• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 455
  • Last Modified:

How do I configer cisco router ipvpn to my network?

I have 2 office first one called DMAM (head office) 172.16.X.X and second one is RATA (store office) 172.28.X.X with IPVPN so I call one company provide the IPVPN and that company they arrange the media in both side they give me a UTP cable and they say to me you should have router Cisco 2801 for etch office and they give me the conf. for the routers I already purchase the routers, before 2 days they send Email that say the link is live  
 
DMAM Circuit
---------------- CODE ---------------------
interface Ethernet0/0.208
encapsulation dot1Q 208
ip address 172.31.106.206 255.255.255.252
no shutdown
!
router bgp 65360
neighbor 172.31.106.205 remote-as 65000
no auto-summary
----------------------------------------------
RATA Circuit
---------------- CODE ---------------------
interface Ethernet0/0
ip address 172.31.106.130 255.255.255.252
no shutdown
!
router bgp 65360
neighbor 172.31.106.129 remote-as 65000
no auto-summary
----------------------------------------------
I add the command exactly then I found many problems.
DMAM Circuit what the configuration for interface Ethernet0/1?
I try to configure interface Ethernet0/1 like that

interface Ethernet0/1
ip address 172.16.5.1 255.255.0.0
no shutdown

but when I connect interface Ethernet0/1 to my network I cannot ping interface Ethernet0/1 or interface Ethernet0/0
0
AymanDasa
Asked:
AymanDasa
  • 8
  • 4
  • 2
  • +1
4 Solutions
 
DTAHARLEVCommented:
well, start by getting the interface connected to the network and be able to ping it; once you have that, just add "ip routing" and add both networks (network 172.16.106.130 and network 172.16.106.206)
0
 
AymanDasaAuthor Commented:
Dear DTAHARLEV

what is the command ?
0
 
DTAHARLEVCommented:
DMAM:

(config)#ip routing
(config)#ip route 172.31.106.128 255.255.255.252 172.31.106.205
(config)#router rip
(config-router)#network 172.31.106.128
(config-router)#network 172.16.5.0
(config-router)#exit

And the same thing on the other side. I don't have the subnets written in front of me, so i may have some typos there, but the general idea is:

configure DMAM to have a static route to the RATA network (172.16.5.0)
configure RATA to have a static route to the DMAM network.
enable routing (you can just use RIP)
add all three subnets (DMAM, RATA, internal RATA.)

But perhaps you can send a show run printout? I think i have this a bit mixed up.
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
AymanDasaAuthor Commented:

DMAM10-DMAM10-IP127#show run
Building configuration...
 
Current configuration : 825 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname DMAM10-DMAM10-IP127
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip cef
!
!
!
!
multilink bundle-name authenticated
!
!
!         
archive   
 log config
  hidekeys
!         
!         
!         
!         
!         
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
!         
interface FastEthernet0/0.208
 encapsulation dot1Q 208
 ip address 172.31.106.206 255.255.255.252
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
router bgp 65360
 no synchronization
 bgp log-neighbor-changes
 neighbor 172.31.106.205 remote-as 65000
 no auto-summary
!
ip forward-protocol nd
!
!
no ip http server
!
!
!
control-plane
!         
!         
line con 0
line aux 0
line vty 0 4
 login    
!         
scheduler allocate 20000 1000
end

Open in new window

0
 
lrmooreCommented:
DMAM10-DMAM10-IP127>enable
Password:
DMAM10-DMAM10-IP127#
DMAM10-DMAM10-IP127#config term
DMAM10-DMAM10-IP127(config)#interface fast 0/1
DMAM10-DMAM10-IP127(config-if)#ip address 172.16.5.1 255.255.0.0
DMAM10-DMAM10-IP127(config-if)#no shutdown
DMAM10-DMAM10-IP127(config-if)#end
DMAM10-DMAM10-IP127#write mem
[OK]
DMAM10-DMAM10-IP127#sho ip interface brief
<post results>

DMAM10-DMAM10-IP127#sho ip route
<post results>

.
0
 
AymanDasaAuthor Commented:


DMAM10-DMAM10-IP127#show ip interface brief                                     
Interface                  IP-Address      OK? Method Status                Prol
FastEthernet0/0            unassigned      YES NVRAM  up                    dow 
FastEthernet0/0.208        172.31.106.206  YES NVRAM  up                    dow 
FastEthernet0/1            172.16.5.1      YES manual up                    dow 
DMAM10-DMAM10-IP127#
DMAM10-DMAM10-IP127#show ip route                                               
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP                  
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area           
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2           
       E1 - OSPF external type 1, E2 - OSPF external type 2                     
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2    
       ia - IS-IS inter area, * - candidate default, U - per-user static route  
       o - ODR, P - periodic downloaded static route                            
                                                                                
Gateway of last resort is not set     

Open in new window

0
 
Don JohnstonInstructorCommented:
Something is not quite right here:

On the DMAM side, they're having you configure an 802.1q trunk, but only on the DMAM side and there's only one VLAN. If there's only one VLAN, there's no need for 802.1q.

I would check with your provider and confirm those settings.

On the RATA side, is the interface up/up? Can you ping 172.31.106.129?


0
 
AymanDasaAuthor Commented:
Dear donjohnston
Thanks for replay

I think its correct because the technician say that " DMAM circuit is WiMax one to many but RATA is coper circuit so its one to one " 

I already send email to provider to make shore the conf. is OK

RATA is very far location around 1490 Km in desert and there is no airport in RATA I can go only by car. so that I wont to finish DMAM site completely the I will open another question for RATA.
0
 
lrmooreCommented:
All of the interfaces show up/down.
Is anything physically plugged into all the interfaces?
0
 
AymanDasaAuthor Commented:
No i just some time to test remove the cable don't wary about that
0
 
AymanDasaAuthor Commented:
Dear donjohnston

the provider they confirm that the conf. 100% correct.

 
0
 
Don JohnstonInstructorCommented:
There's no native VLAN defined. That could create an Up/Down condition.
0
 
AymanDasaAuthor Commented:
I will connect the cable from WiMAX Provider to router the from Router to switch
Current configuration : 942 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname DMAM10-DMAM10-IP127
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip cef
!
!
!
!
no ip domain lookup
multilink bundle-name authenticated
!
!         
!         
username cisco privilege 15 secret 5 $1$nclQ$RUf4tLHyJhG7YAPyzFjKK/
archive   
 log config
  hidekeys
!         
!         
!         
!         
!         
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
!
interface FastEthernet0/0.208
 encapsulation dot1Q 208
 ip address 172.31.106.206 255.255.255.252
!
interface FastEthernet0/1
 ip address 172.16.5.1 255.255.0.0
 duplex auto
 speed auto
!
router bgp 65360
 no synchronization
 bgp log-neighbor-changes
 neighbor 172.31.106.205 remote-as 65000
 no auto-summary
!
ip forward-protocol nd
!
!
no ip http server
!         
!         
!         
control-plane
!         
!         
line con 0
 login local
line aux 0
line vty 0 4
 login local
!         
scheduler allocate 20000 1000
end       
DMAM10-DMAM10-IP127#show ip interface brief 
Interface                  IP-Address      OK? Method Status                Protocol
FastEthernet0/0            unassigned      YES NVRAM  up                    up      
FastEthernet0/0.208        172.31.106.206  YES NVRAM  up                    up      
FastEthernet0/1            172.16.5.1      YES NVRAM  up                    up      
DMAM10-DMAM10-IP127#show ip route C
C    172.16.0.0/16 is directly connected, FastEthernet0/1
     172.31.0.0/30 is subnetted, 1 subnets
C       172.31.1DMAM10-DMAM10-IP127#ping  172.31.106.206 so 172.16.5.1
 
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.106.206, timeout is 2 seconds:
Packet sent with a source address of 172.16.5.1 
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
 
DMAM10-DMAM10-IP127#ping 172.16.5.1 source 172.31.106.206
 
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.5.1, timeout is 2 seconds:
Packet sent with a source address of 172.31.106.206 
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
DMAM10-DMAM10-IP127#

Open in new window

0
 
Don JohnstonInstructorCommented:
This is an improvement. :-)

Now can you ping 172.31.106.205?
0
 
AymanDasaAuthor Commented:

DMAM10-DMAM10-IP127#show ip interface brief 
Interface                  IP-Address      OK? Method Status                Protocol
FastEthernet0/0            unassigned      YES NVRAM  up                    up      
FastEthernet0/0.208        172.31.106.206  YES NVRAM  up                    up      
FastEthernet0/1            172.15.5.1      YES NVRAM  up                    up      
DMAM10-DMAM10-IP127#ping 172.31.106.205 source 172.31.106.206
 
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.106.205, timeout is 2 seconds:
Packet sent with a source address of 172.31.106.206 
.....
Success rate is 0 percent (0/5)

Open in new window

0
 
Don JohnstonInstructorCommented:
I can't think of anything else you can do with the router. You've set it up the way the provider has specified.

The only other thing you can do check with the provider and see if there's something else that needs to be done.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

  • 8
  • 4
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now