WAN DHCP Option 61

THayward
New here

WAN DHCP Option 61

I am currently configuring an MX64 on a VDSL connection in the UK,

I am using an off the shelf BT Open Reach VDSL Modem to provide PPPoE.

 

However the ISP in question (Sky Broadband) require DHCP Option 61 setting get an IP address.  However in the initial configuration I can't see where I can set this.

 

I can see on the clients existing equipment (Netgear Nighthawk) that there is a field to populate this, however can't see this on the MX64.

 

Ideally, I want to avoid utilising a double NAT with their existing router.

17 Replies 17
PhilipDAth
Kind of a big deal
Kind of a big deal

This goes into the DHCP request, and there is no way to configure this in Meraki.

 

I have never tried, but it "might" send the device name for option 61 (if it sends anything at all), so you could try naming your MX with the value you want sent.

ElliotW
New here

Hi, 

Did you ever solve this?

I am having the same problem, not custom DHCP options under PPPoe on the WAN..

Currently having to use my SKY hub in front of my MX, but having issues with double NAT..

Any info would be greatly appreciated,

cheers
Elliot

THayward
New here

Unfortunately I didn't.

I logged a support ticket to try and get a direct response.  I was told (after some interesting conversation) that this was not supported.

I have raised a feature request.

I am using a Netgear DM200 VDSL modem using a double NAT.  I am also having some issues, mainly around VPN, I can get a Site-to-Site VPN with Azure configured fine, however have major trouble with client VPN, so have resorted to a 3rd party solution for the time being.

Coming from traditional network solutions, I'm loving the Meraki experience, however whenever limitations arise (which unfortunately at the moment is quite often) I find it difficult to recommend the stack to clients based on their requirements.

Uberseehandel
Kind of a big deal

To get more control over what the modem/router ahead of the MX actually does, I have ordered a Draytek 2862-K. It handles IPv4 and IPv6 natively, and has a lot of flexibility with how NAT'ing is handled, a RADIUS server, and, at a price, there is a version with an inbuilt LTE modem. Be aware that Meraki does not fully hanle IPv6 yet; for example, some analytics will be missing.

I need this because the MX does not pass Source Specific Multicast correctly, and the Draytek does. But the MS switch in its default configuration does handle it, so I can just bypass the MX from the router to the switch and thence to the Playout device.

I have replaced my entire network stack three times this year. All the suppliers are well known Bay Area Corporations. It seems they just don't "get" how important it is to handle the TV feeds from the content providers. So instead of switching yet again, I've looked for ways around problems.

Robin St.Clair | Principal, Caithness Analytics | @uberseehandel
Antohind
Getting noticed

Hi guys 

 

I have a home broadband connection for SKY ISP and I have had all of these problems too i did manage to get a Cisco 887va configured and totally removed the SKy hub using a number of methods including hacking the chap username/password with Wireshark as it is in clear text format. 

 

Did you guys ever solve this issue with Meraki products I am really interested in using Meraki for my home network as a mini project but I can see already i am going to run into this issue before I even get hold of the equipment 😞

 

Any input would be appreciated

Uberseehandel
Kind of a big deal

Hi

You will find helpful information here - https://www.draytek.co.uk/support/guides/sky-mer-setup-guide 

 

I have different problems with BT TV Sport, which uses a form of multicast that is not currently handled by MX devices. My solution is to put a Router ahead of the MX and have the TV multicast connection bypass the MX. The MS switch does handle everything correctly.

 

Mod_SSM_Solution.jpg

There are cheaper solutions from the likes of Billion and Asus, but this one offers a lot of flexibity as far as NATing goes, IPv6 etc. and there is an option to have a LTE modem built in, for failover.

 

 

 

 

 

 

 

Robin St.Clair | Principal, Caithness Analytics | @uberseehandel
Antohind
Getting noticed

Hi Robin, 

Thanks for your input it appears the best solution would be to drop SKY lol ;0

I will have a look at the link posted 

 

Thanks 

 

Anthony 

Antohind
Getting noticed

Hi guys, 

 

I asked a question a while back here in regards to VDSL but cutting a lomng story short I am now using standard ADSL from SKY Broadband.

 

I have successfully configured a cisco 857 with the ADSL connection and replaced the SKY router modem but what I m asking is can any advise on the possibilty of putting the cisco 857 into a bridge mode and using the MX64 to handle all security. NAT, DHCP and port forwarding 

 

Thanks 

 

Anthony 

Uberseehandel
Kind of a big deal

Bridge mode - Cisco 857

 

 

Robin St.Clair | Principal, Caithness Analytics | @uberseehandel
Antohind
Getting noticed

Thanks @Uberseehandel i have been searching for hours messing around with a BT modem and my head literally burst when i realised it was for VDSL link 🙂

 

So as I already have the 857 running but very limited security features I thought it would be nice to utilise the MX64 I have 

 

Thanks

Uberseehandel
Kind of a big deal

Once you have the 857 running in pass through mode, I am sure you will have no difficulty configuring the MXto act as the router/security gateway.

 

I have run the MX using PPPoE/PPPoA with a modem in bridge mode and also connecting the WAN port on the MX to a LAN port on a different brand security device, that was routed straight out the WAN port. Both ways work fine.

 

Re Sky - 

 

  • The UK ISP Sky utilises Mac Encapsulated Routing (or MER) for its "Sky Fibre Broadband" (FTTC) VDSL2 Internet service and some "Sky Broadband" ADSL services – this uses details that would normally be supplied by the Sky router; which are included in DHCP requests from the router, to authenticate with the network and receive an IP address.
  • According to users, these details also work for Now TV (Broadband).
    These details are usually specific to the router supplied by Sky but it is possible to use another router with the Sky MER service if that router is able to provide DHCP option 60 and option 61 when making DHCP requests to the ISP.
  • This configuration does not require cloning the MAC address of the ISP router, which allows the DrayTek router to get its own DHCP IP lease and renew that without issue.
Robin St.Clair | Principal, Caithness Analytics | @uberseehandel
Antohind
Getting noticed

Thanks, 

 

Yeah to be honest I wasn't sure if my setup is using MER as when I configured the 857 it just took the username and password i extracted with Wireshark and appeared to work quite easily 

 

Hopefully this solution will work saves spending anymore money out 😉

 

Thanks 

 

Anthony 

Antohind
Getting noticed

Didn't have any luck with this last night 😞 

 

Will upload my configs It appears i am getting a solid green light on the CD on the Cisco 857 but when inputting the username and password into the Meraki it doesn't appear to do anything when using 

 

debug ppp packet

debug ppp authentication 

 

Also there are no rx packets in the dsl atm outputs something is going out but not coming back 😞

Antohind
Getting noticed

hostname Router

!

boot-start-marker

boot-end-marker

!

enable password 1234

!

no aaa new-model

!

!

dot11 syslog

!

!

ip cef

!

!

!

!

!

archive

log config

hidekeys

!

!

!

!

!

interface ATM0

no ip address

no ip route-cache cef

no ip route-cache

no atm ilmi-keepalive

pvc 0/38

encapsulation aal5snap

!

dsl operating-mode auto

bridge-group 1

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

!

interface Vlan1

no ip address

no ip route-cache cef

no ip route-cache

bridge-group 1

!

ip forward-protocol nd

!

no ip http server

no ip http secure-server

!

!

control-plane

!

bridge 1 protocol ieee

!

line con 0

logging synchronous

no modem enable

transport output all

line aux 0

line vty 0 4

password 1234

login

transport input all

transport output all

!

scheduler max-task-time 5000

end

 

Antohind
Getting noticed

Do you think it would be possible to use half bridge mode on the Cisco 857 and then use the MX for everything else ?

using a config like this below for example;

bridge irb
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
dsl operating-mode auto
bridge-group 1
!
!
interface Vlan1
no ip address
ip tcp adjust-mss 1452
bridge-group 1
!
interface Dialer0
ip address negotiated
no ip redirects
encapsulation ppp
no ip mroute-cache
dialer pool 1
no cdp enable
ppp chap hostname myusername@myisp.net
ppp chap password 0 mypassword
!
interface BVI1
ip address x.x.x.170 255.255.255.248
!
ip route 0.0.0.0 0.0.0.0 Dialer0
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
!
Uberseehandel
Kind of a big deal

You may find this helpful.

 

 

 

 

Robin St.Clair | Principal, Caithness Analytics | @uberseehandel
Antohind
Getting noticed

Hi @Uberseechandel

Thanks for the link this is the config I have previously tried but the MX doesn't seem to connect or initiate the PPPOE connection

I can get the CD light to stay solid green but nothing els is going on I will try this again now and see if it works

Thanks

Anthony
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels