Solved

Adding a data T1 to current network

Posted on 2009-03-31
11
390 Views
Last Modified: 2012-05-06
I have a T1 data connection that has just been turned up between my corp office and a satellite location,the line has been assigned 172.x.x.1 in preperation for a complete cutover once deltacomm finishes the installs at the remaining five offices.  My boss has asked me if I would please add the T1 connection to our current network temporarily so that the satellite office will be able to use our EMR software.

My dilemma is this, I currently have five VPN connections established by a Juniper Firewall-VPN, the juniper is assigned 172.x.x.1 the exact same as the router from deltacomm.  Is there anyway to add the router with the duplicate IP in to the current network?  I thought about creating a new connection in the Juniper binding it to X zone and assigning it an alternate IP?  Anyway any and all advice/workarounds would be welcome I have till 8am est tomorrow to try and figure this out.

Best Regards,
John
0
Comment
Question by:Pe12f3cT_d12uG
  • 6
  • 5
11 Comments
 
LVL 11

Assisted Solution

by:TreyH
TreyH earned 500 total points
ID: 24035618
Don't you love it when they deal you this crap.. :)
I can't think of anyway to do it - I think you're stuffed. Only way I can think of would be to change the IP on the Deltacomm router. Even if you could change the IP, you would still probably run into some gateway issues. You would have to place some static routes on any devices that the satellite office wanted to access otherwise their return traffic would be sent out the Juniper (just guessing ,not knowing your network layout)
0
 

Author Comment

by:Pe12f3cT_d12uG
ID: 24042093
Trey,

Thank you for the response.  Hmm so adding the connection to the current network does not look promising eh?  Well let me ask you this then.  Today deltacomm turned up the INET T1 at the Corporate office, would it be possible without too much trouble to grant access to the Internet at the satellite office so that they could just use netscreen to VPN in to our current network over the Internet?  I do not have any "real" hardware left here at the office, only thing I could scrounge up would be a Linksys Router and a Netgear Switch.  I know adding a raw INET connection to that internal network would not be best practice but my boss is willing to risk it.

Best Regards,
John
0
 

Author Comment

by:Pe12f3cT_d12uG
ID: 24042222
Forgot to post deltacomm's equipment.

DATA T1  ~ADTRAN Total Access 904

INET T1     ~ADTRAN  600R has
0
 
LVL 11

Expert Comment

by:TreyH
ID: 24050626
Not sure not knowing your exact layout. The satellite office should be able to VPN in as long as it's peer is the Juniper firewall at the Corp office.  You could use your Linksys router to put behind the satellite office router just to have some firewall protection.
0
 

Author Comment

by:Pe12f3cT_d12uG
ID: 24051679
TreyH,

Thank you again for the response.  Let me try and explain the set up I currently have and what I am trying to accomplish.  This is the current point to point setup that Deltacomm has in place.


172.16.6.0[adtran904]---t1---|
                                              | ===t1===|[adtran904]172.16.1.0          90.x.x.x[adtran600r]|-----INTERNET
172.16.8.0[adtran904]---t1---|

The x.x.6.0 and x.x.8.0 are remote locations connected to the Corp x.x.1.0 location via point to point T1s.  Each location has a ADTRAN 904 router configured by Deltacomm.  The 90.x.x.x is the Internet T1 also located at the corporate office.  There is a data cable running between the 600r and the 904 routers at the coporate office.  The cable connects into the NTWK port on the 600r and the NET T1/01 port on the 904, again this was also installed by Deltacomm.

My goal is to establish internet access on all of the 172.x.x.x networks, currently webpages just time out at all locations.  If I can manage get them internet access they will be able to use the EMR software by connecting via NETSCREEN VPN software to our current network, which in turn will make my boss happy and the peasants will rejoice.  I hope I have made things a bit more clear.

Best Regards,
John
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 11

Accepted Solution

by:
TreyH earned 500 total points
ID: 24052204
As long as the default routes for the routers send traffic to the 90.x.x.x router you should be able to get something working. Take the 172.16.6.0 network as an example:

(Assumes the Adtran904 has an IP of 172.16.6.1/24)
Workstation IP: 172.16.6.2
Mask: 255.255.255.0
Default Gateway: 172.16.6.1

Adtran 904 Router IP: 172.16.6.1
Mask: 255.255.255.0
Default Route: 172.16.1.x ?

Start with assigning the workstation IP and see what you can ping. Once you can ping the routers, try traceroutes to public IP's to see how the traffic is flowing - it's worth a try. As long as unknown subnet traffic tries to go out the 90.x.x.x router you're on the right track.
0
 

Author Comment

by:Pe12f3cT_d12uG
ID: 24054739
TreyH,

tracert from satellite office yields the following result.

tracert yahoo.com

1. 172.16.6.1   internal satellite adtran 904 IP
2. 10.x.x.2       external satellite adtran IP
3. 10.x.x.1       external corp adtran IP
4. 10.x.x.2
5 10.x.x.1
6. 10.x.x.2
etc.... for max number of hops.

So web traffic just seems to bounce back and forth between the two adtrans.  Not sure if this is helpful at all but I can not quite grasp what I am missing very frustrating.
0
 

Author Comment

by:Pe12f3cT_d12uG
ID: 24060251
TreyH,

There are several static routes terminating in hop 0.0.0.0
10.x.x.1 next hop 0.0.0.0
10.x.x.2 next hop 0.0.0.0
Then another static for 0.0.0.0 next hop ppp 1
These were added by deltacomm.

I know I am missing something simple, thanks again for all your help.

John
0
 
LVL 11

Expert Comment

by:TreyH
ID: 24061891
Sorry, I'm just not familiar with the Adtran units to be able to give much advice. There may not be a way to do it without temporarily changing routes on the routers. What IP did you trace route when you got the looping results?
0
 

Author Comment

by:Pe12f3cT_d12uG
ID: 24078495
Well I got it working after not hearing from Tech Support for three days I went in to the INET router deleted the 0.0.0.0 with subnet 0.0.0.0 next hop PPP 1 static route deltacomm had placed in there.  I then put in the same route 0.0.0.0 with a 0.0.0.0 subnet but next hop the Gateway I set up and it worked fine.  I am guessing both routers had next hop PPP 1 for all unknown network traffic which caused the traffic to just ping pong between the AdTrans.  I am awarding you the points Trey for at least attemping to help and give me a starting point.

Best Regards,
John
0
 
LVL 11

Expert Comment

by:TreyH
ID: 24079226
Thanks John, glad you got it working
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
Before I go to far, let's explain HA (High Availability) and why you should consider it.  High availability is the mechanism used to provide redundancy to any service at the same site and appears as a single service to the users of that service.  As…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now