sean-keys
asked on
PTP with adtran router
Hi,
I'm trying to create a IPsec link with two fortinet routers, one at each end of my PTP T1. The t1 goes into an adtran router. I have never worked with a ptp T1. I can create an IPsec link between the two fortinet devices with a crossover cable but it wont work over the T1. I'm assuming there is a problem with the adtran router config. Here is the running config, any help would be appriciated.
Thanks,
Sean
myhostname#show configuration
Using 886 bytes
!
!
hostname "myhostname"
enable password mypass
!
ip subnet-zero
ip classless
ip routing
!
event-history on
no logging forwarding
logging forwarding priority-level info
no logging email
logging email priority-level info
!
username "admin" password "mypass"
!
ip policy-timeout tcp telnet 14400
!
!
!
!
!
!
!
!
!
!
interface eth 0/1
ip address 192.168.4.1 255.255.255.0
no shutdown
!
!
!
interface t1 1/1
tdm-group 1 timeslots 1-24 speed 64
no shutdown
!
interface hdlc 1
ip address 192.168.0.2 255.255.255.252
no shutdown
cross-connect 1 t1 1/1 1 hdlc 1
!
!
!
!
!
ip route 0.0.0.0 0.0.0.0 hdlc 1
!
no ip tftp server
ip http server
no ip http secure-server
no ip snmp agent
no ip ftp agent
!
!
!
!
!
!
!
line con 0
login
password qwst2cpe
!
line telnet 0 4
login
password qwst2cpe
!
end
PS -- Do I need to use a specific IP/mask on the wan port of the fortinet in order for it to talk to the adtran?
I'm trying to create a IPsec link with two fortinet routers, one at each end of my PTP T1. The t1 goes into an adtran router. I have never worked with a ptp T1. I can create an IPsec link between the two fortinet devices with a crossover cable but it wont work over the T1. I'm assuming there is a problem with the adtran router config. Here is the running config, any help would be appriciated.
Thanks,
Sean
myhostname#show configuration
Using 886 bytes
!
!
hostname "myhostname"
enable password mypass
!
ip subnet-zero
ip classless
ip routing
!
event-history on
no logging forwarding
logging forwarding priority-level info
no logging email
logging email priority-level info
!
username "admin" password "mypass"
!
ip policy-timeout tcp telnet 14400
!
!
!
!
!
!
!
!
!
!
interface eth 0/1
ip address 192.168.4.1 255.255.255.0
no shutdown
!
!
!
interface t1 1/1
tdm-group 1 timeslots 1-24 speed 64
no shutdown
!
interface hdlc 1
ip address 192.168.0.2 255.255.255.252
no shutdown
cross-connect 1 t1 1/1 1 hdlc 1
!
!
!
!
!
ip route 0.0.0.0 0.0.0.0 hdlc 1
!
no ip tftp server
ip http server
no ip http secure-server
no ip snmp agent
no ip ftp agent
!
!
!
!
!
!
!
line con 0
login
password qwst2cpe
!
line telnet 0 4
login
password qwst2cpe
!
end
PS -- Do I need to use a specific IP/mask on the wan port of the fortinet in order for it to talk to the adtran?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
private meaning dedicated?
also do you need any ip or specific networks?
also do you need any ip or specific networks?
ASKER
dedicated T1 going from one office to another. I figured I should be able to run any IP address/mask across it.
do the routers have proper wic cards for t1? must have csu/dsu.
nprignano
nprignano
ASKER
yeah,
show interface t1 1/1
t1 1/1 is UP
Receiver has no alarms
T1 coding is B8ZS, framing is ESF
Clock source is line, FDL type is ANSI
Line build-out is 0dB
No remote loopbacks, No network loopbacks
Acceptance of remote loopback requests enabled
Tx Alarm Enable: rai
Last clearing of counters never
loss of frame : 0
loss of signal : 0
AIS alarm : 0
Remote alarm : 2, last occurred 08:56:13
DS0 Status: 123456789012345678901234
NNNNNNNNNNNNNNNNNNNNNNNN
Status Legend: '-' = DS0 is unallocated
'N' = DS0 is dedicated (nailed)
Line Status: -- No Alarms --
5 minute input rate 72 bits/sec, 0 packets/sec
5 minute output rate 72 bits/sec, 0 packets/sec
Current Performance Statistics:
0 Errored Seconds, 0 Bursty Errored Seconds
0 Severely Errored Seconds, 0 Severely Errored Frame Seconds
0 Unavailable Seconds, 0 Path Code Violations
0 Line Code Violations, 0 Controlled Slip Seconds
0 Line Errored Seconds, 0 Degraded Minutes
TDM group 1, line protocol is UP
Encapsulation HDLC (hdlc 1)
26426 packets input, 1710562 bytes, 0 no buffer
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame
0 abort, 0 discards, 0 overruns
26470 packets output, 1713778 bytes, 0 underruns
show interface t1 1/1
t1 1/1 is UP
Receiver has no alarms
T1 coding is B8ZS, framing is ESF
Clock source is line, FDL type is ANSI
Line build-out is 0dB
No remote loopbacks, No network loopbacks
Acceptance of remote loopback requests enabled
Tx Alarm Enable: rai
Last clearing of counters never
loss of frame : 0
loss of signal : 0
AIS alarm : 0
Remote alarm : 2, last occurred 08:56:13
DS0 Status: 123456789012345678901234
NNNNNNNNNNNNNNNNNNNNNNNN
Status Legend: '-' = DS0 is unallocated
'N' = DS0 is dedicated (nailed)
Line Status: -- No Alarms --
5 minute input rate 72 bits/sec, 0 packets/sec
5 minute output rate 72 bits/sec, 0 packets/sec
Current Performance Statistics:
0 Errored Seconds, 0 Bursty Errored Seconds
0 Severely Errored Seconds, 0 Severely Errored Frame Seconds
0 Unavailable Seconds, 0 Path Code Violations
0 Line Code Violations, 0 Controlled Slip Seconds
0 Line Errored Seconds, 0 Degraded Minutes
TDM group 1, line protocol is UP
Encapsulation HDLC (hdlc 1)
26426 packets input, 1710562 bytes, 0 no buffer
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame
0 abort, 0 discards, 0 overruns
26470 packets output, 1713778 bytes, 0 underruns
>>Remote alarm : 2, last occurred 08:56:13
any ideas what the alarms were?
nprignano
any ideas what the alarms were?
nprignano
agreed.
ASKER