Link to home
Start Free TrialLog in
Avatar of kendingo
kendingoFlag for United States of America

asked on

How to Configure a Cisco Router to a Standard T1

Hello Everyone,

I am in a bit of a pickle. I am halping out a friends company with implementing a T1 connection through Cavtel. We purchased the equipment that Cavtel suggested a 1721 router and a CSU/DSU T1 WIC. We installed this and started to configure it to Cavtel's specs and we are unable to get even basic network connectivity to the internet. What i mean by this is from interfacing with the router through telnet i can ping the LAN port and can Ping the WAN port. I can not Ping the DNS they provided me or any common internet IP addresses. When my first attempt out of the box did not work i looked on here to see if anyone else had the same problem and found one hit. I used some of the suggestions in the post to reconfigure the router but no luck.

Below I am going to put the configurations they told me to use and a sh config from the router. If anyone can lend me some insight as to why this is not working properly i would really appreciate it.

Info from Cavtel:

CSU Information:
Clock Source: line
Channels: 1-24
Channel Rate/Speed 64k
Framing: ESF
Line Coding: B8ZS

Router Information:
Your T1 Serial Port should be configured as follows
Encapsulation: PPP

T1 Serial/WAN interface
Serial or WAN IP Address: xx.xx.8.142
Subnet Mask: 255.255.255.252

LAN IP Address: xx.xx.10.209
Subnet Mask: 255.255.255.248
Gateway or Remote IP: xx.xx.8.141

Your routed IP range in CIDR Notation: xx.xx.10.208/29
Usable range: xx.xx.10.210-214
Subnet Mask: 255.255.255.248

Our outgoing mail server is: smtp.cavtel.net
Our DNS Servers for your use are:
64.83.0.10 and 64.83.1.10

This is word for word what i was given by cavtel.

from Router Show Config
sh config
Using 969 out of 29688 bytes
!
! Last configuration change at 19:08:27 UTC Thu Jan 6 2005
! NVRAM config last updated at 19:08:34 UTC Thu Jan 6 2005
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ParagonRT
!
boot-start-marker
boot-end-marker
!
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no aaa new-model
ip subnet-zero
ip cef
!
!
!
no ftp-server write-enable
!
!
!
!
interface FastEthernet0
 ip address 67.62.10.209 255.255.255.248
 ip nat inside
 speed auto
 half-duplex
!
interface Serial0
 ip address 67.62.8.142 255.255.255.252
 encapsulation ppp
 service-module t1 timeslots 1-24
!
router rip
 redistribute connected
 network 67.0.0.0
 network 192.168.0.0
!
ip classless
no ip http server
!
dialer-list 1 protocol ip permit
!
line con 0
line aux 0
line vty 0 4
!
!
end

from router show int S0
ParagonRT#sh int s0
Serial0 is up, line protocol is up
  Hardware is PQUICC with Fractional T1 CSU/DSU
  Internet address is 67.62.8.142/30
  MTU 1500 bytes, BW 1536 Kbit, DLY 20000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation PPP, LCP Open
  Open: CDPCP, IPCP, loopback not set
  Last input 00:00:38, output 00:00:05, output hang never
  Last clearing of "show interface" counters 2d00h
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: weighted fair
  Output queue: 0/1000/64/0 (size/max total/threshold/drops)
     Conversations  0/1/256 (active/max active/max total)
     Reserved Conversations 0/0 (allocated/max allocated)
     Available Bandwidth 1152 kilobits/sec
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     31292 packets input, 1838907 bytes, 0 no buffer
     Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
     57 input errors, 3 CRC, 41 frame, 0 overrun, 0 ignored, 13 abort
     31061 packets output, 1599287 bytes, 0 underruns
     0 output errors, 0 collisions, 0 interface resets
     0 output buffer failures, 0 output buffers swapped out
     0 carrier transitions
     DCD=up  DSR=up  DTR=up  RTS=up  CTS=up

from router sh ip route
ParagonRT# sh ip int briefe
Interface                  IP-Address      OK? Method Status                Protocol
FastEthernet0              67.62.10.209    YES manual up                    up      
Serial0                    67.62.8.142     YES manual up                    up

I feel i have set this up correctly and cavtel may have given me bad information, like this is realy a fram-relay T1, or just bad IP info. PLease double check these settings and let me know.
ASKER CERTIFIED SOLUTION
Avatar of harbor235
harbor235
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I see it now in their info but not in your config

harbor235
Avatar of kendingo

ASKER

I will give that a try asap and let you know.
Also, since they specify clocking source as line add the command in interface config mode:

config t <return>
interface serial0 <return>
clock source line <return>
exit <>

the other defaults should work fine

harbor235
Harbor,

Looks like adding the default route worked i can now ping outside resources. I am not at the physicial location so i can not verify internet connectivity until i get there.

I have one last question before i award you the points. We are implementing a Symantec Firewall also. from F0 on the router to the WAN port of the firewall i have a crossover cable. Is this the correct cable to use or do i need a standard patch cable?
Avatar of srw134
srw134

If you are going to stay with a static route statement you are going to want to remove the 67 network from the RIP process. And it should us a standard cable, but depending on the interface it will use either.

-sean
You should not be running RIP on this router.  It has no route 10 192.168.x.x, which in any case should not be advertised to the Internet, and it has no business announcing the whole 67.0.0.0/8 block either.  The firewall should neither accept nor pass RIP traffic from the router, and the ISP already knows what addresses it has issued to you -- and hopefully has enough sense to ignore any you advertise in its direction.

The router and firewall are both layer 3 devices, so a cross-over cable is called for.  Unless, that is, you install a hub or switch (layer 2 device) between them so you have a way to plug in and monitor Internet traffic outside the firewall.

The ISP has allocated you a public /29 block for server addresses, which currently you have configured on the LAN side of the router.  Use a private range instead for the segment between the router and firewall.  That way you can use static NAT on the firewall to map all six usable public addresses to server private addresses instead of using up two of them for this link.

(The firewall's default route should be the LAN-side address of the router.  Clients' default gateway should be the LAN-side address of the firewall, which may or may not be the LAN DHCP server -- the router should not be, since the firewall separates it from the LAN.)

harbor thanks for the help, works great now.

penngwyn thanks for the security tip.