Cisco 881G + Sierra Wireless + HSPA + IPSec VPN

There is a configuration of vpn site to site tunnel to place, where there is only gsm range, no possiblity to access the Internet by wires.

It was done by using   Cisco 881G (ios  15.1(4)M2) with  Sierra Wireless 504-G module (modem) and sim card from T-mobile.

First step is profile creation. In Poland you should use following details (01.2012): APN: eradata, authentication is PAP, username and password should be empty. It is impossible to use PAP and lef username and password empty so no matter what you enter here. Public IP address will be assigned automatically, independently where the router is.

This is step by step configuration:

1. profile configuration:

router#cellular 0 gsm profile create 1 eradata pap user pass

you can check this by show command:

router#sh cellular 0 profile
Profile 1 = ACTIVE*
——–
PDP Type = IPv4
PDP address = “address”
Access Point Name (APN) = eradata
Authentication = PAP
Username: user, Password: pass

* – Default profile

2. define ATDT command

chat-script internet “” “ATDT*99***1#” TIMEOUT 180 “CONNECT”

3. configure the line 3 interface. this is needed to call and you have to bind chat-script to this line:

line 3
exec-timeout 0 0
script dialer internet
modem InOut
no exec
transport input all

4. configure dialer interface.

interface Dialer1
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer idle-timeout 0
dialer string internet
dialer persistent
dialer-group 1
no cdp enable
crypto map SDM_CMAP

5. configure cellular interface. look at ppp pap refuse command – this means tah username and password will not be send.

interface Cellular0
no ip address
ip access-group 100 in
ip nat outside
ip inspect OUT_VPN out
ip virtual-reassembly in
encapsulation ppp
load-interval 60
dialer in-band
dialer pool-member 1
dialer-group 1
async mode interactive
ppp pap refuse
crypto map SDM_CMAP

a