kendingo
asked on
How to Configure a Cisco Router to a Standard T1
Hello Everyone,
I am in a bit of a pickle. I am halping out a friends company with implementing a T1 connection through Cavtel. We purchased the equipment that Cavtel suggested a 1721 router and a CSU/DSU T1 WIC. We installed this and started to configure it to Cavtel's specs and we are unable to get even basic network connectivity to the internet. What i mean by this is from interfacing with the router through telnet i can ping the LAN port and can Ping the WAN port. I can not Ping the DNS they provided me or any common internet IP addresses. When my first attempt out of the box did not work i looked on here to see if anyone else had the same problem and found one hit. I used some of the suggestions in the post to reconfigure the router but no luck.
Below I am going to put the configurations they told me to use and a sh config from the router. If anyone can lend me some insight as to why this is not working properly i would really appreciate it.
Info from Cavtel:
CSU Information:
Clock Source: line
Channels: 1-24
Channel Rate/Speed 64k
Framing: ESF
Line Coding: B8ZS
Router Information:
Your T1 Serial Port should be configured as follows
Encapsulation: PPP
T1 Serial/WAN interface
Serial or WAN IP Address: xx.xx.8.142
Subnet Mask: 255.255.255.252
LAN IP Address: xx.xx.10.209
Subnet Mask: 255.255.255.248
Gateway or Remote IP: xx.xx.8.141
Your routed IP range in CIDR Notation: xx.xx.10.208/29
Usable range: xx.xx.10.210-214
Subnet Mask: 255.255.255.248
Our outgoing mail server is: smtp.cavtel.net
Our DNS Servers for your use are:
64.83.0.10 and 64.83.1.10
This is word for word what i was given by cavtel.
from Router Show Config
sh config
Using 969 out of 29688 bytes
!
! Last configuration change at 19:08:27 UTC Thu Jan 6 2005
! NVRAM config last updated at 19:08:34 UTC Thu Jan 6 2005
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ParagonRT
!
boot-start-marker
boot-end-marker
!
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no aaa new-model
ip subnet-zero
ip cef
!
!
!
no ftp-server write-enable
!
!
!
!
interface FastEthernet0
ip address 67.62.10.209 255.255.255.248
ip nat inside
speed auto
half-duplex
!
interface Serial0
ip address 67.62.8.142 255.255.255.252
encapsulation ppp
service-module t1 timeslots 1-24
!
router rip
redistribute connected
network 67.0.0.0
network 192.168.0.0
!
ip classless
no ip http server
!
dialer-list 1 protocol ip permit
!
line con 0
line aux 0
line vty 0 4
!
!
end
from router show int S0
ParagonRT#sh int s0
Serial0 is up, line protocol is up
Hardware is PQUICC with Fractional T1 CSU/DSU
Internet address is 67.62.8.142/30
MTU 1500 bytes, BW 1536 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open
Open: CDPCP, IPCP, loopback not set
Last input 00:00:38, output 00:00:05, output hang never
Last clearing of "show interface" counters 2d00h
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/1/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 1152 kilobits/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
31292 packets input, 1838907 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
57 input errors, 3 CRC, 41 frame, 0 overrun, 0 ignored, 13 abort
31061 packets output, 1599287 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
from router sh ip route
ParagonRT# sh ip int briefe
Interface IP-Address OK? Method Status Protocol
FastEthernet0 67.62.10.209 YES manual up up
Serial0 67.62.8.142 YES manual up up
I feel i have set this up correctly and cavtel may have given me bad information, like this is realy a fram-relay T1, or just bad IP info. PLease double check these settings and let me know.
I am in a bit of a pickle. I am halping out a friends company with implementing a T1 connection through Cavtel. We purchased the equipment that Cavtel suggested a 1721 router and a CSU/DSU T1 WIC. We installed this and started to configure it to Cavtel's specs and we are unable to get even basic network connectivity to the internet. What i mean by this is from interfacing with the router through telnet i can ping the LAN port and can Ping the WAN port. I can not Ping the DNS they provided me or any common internet IP addresses. When my first attempt out of the box did not work i looked on here to see if anyone else had the same problem and found one hit. I used some of the suggestions in the post to reconfigure the router but no luck.
Below I am going to put the configurations they told me to use and a sh config from the router. If anyone can lend me some insight as to why this is not working properly i would really appreciate it.
Info from Cavtel:
CSU Information:
Clock Source: line
Channels: 1-24
Channel Rate/Speed 64k
Framing: ESF
Line Coding: B8ZS
Router Information:
Your T1 Serial Port should be configured as follows
Encapsulation: PPP
T1 Serial/WAN interface
Serial or WAN IP Address: xx.xx.8.142
Subnet Mask: 255.255.255.252
LAN IP Address: xx.xx.10.209
Subnet Mask: 255.255.255.248
Gateway or Remote IP: xx.xx.8.141
Your routed IP range in CIDR Notation: xx.xx.10.208/29
Usable range: xx.xx.10.210-214
Subnet Mask: 255.255.255.248
Our outgoing mail server is: smtp.cavtel.net
Our DNS Servers for your use are:
64.83.0.10 and 64.83.1.10
This is word for word what i was given by cavtel.
from Router Show Config
sh config
Using 969 out of 29688 bytes
!
! Last configuration change at 19:08:27 UTC Thu Jan 6 2005
! NVRAM config last updated at 19:08:34 UTC Thu Jan 6 2005
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ParagonRT
!
boot-start-marker
boot-end-marker
!
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no aaa new-model
ip subnet-zero
ip cef
!
!
!
no ftp-server write-enable
!
!
!
!
interface FastEthernet0
ip address 67.62.10.209 255.255.255.248
ip nat inside
speed auto
half-duplex
!
interface Serial0
ip address 67.62.8.142 255.255.255.252
encapsulation ppp
service-module t1 timeslots 1-24
!
router rip
redistribute connected
network 67.0.0.0
network 192.168.0.0
!
ip classless
no ip http server
!
dialer-list 1 protocol ip permit
!
line con 0
line aux 0
line vty 0 4
!
!
end
from router show int S0
ParagonRT#sh int s0
Serial0 is up, line protocol is up
Hardware is PQUICC with Fractional T1 CSU/DSU
Internet address is 67.62.8.142/30
MTU 1500 bytes, BW 1536 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open
Open: CDPCP, IPCP, loopback not set
Last input 00:00:38, output 00:00:05, output hang never
Last clearing of "show interface" counters 2d00h
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/1/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 1152 kilobits/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
31292 packets input, 1838907 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
57 input errors, 3 CRC, 41 frame, 0 overrun, 0 ignored, 13 abort
31061 packets output, 1599287 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
from router sh ip route
ParagonRT# sh ip int briefe
Interface IP-Address OK? Method Status Protocol
FastEthernet0 67.62.10.209 YES manual up up
Serial0 67.62.8.142 YES manual up up
I feel i have set this up correctly and cavtel may have given me bad information, like this is realy a fram-relay T1, or just bad IP info. PLease double check these settings and let me know.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I will give that a try asap and let you know.
Also, since they specify clocking source as line add the command in interface config mode:
config t <return>
interface serial0 <return>
clock source line <return>
exit <>
the other defaults should work fine
harbor235
config t <return>
interface serial0 <return>
clock source line <return>
exit <>
the other defaults should work fine
harbor235
ASKER
Harbor,
Looks like adding the default route worked i can now ping outside resources. I am not at the physicial location so i can not verify internet connectivity until i get there.
I have one last question before i award you the points. We are implementing a Symantec Firewall also. from F0 on the router to the WAN port of the firewall i have a crossover cable. Is this the correct cable to use or do i need a standard patch cable?
Looks like adding the default route worked i can now ping outside resources. I am not at the physicial location so i can not verify internet connectivity until i get there.
I have one last question before i award you the points. We are implementing a Symantec Firewall also. from F0 on the router to the WAN port of the firewall i have a crossover cable. Is this the correct cable to use or do i need a standard patch cable?
If you are going to stay with a static route statement you are going to want to remove the 67 network from the RIP process. And it should us a standard cable, but depending on the interface it will use either.
-sean
-sean
You should not be running RIP on this router. It has no route 10 192.168.x.x, which in any case should not be advertised to the Internet, and it has no business announcing the whole 67.0.0.0/8 block either. The firewall should neither accept nor pass RIP traffic from the router, and the ISP already knows what addresses it has issued to you -- and hopefully has enough sense to ignore any you advertise in its direction.
The router and firewall are both layer 3 devices, so a cross-over cable is called for. Unless, that is, you install a hub or switch (layer 2 device) between them so you have a way to plug in and monitor Internet traffic outside the firewall.
The ISP has allocated you a public /29 block for server addresses, which currently you have configured on the LAN side of the router. Use a private range instead for the segment between the router and firewall. That way you can use static NAT on the firewall to map all six usable public addresses to server private addresses instead of using up two of them for this link.
(The firewall's default route should be the LAN-side address of the router. Clients' default gateway should be the LAN-side address of the firewall, which may or may not be the LAN DHCP server -- the router should not be, since the firewall separates it from the LAN.)
The router and firewall are both layer 3 devices, so a cross-over cable is called for. Unless, that is, you install a hub or switch (layer 2 device) between them so you have a way to plug in and monitor Internet traffic outside the firewall.
The ISP has allocated you a public /29 block for server addresses, which currently you have configured on the LAN side of the router. Use a private range instead for the segment between the router and firewall. That way you can use static NAT on the firewall to map all six usable public addresses to server private addresses instead of using up two of them for this link.
(The firewall's default route should be the LAN-side address of the router. Clients' default gateway should be the LAN-side address of the firewall, which may or may not be the LAN DHCP server -- the router should not be, since the firewall separates it from the LAN.)
ASKER
harbor thanks for the help, works great now.
penngwyn thanks for the security tip.
penngwyn thanks for the security tip.
harbor235