[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Running LAN packets 192.168.1.x over T1 ppp1 of 10.10.20.3

Posted on 2009-02-17
24
Medium Priority
?
442 Views
Last Modified: 2012-05-06
I have a point-to-point T1 running between an office and a warehouse using a ppp1 connection and an ip of 10.10.20.3 and .2 respectively at each end. The T1 point-to-point shows that its up and running just fine. I just can't pass local lan (192.168.1.x or other packets over it, even though the routing shows: Neither netvanta acts as a default router for the LAN, nor does either run dhcp or dns. I want to reach the web interface of the 3205 at the far end of the T1, using its web IP of 192.168.1.202 as well as telnet into it from the local end. In addition I also want devices at the far end to receive dhcp info from our default gateway at the local end of the T1, which is a sonicwall 3060pro at 192.168.1.1

1.I need a recipe/step-by-step tutorial to get it running.
or
2. a solution that, while requiring different ip rouing, gets the same result.

Please see the pdf for routing setup as it is at present. The other end has the same routing as I used an almost identical config file for both ends, just reversed some IP's as per another experts advice.
localside-routing.pdf
0
Comment
Question by:minomania
  • 13
  • 11
24 Comments
 
LVL 8

Expert Comment

by:API_NOC
ID: 23665953
minomania,
Telnet to the router and do a "show run" from enable mode.  I work on Adtrans but almost never use the GUI.  You can remove any passwords from your output.  I'll need to see the config for both routers.  Yes, it was me who helped you earlier.
0
 

Author Comment

by:minomania
ID: 23673820
here is the cfg of the local 1224R
0
 
LVL 8

Expert Comment

by:API_NOC
ID: 23673863
You did not upload the config.
0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
LVL 8

Expert Comment

by:API_NOC
ID: 23681664
Still waiting on the config.  
0
 

Author Comment

by:minomania
ID: 23694207
sorry for the delay - here is the config for warehouse, remote side:).
config-Router-02-20-2009-3205-re.txt
0
 
LVL 8

Expert Comment

by:API_NOC
ID: 23694465
Ok, so that we are on the same page here; the 3205 is the REMOTE site, and the 1224R is the HOST site?
0
 

Author Comment

by:minomania
ID: 23694493
here is the local cfg for the 1224R. Sorry for the file mishap:).
config-Switch-02-20-2009.cfg.txt
0
 

Author Comment

by:minomania
ID: 23694498
Yes, the 1224R is on the host side and the 3205 is on the remote side.
0
 
LVL 8

Expert Comment

by:API_NOC
ID: 23696015
The config for the remote site is coming.  Your firewall must have a route that looks like this:
ip route 192.168.64.0 255.255.255.0 192.168.1.1
You are not able to have the same LAN subnet on the remote site as you do on the host site.  This must be different, and so I've suggested the 192.168.64.0 network for the 3205.

config-Switch-02-20-2009-1540.cf.txt
0
 
LVL 8

Expert Comment

by:API_NOC
ID: 23696178
Ok, so here is the config for the remote site.  You can web to it at http://10.10.20.2 or http://192.168.64.1  The 3205 is going to have to provide DHCP to the LAN on that side.  You can modify the DNS server section to be the correct ip addresses of DNS servers that you need to use.  Please note the changes of ip addresses that were made on PPP1 and eth 0/1 on both routers, as well as the BGP section.  If you change this information, it will not work.
Also, when you have implemented this configuration, please do a show run to make sure that it is as specified, and you do not have any duplicated or extra lines of code in there.
One more thing.  In the config for the 1224R ONLY, do this:
!
interface t1 1/1
  tdm-group 1 timeslots 1-24 speed 64
  clock source internal
  no shutdown
!
 

config-Router-02-20-2009-3205-15.txt
0
 

Author Comment

by:minomania
ID: 23716425
I have the respecrtive config on each netvanta and I get a green wan light on either end. Right now I am attempting to create a route on the sonicwall 3060pro out of interface x4 to see if I can ping the 3205 or get to it's web page.
0
 

Author Comment

by:minomania
ID: 23716468
According to the 3205 and 1224R the ppp link is up. I have to web to each device from its respective location; I don't know what to use for the gateway. Here are my settings:
source: 'warehlouse T1' which is the address object of 192.168.64.0 255.255.255.0
destination: any
service: any
gateway ?
interface: x4
metric: 1

Previously, I had the 1224R (host side) cat5'd directly into the local LAN of 192.168.1.0 . I have moved the cat45 to the router x4 interface. Is this right?
0
 

Author Comment

by:minomania
ID: 23716545
To sum up, it seems like the ppp link is up - I'm just not passing 192.168.64.0 packets. I can't pink 192.168.64.1 from the host side. Thanks for your expert help thus far, btw.
0
 
LVL 8

Expert Comment

by:API_NOC
ID: 23716575
As the Sonicwall and the 1224R are at the same location, you would need to add this route to the firewall.  I am giving you the Cisco syntax as I am not familiar with the Sonicwall syntax.
ip route 192.168.64.0 255.255.255.0 192.168.1.201
So in your firewall, you have to tell it how to get to the remote site.  It is reached via 192.168.1.201, the 1224R.  I think that is the gateway the Sonicwall needs.
0
 
LVL 8

Expert Comment

by:API_NOC
ID: 23716692
One more thing.  You may want to create some additional objects for the WAN links (ppp) of the routers.
ip route 10.10.20.0 255.255.255.252 192.168.1.201
This would be just like above where you have to set the gateway of the object to 192.168.1.201
0
 

Author Comment

by:minomania
ID: 23881697
I've been having a lot of issues trying to set the routing on the sonicwall 3060pro. Here are my present condundrums.

1) On the sonicwall, I must create the interface - should it be 10.10.20.4 255.255.255.0 for instance, or 192.168.20.4, 255.255.255.0 ? or 192.168.64.x ? As an aside, does the sonicwall interface (x3) share the same subnet as the ppp1 connection, .e.g., 10.10.20.0 255.255.255.0 ?

2) Also, what do I do with the 192.168.64.0 subnet on the sonicwall, or for that matter the 1224R. In response to a previous comment, should the ip route 192.168.64.0 be on the firewall of the sonicwall or the firewall of the 1224R?  

3)Regarding 192.168.1.201 that IP was only used as a web interface when I had the 1224R connected to the local LAN subnet of 192.168.1.0 . When I connect the 1224R to its 'correct' interface, x3, it must be disconnected from the local LAN.

Thanks for your extreme patience and help and sticktoittiveness...
0
 

Author Comment

by:minomania
ID: 23881717
BTW, I have been on the phone with sonicwall and an ongoing ticket with them, but try as they may they have not yet helped me resolve the issues.
0
 

Author Comment

by:minomania
ID: 23910897
API NOC, please let me know if you have any suggestions or resources to suggets to help me configure the 3060pro for routing over the T1; e.g., what steps are necessary. I have enabled Rip1 routing, made interface X3 10.10.20.3.
0
 
LVL 8

Expert Comment

by:API_NOC
ID: 23911814
Why did you enable RIP ?  Anyway, please repost your configs because it seems that there are some things that were introduced that could be causing problems.  The only issue that remained from our earlier discussion was for you to get the correct route applied from the Sonicwall to the Host site router.
0
 

Author Comment

by:minomania
ID: 23913307
I will disable RIP. Sonicwall has not yet been able to ping the netvanta 1224R on the host side from the X3 interface. I can hook up the laptop and can ping that from the interface that should connect to eth port on the 1224 host side router. I have named the interface 10.10.20.4. Is that the correct subnet? I will repost the config's but I took care not to alter them and they are just as you gave me before. I am evidently not setting the routing correctly, nor were the sonicwall folks able to figure out, firstly, what subnet the X3 interface should be that connects to the 1224R. They seemed to think it should be on the ppp1 subnet.
0
 
LVL 8

Accepted Solution

by:
API_NOC earned 2000 total points
ID: 23918311

Ok, so here is what you have to get the Sonicwall guys to do for you.  Your Sonicwall LAN ip address is 192.168.1.1 and the Adtran's LAN address is 192.168.1.201.  You have to tell the Sonicwall how to get to the remote site.  This means the Sonicwall has to be told that in order to get to the 192.168.64.0 network, it has to go through 192.168.1.201 (the host site Adtran).  

If you have to, you can also tell the Sonicwall, that the 10.10.20.0 network is also accessed via 192.168.1.201.

The only other way I can really state what needs to be done, and the Sonicwall folks should understand this is - there needs to be a route for the remote site placed in the Sonicwall to send to the Adtran 192.168.1.201

This is how it would be done in a Cisco or Adtran router, but it needs to be done in the Sonicwall.

ip route 192.168.64.0 255.255.255.0 192.168.1.201
ip route 10.10.20.0 255.255.255.252 192.168.1.201

These networks also need to be allowed to surf the Internet.  Sonicwall will have to assist you in getting these tasks done.
0
 

Author Comment

by:minomania
ID: 23921807
Ok. One final dumb question(as far as I know). How should the 1224R be connected to the sonicwall? I want to have it just connect from an external interface, that is X3 on the sonicwall, to the 1224R netvanta. Previously, I had it both connected there and from a switch on the 192.168.1.0 network.
0
 
LVL 8

Expert Comment

by:API_NOC
ID: 23921998
Ok, so are you good to go now?
0
 

Author Comment

by:minomania
ID: 23942298
Well, no. Sonicwall techs were still not able to ping from interface X3 on the sonicwall to the 1224R on the host side. When I attempted to  ping from a laptop on the 1224R I was able to ping 192.168.64.1 which reported back as 192.168.1.201. I could also ping 10.10.20.1 and 10.10.20.2, but I could not ping X3, which had been set to 10.10. 20.4.  

But, it seems you have resolved the issue on T1 side. I just haven't gotten routing going yet from the sonicwall....I may open up a new issue on expert-exchange for that:).
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are thinking of adopting cloud services, or just curious as to what ‘the cloud’ can offer then the leader according to Gartner for Infrastructure as a Service (IaaS) is Amazon Web Services (AWS).  When I started using AWS I was completely new…
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Suggested Courses

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question