Solved

Cisco 2811<-->1841: How do I setup a point-to-point connection using SDM?

Posted on 2006-11-28
6
813 Views
Last Modified: 2010-08-05
Good Afternoon,

I have a Cisco 2811 Router and Cisco 1841 Router.  Between them is a full 1.544Mbs point-to-point T1.

The only thing I know about Cisco is how to spell it.  I'm more comfortable using SDM (the graphical user interface) then typing commands.

So, I need to connect the two routers.

2811 is our main office.  1841 is a satellite office.

2811 office uses 192.168.111.0/24 IP scheme.
1841 office uses 192.168.133.0/24 IP scheme.

Again, using SDM will be greatly appreciated, however, getting the connect created is the bottomline.

-adam.
0
Comment
Question by:adamkerrigan
  • 3
  • 2
6 Comments
 

Author Comment

by:adamkerrigan
ID: 18033207
As I understand it, having the offices on seperate subnets is preferable.  However, I'm looking at ease of administration as a big plus.

The users at the satellite office will be accessing Active Directory, Group Policy, File sharing, internet, EVERYTHING.  There are NO servers at their locations, only user workstations.

Feel free to make network design suggestions.

-adam.
0
 

Author Comment

by:adamkerrigan
ID: 18033220
In case my previous statement was confusing, I meant to say that the all resources, including internet access, occur at and through the main office.  The satellite office must go through the T1 for any and all resources.

-adam.
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 444 total points
ID: 18035430
I can give you command line but cannot guide you through the SDM..

2811:
router>enable
router#config t
router(config)# <edit as required/copy below and "paste to host" >

interface Fast 0/0
  ip address 192.168.111.254 255.255.255.0
  ip helper-address 192.168.133.255
  no shutdown
interface Serial 0/0/0
  ip address 192.168.255.1 255.255.255.252
  encap ppp
  no shutdown
  service-module t1 clock source internal
 ip route 192.168.133.0 255.255.255.0 192.168.255.2
 ip route 0.0.0.0 0.0.0.0 192.168.111.1  <== this is your local gateway
 end
 write mem

1811:
interface Fast 0/0
  ip address 192.168.133.1 255.255.255.0
  no shutdown
  ip helper-address 192.168.111.255
interface Serial 0/0/0
  ip address 192.168.255.2 255.255.255.252
  encap ppp
  no shutdown
 ip route 0.0.0.0 0.0.0.0 192.168.255.1
 end
 write mem

! DONE !
NOTE: The default gateway for all hosts on your local LAN 192.168.111.0 should point to the 2811 FE 0/0 IP address

0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 12

Expert Comment

by:pjtemplin
ID: 18036689
Only change I'd suggest is the static routes pointing to 192.168.255.1 and 192.168.255.2 should instead point to the serial interface.  Several reasons:

Static routes to interfaces have a lower administrative distance than static routes to addresses.
You can renumber the serial ports without having to fix your routes on the fly as well.
If you were to ever 'oops' and kill the serial interfaces while having another interface or route cover the 192.168.255.0/30 subnet, your static routes will return to your routing table, and confuse you while troubleshooting.
0
 

Author Comment

by:adamkerrigan
ID: 18038170
Thank you for your response.

I didn't think this mattered upfront, but I should add, our default gateway is a seperate network device, located at 192.168.111.1.  The 2811 is not used for internet access, it is rather just another device on the network that must access the internet through 192.168.111.1.

192.168.111.1 happens to be a Symantec Gateway Security appliance by the way.

-adam.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 18039790
I had already made an assumption that you currently have a gateway set up for Internet and I made the configurations to match. I guessed at the IP address and was correct.
You will have to add a static route in the Symantec Gateway for the 192.168.133.0 subnet, pointing to the 2811 192.168.111.xxx
If you have NAT rules you might also want to be sure to add that subnet so that the SGS will accomodate it.
I don't know how the SGS works, but even after you add a static route in it for the remote network, it might not 'bounce' internal traffic going to the remote subnet back out to the 2811. Most firewalls will not, nor will it send an icmp redirect message to the host telling it network X is available through gateway Y
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

In a WLAN, anything you broadcast over the air can be intercepted.  By default a wireless network is wide open to all until security is configured. Even when security is configured information can still be intercepted! It is very important that you …
In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now