Solved

Dialer Interface on Cisco

Posted on 2002-07-15
9
1,824 Views
Last Modified: 2008-02-01
I am using a ISDN Cisco router to dial to 2 different site using 2 different profile, which makes me to configured the router using 2 dialer interface. The problem is only one dialer interface works but not the other. The config is as below :

interface BRI0
 no ip address
 encapsulation ppp
 dialer pool-member 1
 isdn switch-type basic-net3
 no cdp enable
!
interface FastEthernet0
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 speed auto
!
interface Dialer0
 ip unnumbered FastEthernet0
 encapsulation ppp
 dialer pool 1
 dialer idle-timeout 300
 dialer string 1111
 dialer-group 1
 no cdp enable
 ppp authentication chap
!
interface Dialer1
 ip address negotiated
 encapsulation ppp
 dialer pool 1
 dialer idle-timeout 180
 dialer string 2222
 dialer-group 2
 ppp chap refuse
 ppp pap sent-username 2222 password 0 2222

ip route 0.0.0.0 0.0.0.0 Dialer1 200
ip route 0.0.0.0 0.0.0.0 Dialer0 200
!
ip nat inside source list 103 interface Dialer1 overload
access-list 101 permit ip any host 10.10.10.1
access-list 102 permit ip any host 20.20.20.2
access-list 103 permit ip any any
dialer-list 1 protocol ip list 101
dialer-list 2 protocol ip list 102


anything wrong ??
0
Comment
Question by:carollow
9 Comments
 
LVL 1

Expert Comment

by:matt_t1
ID: 7156448
You have a couple of things to look into.

1 - your static routes.  With 2 default routes to different dialler interfaces, Dialer1 in your case is always going to get hit first.  I think (from your access lists) you would be better with the following routes:

ip route 10.0.0.0 255.0.0.0 Dialer0 200
ip route 20.0.0.0 255.0.0.0 Dialer1 200

This way the traffic will match a route through the appropriate dialler.  Go more specific with the route masks if you can, as you should never have a route that can be matched for more traffic that should be routed that way.  You want any "destination unreachables" to come back from your box before it brings up a dialler and costs you call charges.

2 - your NAT config.  You have a NAT that is telling the router to hide the source of all traffic behind dialler1, but dialler1 is not configured with the "ip nat outside" command.  Combined with the default routes you have, all your traffic is going to be NAT'ed through dialler1 in your current config.

Change the routes and it will probably start working.  Put the "ip nat outside" in for completeness, and because I'm not sure where it might fall over without it...!

Hope this helps,

Matt.
0
 
LVL 2

Expert Comment

by:edmonds_robert
ID: 7156984
I'm not positive, but I would also try making dialer 1 and dialer 2 both members of dialer-group 1.
Check the following Cisco link to see if this is the same as your are trying to do.

http://www.cisco.com/warp/public/793/access_dial/Isdn_callerID.html
0
 
LVL 1

Expert Comment

by:matt_t1
ID: 7157269
Dialer-group refers to the dialer-list commands that are used to determine "interesting" traffic.  Your dialer-pool commands in the diallers with the equivalent dialer pool-member on the BRI are all that's required to bind the diallers to the BRI.

As I said above, change the routes and it should work.
0
 
LVL 8

Expert Comment

by:scraig84
ID: 7157276
Well, you may want to start by telling us which one works and which doesn't.  There are a number of things that can go wrong with dial technologies, so blindly troubleshooting one end and not even knowing which interface makes things a bit difficult.  Giving us the config of the router on the other side would also be a huge help.  

That said, have you done any debugging to see where it fails?  The single most common problem is authentication, so I would look at that first.

If you can provide more info, we can take a look.  
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 1

Expert Comment

by:matt_t1
ID: 7157286
Incidentally, am I the only one who finds Cisco's lack of consistency in these commands really irritating?

If it was up to me, I'd say "dialer-pool 1" in both the BRI and the Dialer interfaces, and "dialer-list 1" in the Dialer and globally would make much more sense.

Also applies to the "access-list" global command and "ip access-group" interface command, amongst others.

But there we go, it's not up to me!
0
 
LVL 1

Expert Comment

by:matt_t1
ID: 7172732
carollw:

Did you get the problewm solved?  Things have gone quiet for the past week or so...

Matt.
0
 
LVL 1

Accepted Solution

by:
matt_t1 earned 50 total points
ID: 7198914
carollw:

OK - this one has been going for a while now with no new posts, so I'm going to be a little more positive.  I am pretty certain of the very first post I made, so that is my official answer.  Reject it if it doesn't work, but I really think it will.

As a collaborative tool EE is great - but I think we (the contributors) really need to know whether the suggested solutions work!  And if you need to debug the problem further, we need to know where they don't work as well.

Original post was:

You have a couple of things to look into.

1 - your static routes.  With 2 default routes to different dialler interfaces, Dialer1 in your case is always going to get hit first.  I think (from your access lists) you would be better with the following routes:

ip route 10.0.0.0 255.0.0.0 Dialer0 200
ip route 20.0.0.0 255.0.0.0 Dialer1 200

This way the traffic will match a route through the appropriate dialler.  Go more specific with the route masks if you can, as you should never have a route that can be matched for more traffic that should be routed that way.  You want any "destination unreachables" to come back from your box before it brings up a dialler and costs you call charges.

2 - your NAT config.  You have a NAT that is telling the router to hide the source of all traffic behind dialler1, but dialler1 is not configured with the "ip nat outside" command.  Combined with the default routes you have, all your traffic is going to be NAT'ed through dialler1 in your current config.

Change the routes and it will probably start working.  Put the "ip nat outside" in for completeness, and because I'm not sure where it might fall over without it...!

Hope this helps,

Matt.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 7333445
It appears that you have forgotten this question. I will ask Community Support to close it unless you finalize it within 7 days. I will ask a Community Support Moderator to force close it.

** PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER **

Please take a moment to revisit this question & reward your points or post additional commentary as appropriate.  Unless there is objection or further activity.

EXPERTS, please feel free to make a recommendation for points award. As it stands, I would recommend:

points to matt_t1 for all the effort

If you feel that your question was not properly addressed, or that none of the comments received were appropriate answers, please post a request in Community support (with a link to this page) to refund your points.  The link to the Community Support area is: http://www.experts-exchange.com/jsp/qList.jsp?ta=commspt


** PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER **
------------------------------------------------------------------------------------------------

0
 
LVL 5

Expert Comment

by:Netminder
ID: 7712511
Question abandoned; per recommendation, force-accepted.

Netminder
EE Admin
0

Featured Post

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Cisco Switch Swap 1 56
1 WAN to 2 LAN 4 61
solarwind tftp server 2 32
Transfer IOS from server to router via tftp 3 19
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now