Apologies for the long absence from posting. I find myself without any hours left in a day before I got to everything I wanted to do. And before you know it, more than a month has gone past.
In my previous post I presented a quick solution to an Out-of-Band network and I talked about some options. I’ve had mails asking how to show some of the configurations. I’ll cover those and do other posts I have been promising in the next couple days.
This post will focus on the current Cisco 3G WAN card, the HWIC-3G-GSM. This card is supported by Cisco’s 1841, 1861, 2800-series and 3800-series ISR routers. This card only supports High-Speed Downlink Packet Access (HSDPA) “up to” 3.6 Mb/s downlink, 384 kb/s uplink (presumably HSDPA Category 5/6, but not sure)
“3G” is a broad category of standards and services around “broadband” mobile wireless voice and data. Universal Mobile Telecommunications System (UMTS) is part of this family. High Speed Packet Access (HSPA) is a collection of mobile telephony protocols that extend and improve the performance of existing UMTS protocols. Two standards, HSDPA and HSUPA have been established and is fairly well known.
Three components are required to use a 3G data connection: a SIM, a radio modem, and a router. The SIM identifies the subscriber (that is you the human) for billing and so forth. The radio modem does the hard work in providing physical layer (Layer1) access to the local 3G base station. The router typically uses PPP as the Layer2 data link to the provider’s Network Access Server (NAS), and from there is connected to the provider’s Layer3 network (which may be a private VPN, or public Internet).
The cellular modem must establish a data call, then once connected a PPP session is established to the providers NAS. The cellular modem still requires age-old AT commands to make that call, and additionally to interrogate the SIM, etc. Cisco IOS provides an interface to a handful of modem features via the “cellular” exec command and a chat script(s). Note that AT commands can only be issued when the modem is idle (not in a call).
The modem is configured with at least one “profile” which stores an Access Point Name (APN) and optionally a username and password. This profile is then “dialled” to establish the connection similar to using a traditional phone number. These modem profiles are stored on the modem and NOT on the routers NVRAM or flash. Note that a modem profile and an IOS dialer profile are two separate things.
The HWIC-3G-GSM is just a Sierra Wireless MC8775 modem sold in a HWIC form factor with a Cisco Logo on it. The modem is presented in Cisco IOS as two interfaces:
- Low-speed asynchronous “control” interface which communicates with the modem.
- High-speed synchronous interface connecting to the cellular providers network.
#interface cellular x/x/x
Yes that means you can actually do a reverse telnet to the modem, and configure the AT commands natively. Should you do it? NO, unless you know what you doing.
There is also a physical “diag” port (refer to the picture above) on the front of the WIC for low level debugging of the modem. That is just to tease you. You need proprietary software to use that port.
Enough boring stuff. The HWIC-3G-GSM card has RSSI (Received Signal Strength Indication) LED in the front, (refer to picture again) to indicate the 3G signal strength. The index is as follow:
- Solid Yellow: No service
- Off – Low RSSI (under -100 dBm)
- Slow Green Blink: Low or medium RSSI (-99 to -90 dBm)
- Fast Green Blink: Medium RSSI (-89 to -70 dBm) [ideally this should be a minimum]
- Solid Green: High RSSI (-69 dBm or higher)
Configuring this simple little card.
Firstly the 3G-GSM card requires at least Cisco IOS 12.4(15)T1 but I would recommend a higher version for stability purposes.
For the Cisco-1841 I downloaded c1841-advipservicesk9-mz.124-24.T3.bin because I needed the extra IOS features.
By default most new SIM cards are protected with a PIN code before they could be used (This per Session). This PIN code should be disabled when used with a HWIC-3G-GSM.
To see if the SIM card has a PIN code active issue the following command:
sh cellular 0/0/0 security '!! HWIC insert to slot 0 !!'
To remove the PIN issue the following command:
cellular 0/0/0 gsm sim unlock 1234 ' !!Enter the PIN !!'
Next the actual configuration which is required. This configuration might vary based on the cellular provider used (chat-script). Secondly how you plan on using it, tunnel types or plain etc. I will show the config I used to connect to Vodacom South-Africa and using a straight forward cellular interface to connect to anthe Vodacom Internet APN. A PPP tunnel or dialer interface could also be used but it all depends on what you want to accomplish.
I will explain the configuration I used where needed:
Firstly define your providers AT command in a chat-script
! chat-script gsm "" "ATDT*99#" TIMEOUT 30 CONNECT !
Next you need to configure your line information:
line 0/0/0 '<---This will depend on what slot the card uses' exec-timeout 0 0 script dialer GSM '<---Calls the chat-script' modem InOut no exec transport preferred none transport output none
Then the interface and NAT and other configurations
username 3g-hwic password password '<--- Specifies the username and password used' ! ' either locally or for the APN' ! dialer-list 2 protocol ip permit '<--- Specifies interesting traffic to bring up the dialer' ! interface Loopback0 ip address 172.16.1.1 255.255.255.255 ! interface FastEthernet0/0 description INSIDE ip address 10.0.0.1 255.255.255.0 ip nat inside '<--- NAT needed when coming from private addresses' ip virtual-reassembly ! interface Cellular0/0/0 description APN-FACING ip address negotiated '<--- The NAS will issue your card an IP address' ip nat outside ip virtual-reassembly encapsulation ppp dialer in-band dialer idle-timeout 0 dialer string GSM '<--- Again uses the chat-script' dialer-group 2 '<--- References the dialer-list (interesting traffic)' async mode interactive ppp chap hostname 3g-hwic '<--- Username and password is required.' ppp chap password password '<--- Local or Providers APN' ppp ipcp dns request ! ip nat inside source list 2 interface Cellular0/0/0 overload ip route 0.0.0.0 0.0.0.0 Cellular0/0/0 ! access-list 2 permit any
(You might ask why I configured the username and passwords I did above? That is still required, even if it is just used locally.)
(But what if you must authenticate to the cellular provider? Then all that is needed extra is to define the APN username and password in the modem profile below.)
Lastly the APN must be specified in the modem profile (Here I connected to the Vodacom APN “internet” without any authentication as Vodacom does not require any.
VODACOM#cellular 0/0/0 GSM profile create 1 internet Profile 1 will be created with the following values: APN = unrestricted Are you sure? [confirm] Profile 1 written to modem
Verify the profile:
VODACOM#sh cellular 0/0/0 profile Profile 1 = INACTIVE* '<--- NOTE inactive, Cellular still down' -------- PDP Type = IPv4 Access Point Name (APN) = internet Authentication = None Username: Password:
Since we using a DDR config, the Cellular interface will only be brought up if there is interesting traffic, either real traffic or traffic created by IP SLA or from the command line.
VODACOM#ping 22.214.171.124 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 126.96.36.199, timeout is 2 seconds: ...!! Success rate is 40 percent (2/5), round-trip min/avg/max = 92/106/120 ms *Mar 3 10:37:58.499: %LINK-3-UPDOWN: Interface Cellular0/0/0, changed state to up
Verify the profile again to confirm all is working:
VODACOM#sh cellular 0/0/0 profile Profile 1 = ACTIVE* '<--- NOTE now its active, Cellular is up' -------- PDP Type = IPv4 Access Point Name (APN) = internet Authentication = None Username: Password: