?
Solved

CIsco Point to Point T1 Issues

Posted on 2011-03-04
7
Medium Priority
?
465 Views
Last Modified: 2012-05-11
I am having some trouble with a point to point t1.  From the main location I can get to the remote location.  But from the remote location I am unable to get to the main location.

Main (10.10.0.0/20) <---> PTP (192.168.10.1<>192.168.10.2) <---> Remote (10.10.6.0/24)
The Main Router is a Cisco 2811 and the Remote Router is a Cisco 1841

Any help is greatly appreciated.

Thanks

Main Router Config

Current configuration : 1588 bytes
!
! Last configuration change at 16:35:16 UTC Fri Mar 4 2011 by esd101
! NVRAM config last updated at 16:21:31 UTC Fri Mar 4 2011 by esd101
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname MainRouter
!
boot-start-marker
boot-end-marker
!
no logging console
enable secret 5 password
!
no aaa new-model
dot11 syslog
!
ip cef
!
ip domain name domain.net
!
multilink bundle-name authenticated
!
username user privilege 15 secret 5 password
!
interface FastEthernet0/0
 ip address 10.10.3.1 255.255.240.0
 ip nbar protocol-discovery
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/0/0
 description Your WAN Interface to the Internet running at 1544
 bandwidth 1544
 ip address 192.168.10.1 255.255.255.0
 encapsulation ppp
!
ip default-gateway 10.10.2.2
no ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 10.10.2.2
ip route 10.10.6.0 255.255.255.0 192.168.10.2
ip route 192.168.10.2 255.255.255.255 10.10.2.2
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
!
snmp-server community public RW
snmp-server host 10.10.10.80 a
!
control-plane
!
line con 0
 login local
line aux 0
 exec-timeout 0 0
 transport preferred none
 transport output none
line vty 0 4
 privilege level 15
 login local
 transport input telnet ssh
!
scheduler allocate 20000 1000
ntp clock-period 17178528
ntp server 131.107.13.100
!
end


Remote Router Config

Current configuration : 4068 bytes
!
! Last configuration change at 09:22:09 pst Wed Mar 2 2011 by User
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname RemoteRouter
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
enable secret 5 password
!
aaa new-model
!
aaa authentication login default local
aaa authorization exec default local
!
aaa session-id common
clock timezone pst -8
clock summer-time cdt recurring
ip cef
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.6.1 10.10.6.49
ip dhcp excluded-address 10.10.6.100 10.10.6.130
ip dhcp excluded-address 10.10.6.200 10.10.6.254
!
ip dhcp pool Remote
   network 10.10.6.0 255.255.255.0
   domain-name domain.net
   dns-server 10.10.6.2 10.10.10.20
   default-router 10.10.6.1
   netbios-name-server 10.10.6.2
   lease 100
!
ip flow-cache timeout active 1
ip domain name domain.net
ip name-server 10.10.10.20
!
username user privilege 15 secret 5 password
!
interface FastEthernet0/0
 description connected to EthernetLAN$ETH-LAN$
 ip address 10.10.6.1 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 description $ES_LAN$
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/0/0
 description Your WAN Interface to the Internet running at 1544
 bandwidth 1544
 ip address 192.168.10.2 255.255.255.0
 ip nbar protocol-discovery
 ip flow ingress
 ip flow egress
 encapsulation ppp
 service-module t1 remote-alarm-enable
!
no ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 192.168.10.1
ip flow-export source FastEthernet0/0
ip flow-export version 9
ip flow-export destination 10.10.10.155 9996
ip flow-top-talkers
 top 5
 sort-by bytes
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
access-list 23 permit 10.10.10.0 0.0.0.7
access-list 23 permit 10.10.0.0 0.0.255.255
snmp-server community public RW
snmp-server host 10.10.10.80 a
!
control-plane
!
banner motd ^C^C
!
line con 0
line aux 0
line vty 0 4
 login authentication local
 transport input ssh
line vty 5 15
 transport input none
!
scheduler allocate 20000 1000
ntp clock-period 17178412
ntp server 131.107.13.100
end
0
Comment
Question by:ESD101
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 2

Expert Comment

by:mwblsz
ID: 35038179
on cisco router, default the ip address is considered classful, since 10.x.x.x is a A class, thus there will be one entry in the routing table for the whole 10.x.x.x network by default.
for the fix, add the following line to remote router

ip route 10.10.0.0 255.255.0.0 192.168.10.1

may be also

ip classless

sincerely

0
 
LVL 29

Accepted Solution

by:
Jan Springer earned 2000 total points
ID: 35038737
There is no such thing as "classful" routing.  We've been CIDR for too many years to count (though yes, on some older OS you have to specify 'ip classless').

You have two networks:

   10.10.0.0/20
          and
   10.10.6.0/24

The problem is that 10.10.6.0/24 is part of the larger supernet 10.10.0.0/20.  If you are not bridging, then you need to make the remote something greater than 15 (16 or larger).
0
 
LVL 5

Expert Comment

by:group0
ID: 35038808
Adding that route is incorrect.

The problem is that 10.10.3.0/20 (10.10.0.0-10.10.15.255) on the main router overlaps with 10.10.6.0/24 (10.10.6.0-10.10.6.255) on the remote router.  It seems like your can contact the remote subnet, but there's actually something responding to those IPs on the LAN connected to main's Fa0/0.

Move the remote routers Fa0/0 IP outside of main's subnet and everything should work fine.
0
Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

 

Author Comment

by:ESD101
ID: 35039154
What do you mean by this and how would you bridge a PTP T1

If you are not bridging

0
 
LVL 29

Expert Comment

by:Jan Springer
ID: 35039227
You would change the interfaces from layer 3 (routing) to layer 2 (bridging).

I really wouldn't recommend it unless you really need it.

The problem is that 10.10.6.0/24 is part of 10.10.0.0/20.  Change your remote IPs to 10.10.16.0/24.  Specify the appropriate route statements and you should be fine.
0
 

Author Comment

by:ESD101
ID: 35074625
With this T1 we are upgrading the MainRouter from a 2611 to the 2811.  The only reason I am adding this is that it works currently and now that you have explained it I am trying to understand why.

Building configuration...

Current configuration : 2613 bytes
!
! Last configuration change at 15:41:13 UTC Fri Mar 4 2011 by esd101
! NVRAM config last updated at 15:41:32 UTC Fri Mar 4 2011 by esd101
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname MainRouter
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
enable secret 5 password
!
memory-size iomem 10
no aaa new-model
ip subnet-zero
ip cef
!
!
ip nbar port-map custom-02 udp 1300 1718 1719 1720 11720
ip nbar port-map custom-02 tcp 1300 1718 1719 1720 11000 11999
ip nbar port-map custom-01 udp 5060
ip nbar port-map custom-01 tcp 5060
ip domain name domain.net
!
ip audit po max-events 100
!
!
!
!
!
!
!
!
!
!
!
!
username user privilege 15 secret 5 password
!
!
!
class-map match-any WebEmail
  match protocol http
  match protocol secure-http
  match protocol smtp
  match protocol pop3
  match protocol imap
  match protocol citrix
  match protocol dns
class-map match-any VoIP
  match protocol rtp
  match protocol custom-10
  match protocol custom-01
  match protocol custom-02
  match protocol rtspplayer
!
!
!
!
!
!
!
!
interface Ethernet0/0
 ip address 10.10.3.1 255.255.240.0
 ip nbar protocol-discovery
 half-duplex
!
interface Serial0/0
 ip address 192.168.10.1 255.255.255.0
 encapsulation ppp
!
interface Ethernet0/1
 no ip address
 shutdown
 half-duplex
!
interface Serial0/1
 no ip address
 shutdown
!
interface Ethernet1/0
 no ip address
 shutdown
 half-duplex
!
interface Ethernet1/1
 no ip address
 shutdown
 half-duplex
!
interface Ethernet1/2
 no ip address
 shutdown
 half-duplex
!
interface Ethernet1/3
 no ip address
 shutdown
 half-duplex
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip classless
ip route 0.0.0.0 0.0.0.0 10.10.2.2
ip route 10.10.6.0 255.255.255.0 192.168.10.2
!
!
access-list 23 permit 10.10.0.0 0.0.255.255
!
snmp-server community public RW
snmp-server host 10.10.10.80 a
!
!
!
!
!
line con 0
 login local
line aux 0
 exec-timeout 0 0
 modem InOut
 transport preferred none
 transport input all
 transport output all
line vty 0 4
 privilege level 15
 login local
 transport input telnet ssh
!
scheduler allocate 20000 1000
ntp clock-period 17178378
ntp server 131.107.13.100
!
end
0
 
LVL 29

Expert Comment

by:Jan Springer
ID: 35083472
It works because of the static route:

  ip route 10.10.6.0 255.255.255.0 192.168.10.2
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question