Solved

point to point router configuration

Posted on 2011-09-26
4
288 Views
Last Modified: 2012-05-12
i have a few questions about a two site point to point setup.

background
i have two sites: site A - flat network - 172.17.x.x/18 - where the default gateway is the firewall.  site B - flat network - 172.16.x.x/18 - where the default gateway is the firewall.  we currently have a point to point t1 line in place, but it has been giving us problems.  it is a true T1 and was installed four years ago, so the equipment is aging - hence my post... i need to replace the routers on each end and verizon has not been very helpful with pertinent information regarding the circuit.

currently the point to point routers are configured with lan addresses on the inside and are plugged into the network (ex site A - has internal address 172.17.1.1, site B has internal address 172.16.1.1) and we manage the route through our firewall (routes on either end pointing traffic from one subnet to the next through the lan router address, but are tied to the default lan interface on the gateway).

my questions are:
is this the most effective setup?  i want to know if it would be better to configure the routers to be directly connected to our firewall/gateway and manage the route through the firewall interface (as opposed to the lan address and interface).  if so how should the addressing scheme look?

since this is a closed circuit, do i need ip information from my isp?  or can i make up arbitrary addresses on the same subnet on each end?

i have two cisco 1700 routers each with a csu/dsu card in it.  i'm pretty sure i need the csu/dsu cards to capture traffic on the point to point, but what is the right way to configure the wan(csu/dsu) interface and the lan interface?
0
Comment
Question by:jhaff
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 26

Expert Comment

by:Fred Marshall
ID: 36634551
It seems to me that this is a very reasonable topology.  I'm using exactly the same thing between 3 sites.

If it's a private link provided by the ISP - which may be called MPLS technology or a VLAN or .... then, at least in my case, the inter-office subnet is whatever you want.

So, I have
10.1.1.0 / 24
10.1.2.0 /24
10.1.3.0 /24
on the LAN sides.

There is an RV042 router at each side to interface to the links.
The inter-office subnet is:
192.168.223.0 /24

The respective RV042 addresses are:
192.168.223.1
192.168.223.2
192.168.223.3

Because these are not only inter-site links but also are internet links for two of the sites, the main site (with internet gateway) has the RV042 WAN pointing INTO the LAN and the LAN on the interoffice side.
At the other two sites, the RV042 LAN is on the site LAN and the RV042 WAN is on the interoffice side.

The only caution is that the firewalls may have stateful packet inspection on the LAN packets - which will block traffic from site to site.  This has to be turned off.
The RV042s are working in Router mode - no NAT.
0
 

Accepted Solution

by:
jhaff earned 0 total points
ID: 36718484
thanks for the response.  in my scenario each site also has its own internet connection.  i only want inter-site traffic to flow across the point to point.  

can i set it up like this:

inter-office subnet: 10.10.10.1/24 (site A) ------ 10.10.10.2/24 (Site B)

firewall interface address: 192.168.0.100 (site A) and 192.168.0.101 (site B)

then routes setup on each firewall that direct traffic from Site A to Site B through the P2P firewall interface address on firewall A, and vice versa, Site B to Site A through P2P firewall interface address on firewall B.

Or should the P2P routers just be plugged into the existing subnet (172.17.x.x at Site A and 172.16.x.x at Site B) and the route directs traffic to that internal lan address?

thanks!
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 37068349
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Show IP BGP Information 10 47
Isolated network on ESXi 6.5 8 54
Cisco SPA525G2 - Stuck on Cisco Screen 3 20
Objects in Cisco ASA 2 5
Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question