Understanding and Configuring a HWIC-3G-GSM
May 12, 2010Apologies for the long absence from posting. I find myself without any hours left in a day before I got to everything I wanted to do. And before you know it, more than a month has gone past.
In my previous post I presented a quick solution to an Out-of-Band network and I talked about some options. I’ve had mails asking how to show some of the configurations. I’ll cover those and do other posts I have been promising in the next couple days.
This post will focus on the current Cisco 3G WAN card, the HWIC-3G-GSM. This card is supported by Cisco’s 1841, 1861, 2800-series and 3800-series ISR routers. This card only supports High-Speed Downlink Packet Access (HSDPA) “up to” 3.6 Mb/s downlink, 384 kb/s uplink (presumably HSDPA Category 5/6, but not sure)
“3G” is a broad category of standards and services around “broadband” mobile wireless voice and data. Universal Mobile Telecommunications System (UMTS) is part of this family. High Speed Packet Access (HSPA) is a collection of mobile telephony protocols that extend and improve the performance of existing UMTS protocols. Two standards, HSDPA and HSUPA have been established and is fairly well known.
Three components are required to use a 3G data connection: a SIM, a radio modem, and a router. The SIM identifies the subscriber (that is you the human) for billing and so forth. The radio modem does the hard work in providing physical layer (Layer1) access to the local 3G base station. The router typically uses PPP as the Layer2 data link to the provider’s Network Access Server (NAS), and from there is connected to the provider’s Layer3 network (which may be a private VPN, or public Internet).
The cellular modem must establish a data call, then once connected a PPP session is established to the providers NAS. The cellular modem still requires age-old AT commands to make that call, and additionally to interrogate the SIM, etc. Cisco IOS provides an interface to a handful of modem features via the “cellular” exec command and a chat script(s). Note that AT commands can only be issued when the modem is idle (not in a call).
The modem is configured with at least one “profile” which stores an Access Point Name (APN) and optionally a username and password. This profile is then “dialled” to establish the connection similar to using a traditional phone number. These modem profiles are stored on the modem and NOT on the routers NVRAM or flash. Note that a modem profile and an IOS dialer profile are two separate things.
The HWIC-3G-GSM is just a Sierra Wireless MC8775 modem sold in a HWIC form factor with a Cisco Logo on it. The modem is presented in Cisco IOS as two interfaces:
- Low-speed asynchronous “control” interface which communicates with the modem.
#line x/x/x
- High-speed synchronous interface connecting to the cellular providers network.
#interface cellular x/x/x
Yes that means you can actually do a reverse telnet to the modem, and configure the AT commands natively. Should you do it? NO, unless you know what you doing.
There is also a physical “diag” port (refer to the picture above) on the front of the WIC for low level debugging of the modem. That is just to tease you. You need proprietary software to use that port.
Enough boring stuff. The HWIC-3G-GSM card has RSSI (Received Signal Strength Indication) LED in the front, (refer to picture again) to indicate the 3G signal strength. The index is as follow:
- Solid Yellow: No service
- Off – Low RSSI (under -100 dBm)
- Slow Green Blink: Low or medium RSSI (-99 to -90 dBm)
- Fast Green Blink: Medium RSSI (-89 to -70 dBm) [ideally this should be a minimum]
- Solid Green: High RSSI (-69 dBm or higher)
.
Configuring this simple little card.
Firstly the 3G-GSM card requires at least Cisco IOS 12.4(15)T1 but I would recommend a higher version for stability purposes.
For the Cisco-1841 I downloaded c1841-advipservicesk9-mz.124-24.T3.bin because I needed the extra IOS features.
By default most new SIM cards are protected with a PIN code before they could be used (This per Session). This PIN code should be disabled when used with a HWIC-3G-GSM.
To see if the SIM card has a PIN code active issue the following command:
sh cellular 0/0/0 security '!! HWIC insert to slot 0 !!'
To remove the PIN issue the following command:
cellular 0/0/0 gsm sim unlock 1234 ' !!Enter the PIN !!'
Then issue the previous show command again to get a output similar to this:
.
Next the actual configuration which is required. This configuration might vary based on the cellular provider used (chat-script). Secondly how you plan on using it, tunnel types or plain etc. I will show the config I used to connect to Vodacom South-Africa and using a straight forward cellular interface to connect to anthe Vodacom Internet APN. A PPP tunnel or dialer interface could also be used but it all depends on what you want to accomplish.
I will explain the configuration I used where needed:
Firstly define your providers AT command in a chat-script
! chat-script gsm "" "ATDT*99#" TIMEOUT 30 CONNECT !
Next you need to configure your line information:
line 0/0/0 '<---This will depend on what slot the card uses' exec-timeout 0 0 script dialer GSM '<---Calls the chat-script' modem InOut no exec transport preferred none transport output none
Then the interface and NAT and other configurations
username 3g-hwic password password '<--- Specifies the username and password used' ! ' either locally or for the APN' ! dialer-list 2 protocol ip permit '<--- Specifies interesting traffic to bring up the dialer' ! interface Loopback0 ip address 172.16.1.1 255.255.255.255 ! interface FastEthernet0/0 description INSIDE ip address 10.0.0.1 255.255.255.0 ip nat inside '<--- NAT needed when coming from private addresses' ip virtual-reassembly ! interface Cellular0/0/0 description APN-FACING ip address negotiated '<--- The NAS will issue your card an IP address' ip nat outside ip virtual-reassembly encapsulation ppp dialer in-band dialer idle-timeout 0 dialer string GSM '<--- Again uses the chat-script' dialer-group 2 '<--- References the dialer-list (interesting traffic)' async mode interactive ppp chap hostname 3g-hwic '<--- Username and password is required.' ppp chap password password '<--- Local or Providers APN' ppp ipcp dns request ! ip nat inside source list 2 interface Cellular0/0/0 overload ip route 0.0.0.0 0.0.0.0 Cellular0/0/0 ! access-list 2 permit any
(You might ask why I configured the username and passwords I did above? That is still required, even if it is just used locally.)
(But what if you must authenticate to the cellular provider? Then all that is needed extra is to define the APN username and password in the modem profile below.)
.
Lastly the APN must be specified in the modem profile (Here I connected to the Vodacom APN “internet” without any authentication as Vodacom does not require any.
VODACOM#cellular 0/0/0 GSM profile create 1 internet Profile 1 will be created with the following values: APN = unrestricted Are you sure? [confirm] Profile 1 written to modem
.
Verify the profile:
VODACOM#sh cellular 0/0/0 profile Profile 1 = INACTIVE* '<--- NOTE inactive, Cellular still down' -------- PDP Type = IPv4 Access Point Name (APN) = internet Authentication = None Username: Password:
.
Since we using a DDR config, the Cellular interface will only be brought up if there is interesting traffic, either real traffic or traffic created by IP SLA or from the command line.
VODACOM#ping 168.210.2.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 168.210.2.2, timeout is 2 seconds: ...!! Success rate is 40 percent (2/5), round-trip min/avg/max = 92/106/120 ms *Mar 3 10:37:58.499: %LINK-3-UPDOWN: Interface Cellular0/0/0, changed state to up
.
Verify the profile again to confirm all is working:
VODACOM#sh cellular 0/0/0 profile Profile 1 = ACTIVE* '<--- NOTE now its active, Cellular is up' -------- PDP Type = IPv4 Access Point Name (APN) = internet Authentication = None Username: Password:
Our modem used to disconnect sometimes or was not willing to connect. Clear interface, clear dialer, shutdown methods would not help. In this case the modem must be reset or restarted (if you want to avoid a router reload)
(config)#service internal
(config)#exit
#test cellular 0/0/0 modem-reset
or
(config)#service internal
(config)#exit
#test cellular 0/0/0 modem-power-cycle
(this is better)
So why not automate the process? (-:
event manager applet 3G-reset
event syslog occurs 3 pattern “UNBIND: Interface Ce0/./0 unbound from profile Di0″ period 300
action 1.0 cli command “enable”
action 2.0 cli command “configure terminal”
action 3.0 cli command “service internal”
action 4.0 cli command “end”
action 5.0 cli command “test cellular 0/1/0 modem-power-cycle”
action 6.0 syslog msg “EEM Cellular modem power cycled”
The generalized AT command is:
ATD*gprs_sc*CID#
where gprs_sc can be
99 (GPRS Service Code) a digit string (value 99) that identifies a request to use the Packet Domain service.
98 (GPRS Service Code) a digit string (value 98) that identifies a request to use the IP service
CID (PDP Context Identifier) is the profile number (1..16). There can be multiple profiles in the modem. Apparently, 1 is the default and *1 can be omitted.
So ATD*99*1# or the simpler ATD*99# are the most common dial strings.
Your modem should not disconnect without intervention.
It sounds like the keep alive signal might be incompatible between your modem firmware and your cellular provider.
Although the EEM srcipt is a nice quick hack, I would suggest you contact your cellular provider to enquire what hardware version they require for their equipement.
Keep in mind different Providers use different firmwares, and some dont support the Sierra Wireless MC8775 modem.
Refer to this link:
http://www.cisco.com/en/US/prod/routers/networking_solutions_products_genericcontent0900aecd80601f7e.html
Then I would suggest changing your firware to the compatible version.
Refer to this URL on the step
http://www.cisco.com/en/US/partner/docs/routers/access/1800/1861/software/feature/guide/3ghwic.html
Ps watch text wrapping
HTH
Hi, I have a 3G-HWIC-GSM card in a 2811 router with the latest IOS. I am trying to set it up as a DDR link but even just trying to get it set up with MTN for testing purposes as a main link all that happens is the link goes up and down the whole time. When I use the simcard in a normal USB modem it works perfectly.
Not sure where to look anymore and any help will be appreciated.
What hardware version is your radio?
MTN requires v1.1.9.33, and suggests using either IOS 12.4(22)YB4 or 15.0(1)M. I personally would use 15.0(1)M.
(I personally have not tested MTN’s 3G with the 3G-GSM.
Another suggestion I might add to rule out hardware is to try a Vodacom sim. I used the Vodacom ‘unrestricted’ APN, but your testing for outbound/uptime should be fine on their ‘internet’ APN. (Note that a Vodacom sim must be activated (free) for their ‘unrestricted’ APN).
If the Vodacom sim works fine, I would suggest contacting MTN corporate and request their assistance connecting to their gateways with the 3G-GSM card.
Hth, else shout
HI
I am currently trying to setup two 3g cards on one router, for failover purposes. I get the “primary” 3g card connected, but cannot failover the routing to the 2nd cards, have you or do you know of possible configs for that.
I’m assuming you got both interfaces up, each getting an IP and its own connectivity to the big bad net? What router are you using?
See the problem with what you are trying is more with return routing than it is with outgoing.
It’s will be a messy solution since you have different return ranges routed, but to some degree is possible.
You will have to rely on NAT out each interface.
But send me a mail with your configs. I’ll see if I can assist.
I can get the interfaces to come up, primary works, when i shut the primary to get traffic routed via secondary it looks like the natting or routing is not 100%
cisco 1841
(C1841-IPBASE-M), Version 12.4(15)T9
ip nat inside source list 101 interface Cellular0/0/0 overload
ip nat inside source static tcp 10.20.20.2 21 interface Cellular0/0/0 21
ip nat inside source static tcp 10.20.20.2 80 interface Cellular0/0/0 80
ip nat inside source static tcp 10.20.20.2 443 interface Cellular0/0/0 443
ip nat inside source static udp 10.20.20.2 5001 interface Cellular0/0/0 5001
ip nat inside source static udp 10.20.20.2 5002 interface Cellular0/0/0 5002
ip nat inside source static tcp 10.20.20.2 23 interface Cellular0/0/0 23
ip nat inside source static tcp 10.20.20.1 23 interface Cellular0/0/0 2323
ip nat inside source list 111 interface Cellular0/1/0 overload
!
access-list 1 permit any
access-list 2 permit any
interface Cellular0/0/0
ip address negotiated
ip access-group 100 in
ip nbar protocol-discovery
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
dialer in-band
dialer idle-timeout 2147483
dialer string gsm
dialer-group 1
async mode interactive
ppp chap hostname ———
ppp chap password 0 ——-
!
interface Cellular0/1/0
ip address negotiated
ip access-group 101 in
ip nbar protocol-discovery
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
dialer in-band
dialer idle-timeout 2147483
dialer string gsm1
dialer-group 1
async mode interactive
ppp chap hostname ———-
ppp chap password 0 ———-
line 0/0/0
exec-timeout 0 0
password void
script dialer gsm1
login
modem InOut
no exec
speed 384000
line 0/1/0
exec-timeout 0 0
password void
script dialer gsm1
login
modem InOut
no exec
speed 384000
interface Dialer1
no ip address
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Cellular0/0/0 name Default_Route
ip route 0.0.0.0 0.0.0.0 Cellular0/1/0 20 name Backup_Route
2 sims primary active:
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
192.168.128.0/32 is subnetted, 1 subnets
C 192.168.128.77 is directly connected, Cellular0/0/0
10.0.0.0/24 is subnetted, 1 subnets
C 10.20.20.0 is directly connected, FastEthernet0/0
S* 0.0.0.0/0 is directly connected, Cellular0/0/0
INFHO-RTR-CPT#ping 196.41.197.18
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 196.41.197.18, timeout is 2 seconds:
!!!!.
Success rate is 80 percent (4/5), round-trip min/avg/max = 364/381/400 ms
2 sims primary shut:
192.168.128.0/32 is subnetted, 1 subnets
C 192.168.128.74 is directly connected, Cellular0/1/0
10.0.0.0/24 is subnetted, 1 subnets
C 10.20.20.0 is directly connected, FastEthernet0/0
S* 0.0.0.0/0 is directly connected, Cellular0/1/0
INFHO-RTR-CPT#ping 196.41.197.18
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 196.41.197.18, timeout is 2 seconds:
…..
Success rate is 0 percent (0/5)
!
Please check the CEF tables too. (sh ip cef)
Has it the same behavior with ‘no ip cef’?