UnifiedIT
asked on
Help with 3725 connecting to internet with DS3 ATM card - MPLS Network
Hey guys,
Here is my situtation, I have a Cisco 3725 router with 1 NM-1A-T3, DS3 Network Module installed in it.
I am using this connection for both my DIA and WAN to the SBC network.
Right now, I am trying to get the internet connection working, next I will attack the WAN and then seperating them with ACL's
Here is the setup. Internet 68.1.1.1/30 --- 68.1.1.2/30 3725 ATM Interface, 192.168.1.1/30 F0/0 -----192.168.1.2/30 FW WAN interface, 172.20.20.0/22 LAN
Here is my current config
Building configuration...
Current configuration : 1146 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip subnet-zero
!
!
ip cef
!
!
!
interface FastEthernet0/0
ip address 192.168.1.1 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
no ip address
atm scrambling cell-payload
atm framing cbitplcp
no atm ilmi-keepalive
!
interface ATM2/0.1 point-to-point
description DS3 to SBC Internet
ip address 68.1.1.2 255.255.255.252
pvc SBCIS 2/521
protocol ip 68.1.1.1
vbr-nrt 64 64
encapsulation aal5mux ip
!
!
ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 68.1.1.1 permanent
!
!
access-list 101 deny 53 any any
access-list 101 deny 55 any any
access-list 101 deny 77 any any
access-list 101 deny pim any any
access-list 101 permit ip any any
!
!
!
!
!
!
!
!
line con 0
transport preferred all
transport output all
line aux 0
transport preferred all
transport output all
line vty 0 4
!
end
When logged into the router, I can ping site on the net by IP, but when I set my default gateway to the firewall (172.20.20.2/22), I cant ping out.
A tracert gets me to 192.168.1.1 (The LAN interface on the gateway router, past the FW now), but no farther. I am assuming that there is a route problem on the router, but the 0.0.0.0 0.0.0.0 static route should take care of that?
Ideas?
Here is my situtation, I have a Cisco 3725 router with 1 NM-1A-T3, DS3 Network Module installed in it.
I am using this connection for both my DIA and WAN to the SBC network.
Right now, I am trying to get the internet connection working, next I will attack the WAN and then seperating them with ACL's
Here is the setup. Internet 68.1.1.1/30 --- 68.1.1.2/30 3725 ATM Interface, 192.168.1.1/30 F0/0 -----192.168.1.2/30 FW WAN interface, 172.20.20.0/22 LAN
Here is my current config
Building configuration...
Current configuration : 1146 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip subnet-zero
!
!
ip cef
!
!
!
interface FastEthernet0/0
ip address 192.168.1.1 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
no ip address
atm scrambling cell-payload
atm framing cbitplcp
no atm ilmi-keepalive
!
interface ATM2/0.1 point-to-point
description DS3 to SBC Internet
ip address 68.1.1.2 255.255.255.252
pvc SBCIS 2/521
protocol ip 68.1.1.1
vbr-nrt 64 64
encapsulation aal5mux ip
!
!
ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 68.1.1.1 permanent
!
!
access-list 101 deny 53 any any
access-list 101 deny 55 any any
access-list 101 deny 77 any any
access-list 101 deny pim any any
access-list 101 permit ip any any
!
!
!
!
!
!
!
!
line con 0
transport preferred all
transport output all
line aux 0
transport preferred all
transport output all
line vty 0 4
!
end
When logged into the router, I can ping site on the net by IP, but when I set my default gateway to the firewall (172.20.20.2/22), I cant ping out.
A tracert gets me to 192.168.1.1 (The LAN interface on the gateway router, past the FW now), but no farther. I am assuming that there is a route problem on the router, but the 0.0.0.0 0.0.0.0 static route should take care of that?
Ideas?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you,
Mike