Cisco C881G 3G router configuration.

Firmware: c880data-universalk9-mz.153-3.M1.bin.

This document covers basic HWIC modem and cellular interface configuration example for Cisco 800-series 3G routers, configuration of IPSec tunnel with dynamic IP address of the peer, EEM applet to track GPS coordinates of the router and EEM applet to accept router commands sent as SMS messages.

Please note that EEM applet used in this article allows remote administration of you router using SMS messages. You can devise some SMS validation to harden this script.

1. Create GSM profiles.

We can configure our 3G router to use one of two GSM profiles created in this step. The SIM card used is from Vodafone Netherlands.

R1# cellular 0 gsm profile create 15 office.vodafone.nl
Profile 15 will be created with the following values:
PDP type = IPv4
APN = office.vodafone.nl
Are you sure? [confirm]
Profile 15 written to modem
R1#cellular 0 gsm profile create 4 live.vodafone.com

R1# show cellular 0 profile 15
Profile password Encryption level: 7

Profile 15 = INACTIVE
--------
PDP Type = IPv4
Access Point Name (APN) = office.vodafone.nl
Authentication = None
Username:
Password: 12

2. Activate the SIM card (if not activated).

R1#cellular 0 gsm sim activate slot 0
[Cellular0] Command failed: SIM 0 is already the active sim.

3. Tell the router which GSM profile should be used in the chat script.

Following configuration is default. We can tell to 3G router that we want to use profile 15 created in the first step.

R1(config)#multilink bundle-name authenticated
R1(config)#no chat-script hspa-R7 "" "AT!SCACT=1,1" TIMEOUT 60 "OK"
R1(config)#chat-script hspa-R7 "" "AT!SCACT=1,15" TIMEOUT 60 "OK"
R1(config)#license udi pid C881G+7-K9 sn FCZ1717C0EG
R1(config)#license boot module c880-data level advipservices
% use 'write' command to make license boot config take effect on next boot

4. Create a cellular controller.

Cellular controller should also use GSM profile 15 and SIM-card located in slot 0. Enable GPS if you need it.

R1(config)#controller Cellular 0
gsm sim profile 15 slot 0
gsm gps mode standalone
gsm gps nmea

5. Test SIM-card.

We can test our SIM-card sending an SMS message to and from the router.

R1# cellular 0 gsm sms send 0641247132 Test
*Dec 21 10:37:46.975: %CELLWAN-2-SMS_ARCH_PATH_UNCONFIGURED: Cellular0 failed to archive SMS because 'gsm|cdma|lte sms archive path' under cellular controller is not configured.
*Dec 21 10:37:46.975: %CELLWAN-5-OUTGOING_SMS_SENT: Cellular0 has just sent an outgoing SMS successfully.
*Dec 21 10:38:26.407: %CELLWAN-5-INCOMING_SMS: Cellular0 has just received new incoming SMS.
R1#cellular 0 gsm sms view 0
SMS ID: 0
TIME: 13/12/21 11:45:33
FROM: 31641247132
SIZE: 2
Ok

6. Configure Cellular interface.

R1(config)# int cellular 0
R1(config-if)# no ip address
R1(config-if)# no dialer string hspa-R7
R1(config-if)# ip virtual-reassembly in
R1(config-if)# encapsulation slip
R1(config-if)# dialer in-band
R1(config-if)# dialer pool-member 1 

7. Configure Dialer interface.

R1(config)# interface Dialer0
R1(config-if)# ip address negotiated
R1(config-if)# ip virtual-reassembly in
R1(config-if)# encapsulation ppp ## optional
R1(config-if)# dialer pool 1
R1(config-if)# dialer idle-timeout 0
R1(config-if)# dialer string hspa-R7
R1(config-if)# dialer persistent
R1(config-if)# dialer-group 1
*Dec 22 10:17:39.675: %LINK-3-UPDOWN: Interface Cellular0, changed state to up
*Dec 22 10:17:39.675: %DIALER-6-BIND: Interface Ce0 bound to profile Di0
*Dec 22 10:17:40.675: %LINEPROTO-5-UPDOWN: Line protocol on Interface Cellular0, changed state to up

8. Configure default route, NAT en inside interface.

We need to configure default route, NAT and inside interface. Probably you also need to configure DHCP sever, but it’s not covered in this article.

R1(config)#ip route 0.0.0.0 0.0.0.0 Dialer0
R1(config)#int Dialer0
R1(config-if)#ip nat outside
R1(config)#int Vlan1
R1(config-if)# ip address 10.200.80.1 255.255.255.0
R1(config-if)# ip nat inside
R1(config-if)# ip virtual-reassembly in
R1(config)# ip nat inside source route-map NAT interface Dialer0 overload
R1(config)# ip access-list extended NAT_ACL
R1(config-ext-nacl)# permit ip 10.200.80.0 0.0.0.255 any
R1(config)# route-map NAT permit 10
R1(config-route-map)# match ip address NAT_ACL

9. Verify modem configuration.

This should be the default configuration created by the router self.

line 3
 script dialer hspa-R7
 no exec
 rxspeed 21600000
 txspeed 5760000

10. Verify GSM and GPS connection.

At this point router is connected to the internet using 3G HWIC modem. We can verify it using ping and “show” commands.

R1#sh cellular 0 connection
Profile 4, Packet Session Status = ACTIVE
        IP address = 109.34.39.18
        Primary DNS address = 62.140.140.251
        Secondary DNS address = 62.140.138.233
        Negotiated QOS Parameters:
        Precedence = Normal Priority, Delay = Class 2
        Reliability = Unack GTP, LLC, Ack RLC, Protected data
        Peak = 256 kB/sec, Mean = 50000 kB/hr
        Traffic Class = Interactive
        Uplink Max = 5760kbps, Guaranteed = Subscribed
        Downlink Max = 42Mbps, Guaranteed = Subscribed
        Max SDU size = 1500 bytes
        SDU error ratio = 1E-4, BER = 1E-5

R1#sh cellular 0 profile 4
Profile password Encryption level: 7

Profile 4 = ACTIVE*
--------
PDP Type = IPv4
PDP address = 109.34.39.18
Access Point Name (APN) = office.vodafone.nl
Authentication = PAP
Username: vodafone
Password: 00121C02055D04080A
        Primary DNS address = 62.140.140.251
        Secondary DNS address = 62.140.138.233

 * - Default profile

R1#sh cellular 0 radio
Radio power mode = ON
Current Band = WCDMA 2100, Channel Number = 10588
Current RSSI = -76 dBm
Band Selected = Auto
Number of nearby cells = 1
Cell 1
        Primary Scrambling Code = 0x1CA
        RSCP = -75 dBm, ECIO = -6 dBm

R1#sh cellular 0 network
Current Service Status = Normal, Service Error = None
Current Service = Combined
Packet Service = HSPA+ (Attached)
Packet Session Status = Active
Current Roaming Status = Home
Network Selection Mode = Automatic
Country = NLD, Network = voda NL
Mobile Country Code (MCC) = 204
Mobile Network Code (MNC) = 4
Location Area Code (LAC) = 128
Routing Area Code (RAC) = 5
Cell ID = 18441
Primary Scrambling Code = 458
PLMN Selection = Automatic
Registered PLMN = vodafone NL , Abbreviated = voda NL
Service Provider =

R1#sh cellular 0 gps detail

GPS Info
-------------
GPS State: GPS enabled
GPS Mode Configured: standalone
GPS Error Count: 0
Latitude: 52 Deg 7 Min 38 Sec North
Longitude: 4 Deg 12 Min 48 Sec East
Timestamp (GMT): Sun Dec 22 09:55:05 2013

Fix type index: 1, Height: 50 m
Heading: 0, Velocity Horiz: 0, Velocity Vert: 0
HEPE: 1230 cm, GPS Mode Used: unknown, Positioning Source index invalid: 0
Uncertainty Info:
  Angle: 33 deg, A: 12 m, Position: 3 m, Vertical: 6 m
Satellite Info
----------------
Satellite #27, elevation 28, azimuth 147, SNR 31 *
Satellite #19, elevation 65, azimuth 165, SNR 27 *
Satellite #6, elevation 18, azimuth 149, SNR 26 *
Satellite #1, elevation 45, azimuth 275, SNR 25 *
Satellite #32, elevation 41, azimuth 202, SNR 24 *
Satellite #11, elevation 67, azimuth 275, SNR 23 *
Satellite #3, elevation 34, azimuth 161, SNR 22 *
Satellite #14, elevation 31, azimuth 94, SNR 22 *
Satellite #28, elevation 26, azimuth 306, SNR 19 *
Satellite #22, elevation 31, azimuth 57, SNR 19 *

R1#sh controllers cellular 0

Interface Cellular0
3G Modem-QuadBand HSPA+R7/HSPA/UMTS QuadBand EDGE/GPRS Global and GPS,
Cellular modem configuration:
---------------------------
GSM-Carrier Type  : Cellular GSM Global.
SKU (PRI) Value: 9900198    .

Modem is recognized as valid
manufacture id:  0x00001199     product id: 0x000068A3
Sierra Wireless Mini Card MC8705 HSPA+R7 modem.
Modem Uplink Speed = 5760 kbit.
Modem Downlink Speed = 21600 kbit.


Cellular Dual SIM details:
---------------------------

SIM 0 is present
SIM 0 is active SIM

11. Switch between GSM profiles.

We can use a different APN if we want. It’s done with following commands.

R1(config)#controller cellular 0
R1(config-controller)# gsm sim profile 4 slot 0
R1(config)#no chat-script hspa-R7 "" "AT!SCACT=1,15" TIMEOUT 60 "OK"
R1(config)#chat-script hspa-R7 "" "AT!SCACT=1,4" TIMEOUT 60 "OK"

12. Create IPSec VPN tunnel that will operate in aggressive mode.

Now we are online and need secure access to some central location. But there is a problem; our global IP address is different every time when we reset Dialer interface. Because of this dynamic IP address we go to use IPSec aggressive mode and identify our endpoint as “Goes-dynamic”.

R1(config)# crypto isakmp policy 1
R1(config-isakmp)# encr aes 256
R1(config-isakmp)# authentication pre-share
R1(config-isakmp)# group 5
R1(config)#crypto isakmp peer address 113.192.12.28
R1(config-isakmp-peer)# set aggressive-mode password 12K53oS4CrgoRXrtTdN
R1(config-isakmp-peer)# set aggressive-mode client-endpoint fqdn Goes-dynamic
R1(config)# crypto ipsec transform-set AES-SHA esp-aes esp-sha-hmac
R1(cfg-crypto-trans)# mode tunnel
R1(config)#crypto map VPN-Map 10 ipsec-isakmp
% NOTE: This new crypto map will remain disabled until a peer
        and a valid access list have been configured.
R1(config-crypto-map)# set peer 113.192.12.28
R1(config-crypto-map)# set transform-set AES-SHA
R1(config-crypto-map)# set pfs group5
R1(config-crypto-map)# match address Crypto-list
R1(config)#ip access-list extended Allow-Isakmp
R1(config-ext-nacl)# permit udp host 113.192.12.28 any eq isakmp
R1(config-ext-nacl)# permit esp host 113.192.12.28 any
R1(config)#ip access-list extended Crypto-list
R1(config-ext-nacl)# permit ip 10.200.80.0 0.0.0.255 10.0.0.0 0.255.255.255
R1(config-ext-nacl)# permit ip 10.200.80.0 0.0.0.255 172.21.0.0 0.0.255.255
R1(config-ext-nacl)# permit ip 10.200.80.0 0.0.0.255 172.22.0.0 0.0.255.255
R1(config-ext-nacl)# permit ip 10.200.80.0 0.0.0.255 172.25.0.0 0.0.255.255
R1(config-ext-nacl)# permit ip 10.200.80.0 0.0.0.255 192.168.0.0 0.0.255.255
R1(config)#int d0
R1(config-if)#ip access-group Allow-Isakmp in
R1(config-if)#crypto map VPN-Map
R1(config-if)#
*Dec 22 10:37:04.591: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is ON

13. Modify NAT access-list for encrypted connection with host 192.168.42.11 and unencrypted connection with all other hosts.

We need to create exclusions in NAT access-list to send traffic to some destinations over the IPSec tunnel. In this example only traffic destined to 192.168.42.11 will be send to the tunnel. We need more deny statements in NAT ACL to provide IPSec access to the rest of networks defined in Crypto-list.

ip access-list extended NAT_ACL
 deny   ip 10.200.80.0 0.0.0.255 host 192.168.42.11
 permit ip 10.200.80.0 0.0.0.255 any
 deny   ip any any

14. Modify Allow-Isakmp access-list to permit unencrypted access to the internet.

Access list created in step 12 allows only some traffic between our router and remote IPSec terminator. We need to create more permit rules to allow access to the internet.

ip access-list extended Allow-Isakmp
 permit udp host 113.192.12.28 any eq isakmp
 permit esp host 113.192.12.28 any
 permit tcp any any established
 permit icmp any any echo-reply
 permit udp any any
 deny   ip any any

15. Cisco ASA configuration. There are two differences between creation of dynamic and static IPSec tunnels.

We just need to create dynamic connection profile end dynamic crypto-map. All other configuration is the same as for static IPSec tunnel and not covered in this document.

Create dynamic connection profile:

Create dynamic crypto-map:

Now we are online with a working IPSec tunnel. We can power off our router, move to different location, get new global IP address and stay connected to the internet and central location through IPSec.

Also we have some time over, so can try to utilize some functional of our 3G router.

16. Track 3G router location using GPS coordinates.

We can let our 3G router to send his GPS coordinates as SNMP traps. There for we need to configure SNMP on the router to send traps to 65.11.34.5 and create an Embedded Event Manager (EEM) script that will run every 20 minutes.

Enable SNMP.

R1(config)# snmp-server engineID local 1212121212
R1(config)# snmp-server community public RO NMS
R1(config)# snmp-server location Somewhere
R1(config)# snmp-server enable traps event-manager
R1(config)# snmp-server host 65.11.34.5 version 2c public

Create EEM applet named GPS-Info.

R1(config)#event manager applet GPS-Info
R1(config-applet)# event timer cron cron-entry "*/20 * * * *"
R1(config-applet)# action 1.0 info type snmp oid 1.3.6.1.4.1.9.9.661.1.4.1.1.1.5.10 get-type exact
R1(config-applet)# action 1.2 set snmp_res1 "$_info_snmp_value"
R1(config-applet)# action 1.4 snmp-trap strdata "Long $snmp_res1"
R1(config-applet)# action 2.0 info type snmp oid 1.3.6.1.4.1.9.9.661.1.4.1.1.1.4.10 get-type exact
R1(config-applet)# action 2.2 set snmp_res2 "$_info_snmp_value"
R1(config-applet)# action 2.4 snmp-trap strdata "Lat $snmp_res2"

That's all we need to do. GPS coordinates will be send to our SNMP server every 20 minutes.

Sheck SNMP log.

$ tail -f snmptrapd.log
2013-12-22 14:41:40  [UDP: [10.200.80.1]:65354->[0.0.0.0]:0]:
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (1258613) 3:29:46.13   SNMPv2-MIB::snmpTrapOID.0 = OID: SNMPv2-SMI::enterprises.9.10.91.0.2    SNMPv2-SMI::enterprises.9.10.91.1.2.3.1.2.1 = Gauge32: 24       SNMPv2-SMI::enterprises.9.10.91.1.2.3.1.3.1 = Gauge32: 0      SNMPv2-SMI::enterprises.9.10.91.1.2.3.1.4.1 = Gauge32: 0 SNMPv2-SMI::enterprises.9.10.91.1.2.3.1.5.1 = Gauge32: 0        SNMPv2-SMI::enterprises.9.10.91.1.2.3.1.6.1 = ""        SNMPv2-SMI::enterprises.9.10.91.1.2.3.1.7.1 = STRING: "applet: GPS-Info "       SNMPv2-SMI::enterprises.9.10.91.1.2.3.1.9.1 = INTEGER: 0       SNMPv2-SMI::enterprises.9.10.91.1.2.3.1.10.1 = INTEGER: 0       SNMPv2-SMI::enterprises.9.10.91.1.2.3.1.11.1 = STRING: "Long 4 Deg 12 Min 48 Sec East"       SNMPv2-SMI::enterprises.9.10.91.1.2.3.1.13.1 = Gauge32: 0       SNMPv2-SMI::enterprises.9.10.91.1.2.3.1.14.1 = Gauge32: 0      SNMPv2-SMI::enterprises.9.10.91.1.2.3.1.15.1 = Gauge32: 0       SNMPv2-SMI::enterprises.9.10.91.1.2.3.1.16.1 = Gauge32: 0
2013-12-22 14:41:45  [UDP: [10.200.80.1]:65354->[0.0.0.0]:0]:
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (1258613) 3:29:46.13   SNMPv2-MIB::snmpTrapOID.0 = OID: SNMPv2-SMI::enterprises.9.10.91.0.2    SNMPv2-SMI::enterprises.9.10.91.1.2.3.1.2.2 = Gauge32: 24       SNMPv2-SMI::enterprises.9.10.91.1.2.3.1.3.2 = Gauge32: 0      SNMPv2-SMI::enterprises.9.10.91.1.2.3.1.4.2 = Gauge32: 0 SNMPv2-SMI::enterprises.9.10.91.1.2.3.1.5.2 = Gauge32: 0        SNMPv2-SMI::enterprises.9.10.91.1.2.3.1.6.2 = ""        SNMPv2-SMI::enterprises.9.10.91.1.2.3.1.7.2 = STRING: "applet: GPS-Info "       SNMPv2-SMI::enterprises.9.10.91.1.2.3.1.9.2 = INTEGER: 0       SNMPv2-SMI::enterprises.9.10.91.1.2.3.1.10.2 = INTEGER: 0       SNMPv2-SMI::enterprises.9.10.91.1.2.3.1.11.2 = STRING: "Lat 52 Deg 7 Min 38 Sec North"      SNMPv2-SMI::enterprises.9.10.91.1.2.3.1.13.2 = Gauge32: 0       SNMPv2-SMI::enterprises.9.10.91.1.2.3.1.14.2 = Gauge32: 0      SNMPv2-SMI::enterprises.9.10.91.1.2.3.1.15.2 = Gauge32: 0       SNMPv2-SMI::enterprises.9.10.91.1.2.3.1.16.2 = Gauge32: 0

17. Send IOS commands as SMS messages.

We can send commands to 3G router using SMS messages. Following EEM applet will wait for an incoming SMS, look for a string that starts with “00000”, remove these zeros en run the command following after these zeros in enable mode.

event manager applet "Command from SMS message"
 event syslog pattern ".*%CELLWAN-5-INCOMING_SMS*."
 action 1.0 cli command "en"
 action 1.5 cli command "cellular 0 gsm sms view all"
 action 2.0 regexp "00000(.*)" "$_cli_result" comm
 action 2.5 string trimleft $comm 00000
 action 3.0 cli command "en"
 action 3.5 cli command "$_string_result"
 action 4.0 cli command "cellular 0 gsm sms delete 0"