dpflanzer
asked on
Setting up Point to Point T1 with Cisco 1720s
I am having what appears to be a routing problem between two networks. Here is the setup...
There are two office locations A and B. Network A is 192.168.1.x (255.255.255.0), Network B is 192.168.2.x (255.255.255.0). At each location there is a Cisco 1720 (w/ wic-1dsu-t1 cards) connected with a dedicated Point to Point T1 (Full). All interfaces show status of UP and the T1 appears to be working properly.
From a PC I can ping the fast ethernet connection of either router at any location but when I try to ping another PC on the other side it fails, here are the tracert results from the "Location B" side (they are the same from the A side) when I try to go to a PC in the other network. Maybe I have to set up RIP routing??
Tracing route to PC10 [192.168.1.10]
over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms 192.168.2.35
2 24 ms 24 ms 24 ms 10.0.0.1
3 * * * Request timed out.
4 * * * Request timed out.
I have included the relevant lines of the router configuration as well as the results of the ip route command. I hope one of you can help.
David.
-- LOCATION A --
ip subnet-zero
!
no ip domain lookup
!
no ip cef
!
interface FastEthernet0
description LAN
ip address 192.168.1.35 255.255.255.0
speed auto
no cdp enable
!
interface Serial0
description T1
ip address 10.0.0.1 255.255.255.252
encapsulation ppp
no cdp enable
!
ip classless
ip route 192.168.2.0 255.255.255.0 10.0.0.2
no ip http server
!
no cdp run
IP ROUTE
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.0.0.2/32 is directly connected, Serial0
C 10.0.0.0/30 is directly connected, Serial0
C 192.168.1.0/24 is directly connected, FastEthernet0
S 192.168.2.0/24 [1/0] via 10.0.0.2
-- LOCATION B --
ip subnet-zero
!
no ip domain lookup
!
no ip cef
!
interface FastEthernet0
description LAN
ip address 192.168.2.35 255.255.255.0
speed auto
no cdp enable
!
interface Serial0
description T1
ip address 10.0.0.2 255.255.255.252
encapsulation ppp
no cdp enable
!
ip classless
ip route 192.168.1.0 255.255.255.0 10.0.0.1
no ip http server
!
no cdp run
IP ROUTE
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.0.0.0/30 is directly connected, Serial0
C 10.0.0.1/32 is directly connected, Serial0
S 192.168.1.0/24 [1/0] via 10.0.0.1
C 192.168.2.0/24 is directly connected, FastEthernet0
There are two office locations A and B. Network A is 192.168.1.x (255.255.255.0), Network B is 192.168.2.x (255.255.255.0). At each location there is a Cisco 1720 (w/ wic-1dsu-t1 cards) connected with a dedicated Point to Point T1 (Full). All interfaces show status of UP and the T1 appears to be working properly.
From a PC I can ping the fast ethernet connection of either router at any location but when I try to ping another PC on the other side it fails, here are the tracert results from the "Location B" side (they are the same from the A side) when I try to go to a PC in the other network. Maybe I have to set up RIP routing??
Tracing route to PC10 [192.168.1.10]
over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms 192.168.2.35
2 24 ms 24 ms 24 ms 10.0.0.1
3 * * * Request timed out.
4 * * * Request timed out.
I have included the relevant lines of the router configuration as well as the results of the ip route command. I hope one of you can help.
David.
-- LOCATION A --
ip subnet-zero
!
no ip domain lookup
!
no ip cef
!
interface FastEthernet0
description LAN
ip address 192.168.1.35 255.255.255.0
speed auto
no cdp enable
!
interface Serial0
description T1
ip address 10.0.0.1 255.255.255.252
encapsulation ppp
no cdp enable
!
ip classless
ip route 192.168.2.0 255.255.255.0 10.0.0.2
no ip http server
!
no cdp run
IP ROUTE
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.0.0.2/32 is directly connected, Serial0
C 10.0.0.0/30 is directly connected, Serial0
C 192.168.1.0/24 is directly connected, FastEthernet0
S 192.168.2.0/24 [1/0] via 10.0.0.2
-- LOCATION B --
ip subnet-zero
!
no ip domain lookup
!
no ip cef
!
interface FastEthernet0
description LAN
ip address 192.168.2.35 255.255.255.0
speed auto
no cdp enable
!
interface Serial0
description T1
ip address 10.0.0.2 255.255.255.252
encapsulation ppp
no cdp enable
!
ip classless
ip route 192.168.1.0 255.255.255.0 10.0.0.1
no ip http server
!
no cdp run
IP ROUTE
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.0.0.0/30 is directly connected, Serial0
C 10.0.0.1/32 is directly connected, Serial0
S 192.168.1.0/24 [1/0] via 10.0.0.1
C 192.168.2.0/24 is directly connected, FastEthernet0
JFrederick29
The router configuration looks good. The routing and T1 look to be working properly. Does the PC have the Windows Firewall enabled? If so, you won't be able to ping it. Try disabling the Windows Firewall if enabled and test again or try accessing a server or something other than ICMP in that office.
What is the default gateway setting on the PC? It needs to be 192.168.1.35 - the local LAN interface on the router.
ASKER
There is a Netgear FVX538 router at each location (this is used for internet connectivity), there is a static route set up in these routers to direct traffic to the cisco 1720 for the other network. These are the settings in the netgear for location A.
Destination: 192.168.2.0 (255.255.255.0)
Gateway: 192.168.1.35
For Location B
Destination: 192.168.1.0 (255.255.255.0)
Gateway: 192.168.2.35
I believe these are set up properly because of the results of the traceroute (as shown in my original message)
Regarding the firewall on the PC's: They are turned off, and are easily pinged from the same side of the network.
Destination: 192.168.2.0 (255.255.255.0)
Gateway: 192.168.1.35
For Location B
Destination: 192.168.1.0 (255.255.255.0)
Gateway: 192.168.2.35
I believe these are set up properly because of the results of the traceroute (as shown in my original message)
Regarding the firewall on the PC's: They are turned off, and are easily pinged from the same side of the network.
ASKER
Just to clairfy a little more on the gateway setup... The gateways on all the PCs are set to the netgear router address at each location, this happens to be 192.168.1.1 for location A and 192.168.2.1 for location B.
Do you think my problem has something to do with the netgear?
David.
Do you think my problem has something to do with the netgear?
David.
I agree with lrmorre, but just to add value to the solution you could also debug ip icmp on the far end router to verify the packets make it across. Your output should look similar to this:
ICMP: echo reply sent, src x.x.x.x, dst y.y.y.y
ICMP: echo reply rcvd, src x.x.x.x, dst y.y.y.y
ICMP: echo reply sent, src x.x.x.x, dst y.y.y.y
ICMP: echo reply rcvd, src x.x.x.x, dst y.y.y.y
I would verifiy the routes are working on the Netgear routers.
Also, do you know that if each location has an internet connection you could setup a VPN tunnel and save the money spent on a T1
Also, do you know that if each location has an internet connection you could setup a VPN tunnel and save the money spent on a T1
You can rule out the Netgear by pointing the PC's on both ends to their respective Cisco routers for their default gateway (or add routes to the "testing" PC's) just to test between these two hosts.
ASKER
Doesnt my traceroute proove that the netgear is working correctly?
Regarding the decision not to go VPN, the customer choose to go with a dedicated T1 for reliability and due to the high volume of traffic that will be passed between the two offices.
Regarding the decision not to go VPN, the customer choose to go with a dedicated T1 for reliability and due to the high volume of traffic that will be passed between the two offices.
No it doesn't, it looks like the host on the 192.168.1.x side doesn't have a route back to the 192.168.2.x side, so it drops the reply. Debugging would help narrow it down.
On the VPN, just wanted to make sure that you are aware of the options.
On the VPN, just wanted to make sure that you are aware of the options.
ASKER
Ok, here are some results from the router at location "B" using the debug IP ICMP. Does this help?
*Mar 2 13:54:43.194: ICMP: time exceeded (time to live) sent to 192.168.1.129 (dest was 192.168.2.10)
*Mar 2 13:54:48.834: ICMP: dst (192.168.2.35) port unreachable sent to 192.168.2.1
*Mar 2 13:54:43.194: ICMP: time exceeded (time to live) sent to 192.168.1.129 (dest was 192.168.2.10)
*Mar 2 13:54:48.834: ICMP: dst (192.168.2.35) port unreachable sent to 192.168.2.1
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Irmoore:
Ok, that did work, each pc that I assign the gateway of the cisco can ping each other and the new ip route works for outgoing traffic to the netgear.
But I am wondering if I can avoid this by still using the netgear as the gateway and setting up the cisco in a different way. The reason I ask is that I believe it can be done, you see I have set up a static route for another cisco router (to a datacenter) and it works fine using the netgear and a static route. I don't have the configuration of that router as it is leased and maintained by the datacenter. So, by setting up RIP on the 1720's allow me to still use the .1 gateway (the netgear)?
We are on the right track... thanks so far.
David.
Ok, that did work, each pc that I assign the gateway of the cisco can ping each other and the new ip route works for outgoing traffic to the netgear.
But I am wondering if I can avoid this by still using the netgear as the gateway and setting up the cisco in a different way. The reason I ask is that I believe it can be done, you see I have set up a static route for another cisco router (to a datacenter) and it works fine using the netgear and a static route. I don't have the configuration of that router as it is leased and maintained by the datacenter. So, by setting up RIP on the 1720's allow me to still use the .1 gateway (the netgear)?
We are on the right track... thanks so far.
David.
If the netgear has a static route for the remote network, pointing to the local 1721, you may be all right.
RIP may work if the Netgear has RIP turned on and learns the routes, but statics would be better. Enable it on the 1720 and see...
RIP may work if the Netgear has RIP turned on and learns the routes, but statics would be better. Enable it on the 1720 and see...