crewguy210
asked on
GRE tunnel over 1811 vs 2811 - does it work the same?
I have a GRE tunnel on a 1811 and it doesn't seem to work with the same configuration as the 2811 I was using previously. The 1811 has an ISDN interface and a switch but I don't see how this would make a difference. The tunnel forms properly, as it should, and I'm able to NAT to the outside world but the nets on the other side of the tunnel all I'm able to do is ping which has higher than usual latency or send clear text in a telnet session - beyond that it's too slow to do anything.
I'm using (C181X-ADVIPSERVICESK9-M),
Any help would be greatly appreciated!
I'm using (C181X-ADVIPSERVICESK9-M),
Any help would be greatly appreciated!
Nayyar HH (CCIE RS)
Can you post config please?
ASKER
Running config - thnaks!
!
version 12.4
!
<omit>
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.212.1 192.168.212.10
!
ip dhcp pool 212Pool
network 192.168.212.0 255.255.255.0
default-router 192.168.212.1
dns-server 172.25.10.21
domain-name mike
!
!
!
multilink bundle-name authenticated
!
!
archive
log config
hidekeys
!
!
!
!
!
interface Tunnel0
ip address 172.20.255.4 255.255.255.0
no ip redirects
ip mtu 1400
ip nhrp authentication *****
ip nhrp map multicast dynamic
ip nhrp map 172.20.255.1 *.69.72.105
ip nhrp network-id 17225
ip nhrp nhs 172.20.255.1
ip nhrp cache non-authoritative
load-interval 30
tunnel source FastEthernet0
tunnel mode gre multipoint
tunnel key ***
!
interface FastEthernet0
ip address *.173.66.235 255.255.255.248
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet1
ip address 192.168.212.1 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
!
interface FastEthernet9
!
interface Vlan1
no ip address
!
ip route 0.0.0.0 0.0.0.0 *.173.66.233
ip route 10.20.30.0 255.255.255.0 Tunnel0
ip route 172.25.0.0 255.255.0.0 Tunnel0
ip route 172.26.0.0 255.255.0.0 Tunnel0
ip route 192.168.100.0 255.255.255.0 Tunnel0
ip route 192.168.125.0 255.255.255.0 Tunnel0
ip route 192.168.126.0 255.255.255.0 Tunnel0
!
!
no ip http server
no ip http secure-server
ip nat inside source list NAT_Traffic interface FastEthernet0 overload
!
ip access-list extended NAT_Traffic
deny ip 192.168.212.0 0.0.0.255 172.25.0.0 0.0.255.255
deny ip 192.168.212.0 0.0.0.255 172.26.0.0 0.0.255.255
permit ip 192.168.212.0 0.0.0.255 any
!
access-list 1 permit 172.25.255.25
access-list 1 permit 192.168.212.0 0.0.0.255
!
!
!
!
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
password 7 14021D0D04557A7A726279
login
!
!
webvpn cef
end
Mike1811#
!
version 12.4
!
<omit>
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.212.1 192.168.212.10
!
ip dhcp pool 212Pool
network 192.168.212.0 255.255.255.0
default-router 192.168.212.1
dns-server 172.25.10.21
domain-name mike
!
!
!
multilink bundle-name authenticated
!
!
archive
log config
hidekeys
!
!
!
!
!
interface Tunnel0
ip address 172.20.255.4 255.255.255.0
no ip redirects
ip mtu 1400
ip nhrp authentication *****
ip nhrp map multicast dynamic
ip nhrp map 172.20.255.1 *.69.72.105
ip nhrp network-id 17225
ip nhrp nhs 172.20.255.1
ip nhrp cache non-authoritative
load-interval 30
tunnel source FastEthernet0
tunnel mode gre multipoint
tunnel key ***
!
interface FastEthernet0
ip address *.173.66.235 255.255.255.248
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet1
ip address 192.168.212.1 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
!
interface FastEthernet9
!
interface Vlan1
no ip address
!
ip route 0.0.0.0 0.0.0.0 *.173.66.233
ip route 10.20.30.0 255.255.255.0 Tunnel0
ip route 172.25.0.0 255.255.0.0 Tunnel0
ip route 172.26.0.0 255.255.0.0 Tunnel0
ip route 192.168.100.0 255.255.255.0 Tunnel0
ip route 192.168.125.0 255.255.255.0 Tunnel0
ip route 192.168.126.0 255.255.255.0 Tunnel0
!
!
no ip http server
no ip http secure-server
ip nat inside source list NAT_Traffic interface FastEthernet0 overload
!
ip access-list extended NAT_Traffic
deny ip 192.168.212.0 0.0.0.255 172.25.0.0 0.0.255.255
deny ip 192.168.212.0 0.0.0.255 172.26.0.0 0.0.255.255
permit ip 192.168.212.0 0.0.0.255 any
!
access-list 1 permit 172.25.255.25
access-list 1 permit 192.168.212.0 0.0.0.255
!
!
!
!
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
password 7 14021D0D04557A7A726279
login
!
!
webvpn cef
end
Mike1811#
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.