• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 316
  • Last Modified:

Setting up Point to Point T1 with Cisco 1720s

I am having what appears to be a routing problem between two networks.  Here is the setup...
There are two office locations A and B.  Network A is 192.168.1.x (255.255.255.0), Network B is 192.168.2.x (255.255.255.0).  At each location there is a Cisco 1720 (w/ wic-1dsu-t1 cards) connected with a dedicated Point to Point T1 (Full).  All interfaces show status of UP and the T1 appears to be working properly.

From a PC I can ping the fast ethernet connection of either router at any location but when I try to ping another PC on the other side it fails, here are the tracert results from the "Location B" side (they are the same from the A side) when I try to go to a PC in the other network.  Maybe I have to set up RIP routing??

Tracing route to PC10 [192.168.1.10]
over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  192.168.2.35
  2    24 ms    24 ms    24 ms  10.0.0.1
  3     *        *        *     Request timed out.
  4     *        *        *     Request timed out.

I have included the relevant lines of the router configuration as well as the results of the ip route command.  I hope one of you can help.

David.

-- LOCATION A --
ip subnet-zero
!
no ip domain lookup
!
no ip cef
!
interface FastEthernet0
 description LAN
 ip address 192.168.1.35 255.255.255.0
 speed auto
 no cdp enable
!
interface Serial0
 description T1
 ip address 10.0.0.1 255.255.255.252
 encapsulation ppp
 no cdp enable
!
ip classless
ip route 192.168.2.0 255.255.255.0 10.0.0.2
no ip http server
!
no cdp run

IP ROUTE
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C       10.0.0.2/32 is directly connected, Serial0
C       10.0.0.0/30 is directly connected, Serial0
C    192.168.1.0/24 is directly connected, FastEthernet0
S    192.168.2.0/24 [1/0] via 10.0.0.2

-- LOCATION B --
ip subnet-zero
!
no ip domain lookup
!
no ip cef
!
interface FastEthernet0
 description LAN
 ip address 192.168.2.35 255.255.255.0
 speed auto
 no cdp enable
!
interface Serial0
 description T1
 ip address 10.0.0.2 255.255.255.252
 encapsulation ppp
 no cdp enable
!
ip classless
ip route 192.168.1.0 255.255.255.0 10.0.0.1
no ip http server
!
no cdp run

IP ROUTE
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C       10.0.0.0/30 is directly connected, Serial0
C       10.0.0.1/32 is directly connected, Serial0
S    192.168.1.0/24 [1/0] via 10.0.0.1
C    192.168.2.0/24 is directly connected, FastEthernet0
0
dpflanzer
Asked:
dpflanzer
  • 5
  • 3
  • 3
  • +1
1 Solution
 
JFrederick29Commented:
The router configuration looks good.  The routing and T1 look to be working properly.  Does the PC have the Windows Firewall enabled?  If so, you won't be able to ping it.  Try disabling the Windows Firewall if enabled and test again or try accessing a server or something other than ICMP in that office.
0
 
lrmooreCommented:
What is the default gateway setting on the PC? It needs to be 192.168.1.35 - the local LAN interface on the router.
0
 
dpflanzerAuthor Commented:
There is a Netgear FVX538 router at each location (this is used for internet connectivity), there is a static route set up in these routers to direct traffic to the cisco 1720 for the other network.  These are the settings in the netgear for location A.
Destination: 192.168.2.0 (255.255.255.0)
Gateway: 192.168.1.35

For Location B
Destination: 192.168.1.0 (255.255.255.0)
Gateway: 192.168.2.35

I believe these are set up properly because of the results of the traceroute (as shown in my original message)

Regarding the firewall on the PC's:  They are turned off, and are easily pinged from the same side of the network.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
dpflanzerAuthor Commented:
Just to clairfy a little more on the gateway setup...  The gateways on all the PCs are set to the netgear router address at each location, this happens to be 192.168.1.1 for location A and 192.168.2.1 for location B.

Do you think my problem has something to do with the netgear?  

David.
0
 
Jim_CoyneCommented:
I agree with lrmorre, but just to add value to the solution you could also debug ip icmp on the far end router to verify the packets make it across. Your output should look similar to this:

 ICMP: echo reply sent, src x.x.x.x, dst y.y.y.y
 ICMP: echo reply rcvd, src x.x.x.x, dst y.y.y.y
0
 
Jim_CoyneCommented:
I would verifiy the routes are working on the Netgear routers.

Also, do you know that if each location has an internet connection you could setup a VPN tunnel and save the money spent on a T1


0
 
JFrederick29Commented:
You can rule out the Netgear by pointing the PC's on both ends to their respective Cisco routers for their default gateway (or add routes to the "testing" PC's) just to test between these two hosts.
0
 
dpflanzerAuthor Commented:
Doesnt my traceroute proove that the netgear  is working correctly?  

Regarding the decision not to go VPN, the customer choose to go with a dedicated T1 for reliability and due to the high volume of traffic that will be passed between the two offices.
0
 
Jim_CoyneCommented:
No it doesn't, it looks like the host on the 192.168.1.x side doesn't have a route back to the 192.168.2.x side, so it drops the reply. Debugging would help narrow it down.

On the VPN, just wanted to make sure that you are aware of the options.
0
 
dpflanzerAuthor Commented:
Ok, here are some results from the router at location "B" using the debug IP ICMP.  Does this help?

*Mar  2 13:54:43.194: ICMP: time exceeded (time to live) sent to 192.168.1.129 (dest was 192.168.2.10)
*Mar  2 13:54:48.834: ICMP: dst (192.168.2.35) port unreachable sent to 192.168.2.1
0
 
lrmooreCommented:
Try this:
On each 1721:
 ip route 0.0.0.0 0.0.0.0 192.168.x.1  <== local netgear router

On 2 test PC's, point their default gateway to the local 1721 and not the Netgear.
Now try pinging each other.
If successful, then simply point the PC's local default gateway to the 1721 and not the Netgear.
0
 
dpflanzerAuthor Commented:
Irmoore:

Ok, that did work, each pc that I assign the gateway of the cisco can ping each other and the new ip route works for outgoing traffic to the netgear.

But I am wondering if I can avoid this by still using the netgear as the gateway and setting up the cisco in a different way.  The reason I ask is that I believe it can be done, you see I have set up a static route for another cisco router (to a datacenter) and it works fine using the netgear and a static route.  I don't have the configuration of that router as it is leased and maintained by the datacenter.  So, by setting up RIP on the 1720's allow me to still use the .1 gateway (the netgear)?

We are on the right track... thanks so far.

David.
0
 
lrmooreCommented:
If the netgear has a static route for the remote network, pointing to the local 1721,  you may be all right.
RIP may work if the Netgear has RIP turned on and learns the routes, but statics would be better. Enable it on the 1720 and see...
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 5
  • 3
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now