Cisco 888G with KPN 3G connection
Something I don’t see and don’t do very often is the configuration of a router including a 3G connection. So this blog post helps me during the process of configuring future connections. For todays configuration I am using the Dutch carrier KPN to establish the 3G connection. As hardware I am using a Cisco 888G router with a PCEX-3G-HSPA-G module. The most difficult during the configuration is the retrieval of the correct provider information. For this KPN connection is used the following credentials:
- – APN name: fastinternet
- – PPP CHAP username: <empty>
- – PPP CHAP password: <empty>
- – DNS: ns1.kpn-gprs.nl (62.133.126.28) & ns2.kpn-gprs.nl (62.133.126.29)
Don’t forget to use the above DNS servers when using a 3G connection from KPN. All other DNS servers, including Google’s DNS servers, won’t work.
The SIM card is locked by default with a password, so I first needed to unlock the SIM card. The unlocking of the SIM is accomplished with the following command:
router#cellular 0 gsm sim unlock <pin code>
The next thing to do is creating a gsm modem profile. With the modem profile you can configure different profiles with different APN, authentication, username and password combinations. For my connection I only need to specify the APN name, like shown below:
router#cellular 0 gsm profile create 1 fastinternet
Another important step is the configuration of a chat-script. The chat-script is used to define the Attention Dial Tone (ATDT) commands when the dialer is initiated. For gsm connections, the script always has the following syntax:
router(config)#chat-script <script name> “” “ATDT*99*<modem profile number>#” TIMEOUT <timeout value> CONNECT
Getting back to my configuration I configured the following chat-script:
router(config)#chat-script gsm-chat-script “” “ATDT*99*1#” TIMEOUT 30 “CONNECT”
Next you need to configure regular dial-on-demand (DDR) routing for the cellular interface. My cellular interface is used as the primary internet connection, so I included the necessary NAT statements on the interfaces.
interface Cellular0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer in-band
dialer pool-member 1
async mode interactive!
interface Dialer1
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer idle-timeout 0
dialer string gsm-chat-script
dialer persistent
ppp chap hostname <APN name>
ppp chap password 0 <provider password>
ppp ipcp dns request
no cdp enable!
dialer-list 1 protocol ip permit
The last two steps involve the configuration of a default route and line configuration mode. I configure a regular default route with the Dialer 1 interface as next-hop interface. The line configuration mode, includes the following commands for the KPN connection.
line 3
script dialer gsm-chat-script
modem InOut
no exec
rxspeed 7200000
txspeed 5760000
That’s it. Just configure a routed or VLAN interface. Some NAT and ACL statements and you are ready to go. You can use several
show cellular 0 <commands>
commands for troubleshooting or information about your connection.
René Jorissen
Latest posts by René Jorissen (see all)
- MacOS Big Sur and SSLKEYFILELOG - November 23, 2021
- ClearPass, Azure AD, SSO and Object ID - August 12, 2021
- ClearPass – custom MPSK - July 20, 2021
Bedankt voor dit artikel, ik had het bijna opgegeven!
Hey Barry,
Altijd goed om te horen dat een artikel ook toegevoegde waarde heeft voor andere mensen ;-)
And just some thoughts/comments from my side:
(I was setting up a Cisco 881)
– For the APN I used ‘internet’ instead of ‘fastinternet’, both do work however.
– For the ATDT command I used what was proposed by the Cisco Configuration Professional tool:
chat-script gsm “” “ATDT*98*1#” TIMEOUT 60 “CONNECT”
Although again, ATDT*99*1# did work as well.
The most important command, the one that made the difference is:
ppp chap password 0 kpn
If I leave this out, the connection will not come up.
Very helpfull info.
1 Minor detail, I copied the exact line to my router, but the quotes you’re using did not get copied well.
Took me a while to figure that out, sunstituted them with “. :-)