plewis1250
asked on
Cisco 2600 Point-To-Point T1 Line Configuration
Ok, I have my "theoretical T1" (loopback) working between the two routers (this is in preparation for the T1 being installed tomorrow), and when I asked a question regarding network setup, I was told I should place the routers inside my firewall.
First, here is my network setup:
<Building 1> <Building 2>
<ISP>---------------------
| |
--------------------------
|Firewall w/ VPN Tunnel to Building 2 | |FireWall w/ VPN Tunnel to Building 1 |
|6 public IPs, 1 private ip(10.0.0.1), using NAT| |1 public IP, 1 private IP (10.10.0.1,NAT|
--------------------------
| |
Servers & Clients (10.0.x.x) Servers & Clients (10.10.x.x)
At Building 2 we have a VoIP telephone system that integrated with our PBX at Building 1.
Because of the crummy connection via DSL to the 'Net, they do not work. So instead of having bad phones, we went ahead and purchased a point to point T1 connection.
From an earlier question, I found that it would be best to put the T1 behind one firewall, and setup my network as follows:
<Building 1> <Building 2>
<ISP>
|
--------------------------
|Firewall w/VPN from other location s |
|6 public IPs, 1 private ip(10.0.0.1), using NAT|
--------------------------
|
--------------------------
|2600 with T1 Connection (10.0.0.2)|---------------
--------------------------
| |
Servers & Clients (10.0.x.x) Servers & Clients (10.10.x.x)
Is this the best way to do this? If so, how do I get everything to talk to each other? I have NO experience with Cisco routers, and have accomplished getting the T1 link to work, and I can route Building 1 router to building 2 router, but it will not go any further. My only other alternative is to go back to the other way I was thinking, which was to put the T1 outside the firewall, then use VPN to connect the two networks together. There also are other remote sites that contact the firewall in building 1 for connectivity. Why couldn't that DSL line work?!?!!? :-D
Thanks for the help everyone, I look forward to your responses.
- Peter
Ps. I have the config files for my routers, here they are: Building 1 is NDSGP, Building 2 is JoshuaCross.
Current configuration : 842 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname NDSGP
!
boot-start-marker
boot-end-marker
!
enable secret
enable password
!
memory-size iomem 10
no aaa new-model
ip subnet-zero
ip cef
!
!
!
ip audit po max-events 100
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Ethernet0/0
ip address 10.0.0.2 255.255.0.0
half-duplex
!
interface Serial0/0
ip address 10.20.0.1 255.255.0.0
encapsulation ppp
fair-queue
service-module t1 timeslots 1-24
!
router eigrp 1
network 10.0.0.0 0.0.255.255
auto-summary
!
ip default-gateway 10.10.0.2
ip http server
no ip http secure-server
ip classless
!
!
dialer-list 1 protocol ip permit
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
password
login
!
!
!
end
--------------------------
Current configuration : 1159 bytes
!
version 12.3
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname JoshuaCross
!
boot-start-marker
boot-end-marker
!
enable secret
enable password
!
memory-size iomem 10
no aaa new-model
ip subnet-zero
ip cef
!
!
ip name-server 10.10.0.101
ip name-server 10.0.0.101
!
ip audit po max-events 100
prompt JoshuaCross>
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Ethernet0/0
ip address 10.10.0.2 255.255.0.0
half-duplex
!
interface Serial0/0
bandwidth 1500
ip address 10.20.0.2 255.255.0.0
encapsulation ppp
fair-queue
service-module t1 clock source internal
service-module t1 timeslots 1-24
!
router eigrp 1
network 10.10.0.0 0.0.255.255
network 10.0.0.0
auto-summary
!
ip default-gateway 10.10.0.1
no ip http server
no ip http secure-server
ip classless
ip route 10.0.0.0 255.255.0.0 10.10.0.1
ip route 10.10.0.0 255.255.0.0 Serial0/0
!
!
dialer-list 1 protocol ip permit
!
!
!
!
gateway
!
!
banner motd ^C Welcome to the Joshua/Cross Router!^C
!
line con 0
password
login
line aux 0
line vty 0 4
password
login
!
!
!
end
First, here is my network setup:
<Building 1> <Building 2>
<ISP>---------------------
| |
--------------------------
|Firewall w/ VPN Tunnel to Building 2 | |FireWall w/ VPN Tunnel to Building 1 |
|6 public IPs, 1 private ip(10.0.0.1), using NAT| |1 public IP, 1 private IP (10.10.0.1,NAT|
--------------------------
| |
Servers & Clients (10.0.x.x) Servers & Clients (10.10.x.x)
At Building 2 we have a VoIP telephone system that integrated with our PBX at Building 1.
Because of the crummy connection via DSL to the 'Net, they do not work. So instead of having bad phones, we went ahead and purchased a point to point T1 connection.
From an earlier question, I found that it would be best to put the T1 behind one firewall, and setup my network as follows:
<Building 1> <Building 2>
<ISP>
|
--------------------------
|Firewall w/VPN from other location s |
|6 public IPs, 1 private ip(10.0.0.1), using NAT|
--------------------------
|
--------------------------
|2600 with T1 Connection (10.0.0.2)|---------------
--------------------------
| |
Servers & Clients (10.0.x.x) Servers & Clients (10.10.x.x)
Is this the best way to do this? If so, how do I get everything to talk to each other? I have NO experience with Cisco routers, and have accomplished getting the T1 link to work, and I can route Building 1 router to building 2 router, but it will not go any further. My only other alternative is to go back to the other way I was thinking, which was to put the T1 outside the firewall, then use VPN to connect the two networks together. There also are other remote sites that contact the firewall in building 1 for connectivity. Why couldn't that DSL line work?!?!!? :-D
Thanks for the help everyone, I look forward to your responses.
- Peter
Ps. I have the config files for my routers, here they are: Building 1 is NDSGP, Building 2 is JoshuaCross.
Current configuration : 842 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname NDSGP
!
boot-start-marker
boot-end-marker
!
enable secret
enable password
!
memory-size iomem 10
no aaa new-model
ip subnet-zero
ip cef
!
!
!
ip audit po max-events 100
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Ethernet0/0
ip address 10.0.0.2 255.255.0.0
half-duplex
!
interface Serial0/0
ip address 10.20.0.1 255.255.0.0
encapsulation ppp
fair-queue
service-module t1 timeslots 1-24
!
router eigrp 1
network 10.0.0.0 0.0.255.255
auto-summary
!
ip default-gateway 10.10.0.2
ip http server
no ip http secure-server
ip classless
!
!
dialer-list 1 protocol ip permit
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
password
login
!
!
!
end
--------------------------
Current configuration : 1159 bytes
!
version 12.3
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname JoshuaCross
!
boot-start-marker
boot-end-marker
!
enable secret
enable password
!
memory-size iomem 10
no aaa new-model
ip subnet-zero
ip cef
!
!
ip name-server 10.10.0.101
ip name-server 10.0.0.101
!
ip audit po max-events 100
prompt JoshuaCross>
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Ethernet0/0
ip address 10.10.0.2 255.255.0.0
half-duplex
!
interface Serial0/0
bandwidth 1500
ip address 10.20.0.2 255.255.0.0
encapsulation ppp
fair-queue
service-module t1 clock source internal
service-module t1 timeslots 1-24
!
router eigrp 1
network 10.10.0.0 0.0.255.255
network 10.0.0.0
auto-summary
!
ip default-gateway 10.10.0.1
no ip http server
no ip http secure-server
ip classless
ip route 10.0.0.0 255.255.0.0 10.10.0.1
ip route 10.10.0.0 255.255.0.0 Serial0/0
!
!
dialer-list 1 protocol ip permit
!
!
!
!
gateway
!
!
banner motd ^C Welcome to the Joshua/Cross Router!^C
!
line con 0
password
login
line aux 0
line vty 0 4
password
login
!
!
!
end
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
- Peter