After 5 hours of reading and one 10 minute TAC call...it's working! We will ultimately be using these for sites without an readily available WAN connection and/or sites that are mobile.
NOTE: We are using Version 15.2(2r)T with the system image file: c800-universalk9-mz.SPA.152-4.M4.bin.
Starting off...this line is required for this entire operation to work. The chat-script essentially tells the dialer how to call out. The "AT!CALL" portion is vendor specific. Since we are using Verizon, this is the part we must use. The number 1, following the AT!CALL tells the dialer which cellular profile to use.
As seen above, this is profile 1 (which is referenced in the chat-script) which is also the default. We did not have to change anything here to get this to work. The PDP type and the APN were pre-populated. The remainder of the information gets populated after connectivity is made.
Next, we will configure the cellular interface.
- ip address negotiated--We will receive our IP address from the ISP. This can be configured for static (or so I've read) if the the ISP is contacted.
- no ip unreachables--This is a security measure with the purpose of protecting the router's control plane from a DoS attack. If the Cisco IOS software receives a nonbroadcast packet destined for itself that uses a protocol it does not recognize, it sends an ICMP unreachable message to the source.
- ip nat outside--We are identifying this interface as the outside interface. We will be configuring an ip nat inside on the internal VLAN. Specifying the inside vs outside is necessary for NAT.
- encapsulation slip--This is the recommended encapsulation with Verizon.
- dialer in-band--This makes the cellular interface a dialer interface.
- dialer idle-timeout 0--This is the best practice when using the cellular interface as the primary WAN interface. Using an idle-timeout value of 0 basically says "Don't time me out, bro." The default value for this is 200 seconds.
- dialer string ltescript--This points to the chat-script string referenced earlier on.
- dialer watch-group 1--This points to the watch-group 1 described below. The point of this is to point to an arbitrary IP address for the cellular interface to come up. Without this command, we will have to initiate traffic (pinging from the router/end station) for the interface to come up. With this command in place, it will do so without human intervention.
- async mode interactive--Returns a line from dedicated asynchronous network mode to interactive mode, enabling the slip and ppp commands in privileged EXEC mode.
- dialer watch-list 1 ip 5.6.7.8 0.0.0.0--This is the "fake" ip address that the device uses to generate traffic to bring the cellular interface up.
- dialer watch-list 1 delay route-check initial 30--This command enables the router to check whether the primary route is up after the initial startup of the router is complete and the timer (in seconds) expires. Without this command, dialer watch is only triggered when the primary route is removed from the routing table. If the primary link fails to come up during initial startup of the router, the route is never added to the routing table and hence cannot be watched. Therefore, with this command, dialer watch will dial the backup link in the event of a primary link failure during the initial start up of the router. For our purposes, we don't have a second link..so this won't do anything unless we add one.
- dialer watch-list 1 delay connect 1--Configures a delay in dialing the secondary link when the primary link becomes unavailable. Again, this command won't be necessary.
Lastly, we need the following commands on the aux port line 3 (which is used by the cellular interface.
- script dialer ltescript--This references the chat-script "ltescript"
- modem InOut--This line is required to enable inbound/outbound calls to the modem.
Some helpful troubleshooting commands:
- sh cellular 0 hardware--From what I've read, the output would not be populated if there is an issue with the SIM card. For us, each line has a ~20 character identifier.
- sh cellular 0 security--This will show you the status of your SIM card. For us, ours was unlocked and did not require a pin. The command to unlock the SIM, should it be required, is cellular 0 lte sim unlock XXXX, with XXXX being the pin. You get 3 tries to unlock the SIM before you get locked out. If you are locked out, your ISP will need to be contacted.
Here is the output of the show cellular 0 security when we run it. If your SIM is locked, the SIM status will show "SIM Status = LOCKED."
- sh cellular 0 radio--This helps to show the LTE signal strength
Based off our current connection, we are currently getting the following network speeds:
