ESD101
asked on
CIsco Point to Point T1 Issues
I am having some trouble with a point to point t1. From the main location I can get to the remote location. But from the remote location I am unable to get to the main location.
Main (10.10.0.0/20) <---> PTP (192.168.10.1<>192.168.10. 2) <---> Remote (10.10.6.0/24)
The Main Router is a Cisco 2811 and the Remote Router is a Cisco 1841
Any help is greatly appreciated.
Thanks
Main Router Config
Current configuration : 1588 bytes
!
! Last configuration change at 16:35:16 UTC Fri Mar 4 2011 by esd101
! NVRAM config last updated at 16:21:31 UTC Fri Mar 4 2011 by esd101
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname MainRouter
!
boot-start-marker
boot-end-marker
!
no logging console
enable secret 5 password
!
no aaa new-model
dot11 syslog
!
ip cef
!
ip domain name domain.net
!
multilink bundle-name authenticated
!
username user privilege 15 secret 5 password
!
interface FastEthernet0/0
ip address 10.10.3.1 255.255.240.0
ip nbar protocol-discovery
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0/0
description Your WAN Interface to the Internet running at 1544
bandwidth 1544
ip address 192.168.10.1 255.255.255.0
encapsulation ppp
!
ip default-gateway 10.10.2.2
no ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 10.10.2.2
ip route 10.10.6.0 255.255.255.0 192.168.10.2
ip route 192.168.10.2 255.255.255.255 10.10.2.2
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
!
snmp-server community public RW
snmp-server host 10.10.10.80 a
!
control-plane
!
line con 0
login local
line aux 0
exec-timeout 0 0
transport preferred none
transport output none
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
ntp clock-period 17178528
ntp server 131.107.13.100
!
end
Remote Router Config
Current configuration : 4068 bytes
!
! Last configuration change at 09:22:09 pst Wed Mar 2 2011 by User
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname RemoteRouter
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
enable secret 5 password
!
aaa new-model
!
aaa authentication login default local
aaa authorization exec default local
!
aaa session-id common
clock timezone pst -8
clock summer-time cdt recurring
ip cef
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.6.1 10.10.6.49
ip dhcp excluded-address 10.10.6.100 10.10.6.130
ip dhcp excluded-address 10.10.6.200 10.10.6.254
!
ip dhcp pool Remote
network 10.10.6.0 255.255.255.0
domain-name domain.net
dns-server 10.10.6.2 10.10.10.20
default-router 10.10.6.1
netbios-name-server 10.10.6.2
lease 100
!
ip flow-cache timeout active 1
ip domain name domain.net
ip name-server 10.10.10.20
!
username user privilege 15 secret 5 password
!
interface FastEthernet0/0
description connected to EthernetLAN$ETH-LAN$
ip address 10.10.6.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
description $ES_LAN$
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0/0
description Your WAN Interface to the Internet running at 1544
bandwidth 1544
ip address 192.168.10.2 255.255.255.0
ip nbar protocol-discovery
ip flow ingress
ip flow egress
encapsulation ppp
service-module t1 remote-alarm-enable
!
no ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 192.168.10.1
ip flow-export source FastEthernet0/0
ip flow-export version 9
ip flow-export destination 10.10.10.155 9996
ip flow-top-talkers
top 5
sort-by bytes
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
access-list 23 permit 10.10.10.0 0.0.0.7
access-list 23 permit 10.10.0.0 0.0.255.255
snmp-server community public RW
snmp-server host 10.10.10.80 a
!
control-plane
!
banner motd ^C^C
!
line con 0
line aux 0
line vty 0 4
login authentication local
transport input ssh
line vty 5 15
transport input none
!
scheduler allocate 20000 1000
ntp clock-period 17178412
ntp server 131.107.13.100
end
Main (10.10.0.0/20) <---> PTP (192.168.10.1<>192.168.10.
The Main Router is a Cisco 2811 and the Remote Router is a Cisco 1841
Any help is greatly appreciated.
Thanks
Main Router Config
Current configuration : 1588 bytes
!
! Last configuration change at 16:35:16 UTC Fri Mar 4 2011 by esd101
! NVRAM config last updated at 16:21:31 UTC Fri Mar 4 2011 by esd101
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname MainRouter
!
boot-start-marker
boot-end-marker
!
no logging console
enable secret 5 password
!
no aaa new-model
dot11 syslog
!
ip cef
!
ip domain name domain.net
!
multilink bundle-name authenticated
!
username user privilege 15 secret 5 password
!
interface FastEthernet0/0
ip address 10.10.3.1 255.255.240.0
ip nbar protocol-discovery
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0/0
description Your WAN Interface to the Internet running at 1544
bandwidth 1544
ip address 192.168.10.1 255.255.255.0
encapsulation ppp
!
ip default-gateway 10.10.2.2
no ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 10.10.2.2
ip route 10.10.6.0 255.255.255.0 192.168.10.2
ip route 192.168.10.2 255.255.255.255 10.10.2.2
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
!
snmp-server community public RW
snmp-server host 10.10.10.80 a
!
control-plane
!
line con 0
login local
line aux 0
exec-timeout 0 0
transport preferred none
transport output none
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
ntp clock-period 17178528
ntp server 131.107.13.100
!
end
Remote Router Config
Current configuration : 4068 bytes
!
! Last configuration change at 09:22:09 pst Wed Mar 2 2011 by User
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname RemoteRouter
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
enable secret 5 password
!
aaa new-model
!
aaa authentication login default local
aaa authorization exec default local
!
aaa session-id common
clock timezone pst -8
clock summer-time cdt recurring
ip cef
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.6.1 10.10.6.49
ip dhcp excluded-address 10.10.6.100 10.10.6.130
ip dhcp excluded-address 10.10.6.200 10.10.6.254
!
ip dhcp pool Remote
network 10.10.6.0 255.255.255.0
domain-name domain.net
dns-server 10.10.6.2 10.10.10.20
default-router 10.10.6.1
netbios-name-server 10.10.6.2
lease 100
!
ip flow-cache timeout active 1
ip domain name domain.net
ip name-server 10.10.10.20
!
username user privilege 15 secret 5 password
!
interface FastEthernet0/0
description connected to EthernetLAN$ETH-LAN$
ip address 10.10.6.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
description $ES_LAN$
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0/0
description Your WAN Interface to the Internet running at 1544
bandwidth 1544
ip address 192.168.10.2 255.255.255.0
ip nbar protocol-discovery
ip flow ingress
ip flow egress
encapsulation ppp
service-module t1 remote-alarm-enable
!
no ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 192.168.10.1
ip flow-export source FastEthernet0/0
ip flow-export version 9
ip flow-export destination 10.10.10.155 9996
ip flow-top-talkers
top 5
sort-by bytes
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
access-list 23 permit 10.10.10.0 0.0.0.7
access-list 23 permit 10.10.0.0 0.0.255.255
snmp-server community public RW
snmp-server host 10.10.10.80 a
!
control-plane
!
banner motd ^C^C
!
line con 0
line aux 0
line vty 0 4
login authentication local
transport input ssh
line vty 5 15
transport input none
!
scheduler allocate 20000 1000
ntp clock-period 17178412
ntp server 131.107.13.100
end
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Adding that route is incorrect.
The problem is that 10.10.3.0/20 (10.10.0.0-10.10.15.255) on the main router overlaps with 10.10.6.0/24 (10.10.6.0-10.10.6.255) on the remote router. It seems like your can contact the remote subnet, but there's actually something responding to those IPs on the LAN connected to main's Fa0/0.
Move the remote routers Fa0/0 IP outside of main's subnet and everything should work fine.
The problem is that 10.10.3.0/20 (10.10.0.0-10.10.15.255) on the main router overlaps with 10.10.6.0/24 (10.10.6.0-10.10.6.255) on the remote router. It seems like your can contact the remote subnet, but there's actually something responding to those IPs on the LAN connected to main's Fa0/0.
Move the remote routers Fa0/0 IP outside of main's subnet and everything should work fine.
ASKER
What do you mean by this and how would you bridge a PTP T1
If you are not bridging
You would change the interfaces from layer 3 (routing) to layer 2 (bridging).
I really wouldn't recommend it unless you really need it.
The problem is that 10.10.6.0/24 is part of 10.10.0.0/20. Change your remote IPs to 10.10.16.0/24. Specify the appropriate route statements and you should be fine.
I really wouldn't recommend it unless you really need it.
The problem is that 10.10.6.0/24 is part of 10.10.0.0/20. Change your remote IPs to 10.10.16.0/24. Specify the appropriate route statements and you should be fine.
ASKER
With this T1 we are upgrading the MainRouter from a 2611 to the 2811. The only reason I am adding this is that it works currently and now that you have explained it I am trying to understand why.
Building configuration...
Current configuration : 2613 bytes
!
! Last configuration change at 15:41:13 UTC Fri Mar 4 2011 by esd101
! NVRAM config last updated at 15:41:32 UTC Fri Mar 4 2011 by esd101
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname MainRouter
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
enable secret 5 password
!
memory-size iomem 10
no aaa new-model
ip subnet-zero
ip cef
!
!
ip nbar port-map custom-02 udp 1300 1718 1719 1720 11720
ip nbar port-map custom-02 tcp 1300 1718 1719 1720 11000 11999
ip nbar port-map custom-01 udp 5060
ip nbar port-map custom-01 tcp 5060
ip domain name domain.net
!
ip audit po max-events 100
!
!
!
!
!
!
!
!
!
!
!
!
username user privilege 15 secret 5 password
!
!
!
class-map match-any WebEmail
match protocol http
match protocol secure-http
match protocol smtp
match protocol pop3
match protocol imap
match protocol citrix
match protocol dns
class-map match-any VoIP
match protocol rtp
match protocol custom-10
match protocol custom-01
match protocol custom-02
match protocol rtspplayer
!
!
!
!
!
!
!
!
interface Ethernet0/0
ip address 10.10.3.1 255.255.240.0
ip nbar protocol-discovery
half-duplex
!
interface Serial0/0
ip address 192.168.10.1 255.255.255.0
encapsulation ppp
!
interface Ethernet0/1
no ip address
shutdown
half-duplex
!
interface Serial0/1
no ip address
shutdown
!
interface Ethernet1/0
no ip address
shutdown
half-duplex
!
interface Ethernet1/1
no ip address
shutdown
half-duplex
!
interface Ethernet1/2
no ip address
shutdown
half-duplex
!
interface Ethernet1/3
no ip address
shutdown
half-duplex
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip classless
ip route 0.0.0.0 0.0.0.0 10.10.2.2
ip route 10.10.6.0 255.255.255.0 192.168.10.2
!
!
access-list 23 permit 10.10.0.0 0.0.255.255
!
snmp-server community public RW
snmp-server host 10.10.10.80 a
!
!
!
!
!
line con 0
login local
line aux 0
exec-timeout 0 0
modem InOut
transport preferred none
transport input all
transport output all
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
ntp clock-period 17178378
ntp server 131.107.13.100
!
end
Building configuration...
Current configuration : 2613 bytes
!
! Last configuration change at 15:41:13 UTC Fri Mar 4 2011 by esd101
! NVRAM config last updated at 15:41:32 UTC Fri Mar 4 2011 by esd101
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname MainRouter
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
enable secret 5 password
!
memory-size iomem 10
no aaa new-model
ip subnet-zero
ip cef
!
!
ip nbar port-map custom-02 udp 1300 1718 1719 1720 11720
ip nbar port-map custom-02 tcp 1300 1718 1719 1720 11000 11999
ip nbar port-map custom-01 udp 5060
ip nbar port-map custom-01 tcp 5060
ip domain name domain.net
!
ip audit po max-events 100
!
!
!
!
!
!
!
!
!
!
!
!
username user privilege 15 secret 5 password
!
!
!
class-map match-any WebEmail
match protocol http
match protocol secure-http
match protocol smtp
match protocol pop3
match protocol imap
match protocol citrix
match protocol dns
class-map match-any VoIP
match protocol rtp
match protocol custom-10
match protocol custom-01
match protocol custom-02
match protocol rtspplayer
!
!
!
!
!
!
!
!
interface Ethernet0/0
ip address 10.10.3.1 255.255.240.0
ip nbar protocol-discovery
half-duplex
!
interface Serial0/0
ip address 192.168.10.1 255.255.255.0
encapsulation ppp
!
interface Ethernet0/1
no ip address
shutdown
half-duplex
!
interface Serial0/1
no ip address
shutdown
!
interface Ethernet1/0
no ip address
shutdown
half-duplex
!
interface Ethernet1/1
no ip address
shutdown
half-duplex
!
interface Ethernet1/2
no ip address
shutdown
half-duplex
!
interface Ethernet1/3
no ip address
shutdown
half-duplex
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip classless
ip route 0.0.0.0 0.0.0.0 10.10.2.2
ip route 10.10.6.0 255.255.255.0 192.168.10.2
!
!
access-list 23 permit 10.10.0.0 0.0.255.255
!
snmp-server community public RW
snmp-server host 10.10.10.80 a
!
!
!
!
!
line con 0
login local
line aux 0
exec-timeout 0 0
modem InOut
transport preferred none
transport input all
transport output all
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
ntp clock-period 17178378
ntp server 131.107.13.100
!
end
It works because of the static route:
ip route 10.10.6.0 255.255.255.0 192.168.10.2
ip route 10.10.6.0 255.255.255.0 192.168.10.2
for the fix, add the following line to remote router
ip route 10.10.0.0 255.255.0.0 192.168.10.1
may be also
ip classless
sincerely