI1
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip inspect FW1 out
ip virtual-reassembly in
!
ip forward-protocol nd
ip http server
ip http access-class 5
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
ip dns server
ip dns spoofing
ip nat pool DJanPool 192.168.1.10 192.168.1.10 netmask 255.255.255.0 type rotary
ip nat pool LServ1Pool 192.168.1.7 192.168.1.7 netmask 255.255.255.0 type rotary
ip nat inside source list 1 interface FastEthernet4 overload
ip nat inside source list 2 interface Dialer1 overload
ip nat inside destination list DJanF pool DJanPool
ip nat inside destination list LServ1F pool LServ1Pool
ip route 0.0.0.0 0.0.0.0 dhcp
!
! We need these for automatic failover, but they make Null0 our gateway of last resort
! breaking all WAN connectivity
!ip route 0.0.0.0 0.0.0.0 FastEthernet4 track 300
!ip route 0.0.0.0 0.0.0.0 Dialer1 250
!
ip access-list extended ACL-Internet-Inbound
remark Restrict access from the internet to the LAN.
permit udp any eq bootps any eq bootpc
permit udp any eq domain any
permit udp any eq ntp any eq ntp
permit icmp any any echo-reply
permit icmp any any time-exceeded
permit icmp any any unreachable
permit gre any any
permit esp any any
permit udp any any eq 8887
permit udp any any eq 41170
permit tcp any any range 10500 12500
permit tcp any any eq www
permit tcp any any eq 3306
permit tcp any any eq 5901
permit tcp any any eq 9418
deny ip 10.0.0.0 0.255.255.255 any
deny ip 172.16.0.0 0.15.255.255 any
deny ip 192.168.0.0 0.0.255.255 any
deny ip 127.0.0.0 0.255.255.255 any
deny ip host 255.255.255.255 any
deny ip host 0.0.0.0 any
deny ip any any log
ip access-list extended DJanF
permit udp any any eq 8887
permit udp any any eq 41170
permit tcp any any range 10500 12500
ip access-list extended Guest-ACL
deny ip host 255.255.255.255 any
deny ip 127.0.0.0 0.255.255.255 any
deny ip any 192.168.1.0 0.0.0.255
permit ip any any
ip access-list extended LServ1F
permit tcp any any eq smtp
permit tcp any any eq 3306
permit tcp any any eq 5901
permit tcp any any eq www
ip access-list extended object-track
permit icmp any host 81.82.192.1
!
! Send ICMP echos to our cable gateway..
ip sla 2147483647
icmp-echo 81.82.192.1 source-interface FastEthernet4
frequency 5
ip sla schedule 2147483647 life forever start-time now
logging esm config
logging trap notifications
access-list 1 remark Allow only the private VLAN access to the cable uplink.
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 2 remark Allow all VLANs access to the DSL line.
access-list 2 permit 192.168.1.0 0.0.0.255
access-list 2 permit 192.168.2.0 0.0.0.255
access-list 5 remark HTTP Access-class list
access-list 5 remark SDM_ACL Category=1
access-list 5 permit 192.168.1.0 0.0.0.255
access-list 5 deny any
dialer-list 1 protocol ip list 2
no cdp run
!
!
!Send the ICMP echos to Null0 when our primary WAN interface is down
route-map OT permit 300
match ip address object-track
set ip next-hop 81.82.192.1
set interface Null0
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
line con 0
login authentication local_authen
no modem enable
transport preferred none
transport output telnet
line aux 0
login authentication local_authen
transport output telnet
line vty 0 4
access-class 102 in
login authentication local_authen
transport preferred none
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
ntp server 81.246.92.139
ntp server 81.246.92.140
ntp server 193.110.251.50
ntp server 93.94.105.122
end

+
0 Votes
NetMan1958

if you leave the "ip route 0.0.0.0 0.0.0.0 dhcp" in and add only "ip route 0.0.0.0 0.0.0.0 Dialer1 250" ? What does the route table look like then?

+
0 Votes
Jantje85

It doesn't seem to have any effect as long as f4 remains up... once it goes down however, it sends all WAN traffic to the null interface again so no failover to dialer1..

This is the routing table with no changes other then the extra ip route..
Gateway of last resort is 81.82.192.1 to network 0.0.0.0

S* 0.0.0.0/0 [1/0] via 81.82.192.1
81.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 81.82.192.0/18 is directly connected, FastEthernet4
L 81.82.2??.???/32 is directly connected, FastEthernet4
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, BVI1
L 192.168.1.1/32 is directly connected, BVI1
192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.2.0/24 is directly connected, Dot11Radio0.2
L 192.168.2.1/32 is directly connected, Dot11Radio0.2
195.130.137.0/32 is subnetted, 1 subnets
S 195.130.137.10 [254/0] via 81.82.192.1, FastEthernet4
213.49.94.0/32 is subnetted, 2 subnets
C 213.49.94.1 is directly connected, Dialer1
C 213.49.94.153 is directly connected, Dialer1

This is the routing table with f4 unplugged:
Gateway of last resort is 0.0.0.0 to network 0.0.0.0

S* 0.0.0.0/0 is directly connected, Dialer1
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, BVI1
L 192.168.1.1/32 is directly connected, BVI1
192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.2.0/24 is directly connected, Dot11Radio0.2
L 192.168.2.1/32 is directly connected, Dot11Radio0.2
213.49.94.0/32 is subnetted, 2 subnets
C 213.49.94.1 is directly connected, Dialer1
C 213.49.94.153 is directly connected, Dialer1

+
0 Votes
NetMan1958

But then I've never tried to configure fail-over using DSL and/or dynamic IPs before. Let me think on this a little and I will try to come up with something.