Solved

Configure a T1 with Cisco RV325

Posted on 2015-01-08
11
833 Views
Last Modified: 2015-02-10
I'm having problems configuring the router Cisco RV325 with my T1 coming from an Adtran 3458 CenturyLink.
The ISP gave me the following IPA:

Internet Protocol (IP) Information:
CenturyLink Serial: 92.133.201.41/30(255.255.255.252)
Customer Serial: 92.133.201.42/30(255.255.255.252)
LAN IP Block: 92.133.31.116/29(255.255.255.248)

If I connect the Adtran to the pc, it worked without problems.
For example I used the IP address
IP 92.133.31.118
Mask: 255.255.255.248
Gateway: 92.133.31.117
The above configuration works well in a computer and I have internet access.

But when I want to configure the T1 into the Cisco RV325 and use the subnet 92.133.31.116/29 it does not work.

I set the WAN1 as following:
WAN IP:  92.133.201.42
Mask: 255.255.255.252
Gateway: 92.133.201.41

LAN IP Address:  92.133.31.117
DHCP Begin IP: 92.133.31.118
            END IP: 92.133.31.122

But I can not get access to the internet. Any help?
0
Comment
Question by:fferdinan
  • 5
  • 4
  • 2
11 Comments
 
LVL 57

Expert Comment

by:giltjr
ID: 40539372
I want to make sure I understand what you are doing.  You are taking the T1 cable out of the Adtran and connecting to the T1 module in your Cisco  RV325.

Did you get the T1 configuration parameters from Century Link?

Also, why do you want to use your own device instead of what Century Link provided?
0
 

Author Comment

by:fferdinan
ID: 40539768
You did not understand me, I'm using all devices provided by Century Link. I'm trying to connect the Adtran router (from Century link) with my Cisco RV325.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 40539990
O.K. I see your  problem, you are a bit confused as to what you need to do.   Here is the info they gave you:

Internet Protocol (IP) Information:
CenturyLink Serial: 92.133.201.41/30(255.255.255.252)
Customer Serial: 92.133.201.42/30(255.255.255.252)
LAN IP Block: 92.133.31.116/29(255.255.255.248)

Here is what it is telling you:

The IP address 92.133.201.41 is the address of the serial link of their equipment located at THEIR site.
The IP address 92.133.201.42 is the address of the serial link of the Adtran at your office.

The serial connection is between equipment at CenturyLink's POP and the Adtran at your location.
 
You will not be using the T1 port on the RV325 for anything.

You do connect on of the RV325's WAN ports to the Ethernet port on the Adtran.  Then configure the RV325 to use on of the IP addresses in the 92.133.31.116/29 range.   This gives you 6 useable IP address.

RV325 WAN 92.133.31.18 <---> 92.133.31.117  Eth.  - Adtran - Serial 92.133.201.42 <-- T1 --> 92.133.201.41 Centrylink office
0
 
LVL 14

Expert Comment

by:Otto_N
ID: 40540054
@fferdinan

I agree with @giltjr: I assume that the IP addresses you provided (Serial: 92.133.201.41 & 42, and LAN: 92.133.31.116/29) were provided for the current Adtran set-up, and that the Serial IP addresses are actually configured on the T1 interface of the Adtran, and that they cannot be used on the RV325 again.

To configure @giltjr's proposal, in my view, you have two options:

1. Use transparent bridging

Setting the WAN port to "transparent bridging" will allow your computers to use the same address settings than when they were connected directly to the Adtran - All your computers will use the 92.133.31.116/29 subnet, including the RV325 WAN port.  But I suspect that it might limit the security options that you can implement with the RV325.

2. Use a private subnet and NAT

The second option is to configure the WAN port for Static IP, with an IP address from the 92.133.31.116/29 subnet (Subnet Mask: 255.255.255.248, Default gateway: 92.133.31.117), and configure a second, private address range for the devices connecting to the RV325.  You can then set-up NAT and DHCP to assign IP addresses for internal users and allow connectivity for outbound traffic, and one-to-one NAT or port triggering for services you wish to be accessible from the Internet - these are all dependent on your actual requirements.

If you can be a bit more specific of what you want to do with the connectivity (do you just need access from your devices to the Internet, or do you host your own website or some service that you might want to access from, say, your mobile phone when away from home), we should be able to better advise you on which option to use, and how to implement that option.

Just for reference: Here's a link to the Cisco RV320/RV325 Administration Guide, but if you're not familiar with the networking options, it may be a daunting read...
0
 

Author Comment

by:fferdinan
ID: 40541220
@giltjr
RV325 WAN 92.133.31.18 <---> 92.133.31.117  Eth.  - Adtran - Serial 92.133.201.42 <-- T1 --> 92.133.201.41 Centrylink office

I tried this configuration, the problem is in the RV325 you have to configure a WAN and LAN
How will be the configuration for WAN
IP:  92.133.31.118
Mask:  255.255.255.248
Gateway 92.133.31.117

ok Now how will be the LAN Configuration and the LAN IP Address for the RV325? That is problem, considering I do not want to use a private address, I want to use the subnet of public address I received.
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 

Author Comment

by:fferdinan
ID: 40541222
@Otto_N
The first option I do not how to configure this in the RV325 even I do not if the RV325 allow this feature.
In the second option I will be using only 1 public IP Address when I have 5 public IP Address.
I do not want to use a VLAN with private address I want to use the public address I received.
0
 

Author Comment

by:fferdinan
ID: 40541229
I want to use this configuration to hosting Web Server and Exchange Server, so that is because I need the public address.
0
 

Author Comment

by:fferdinan
ID: 40541254
@Otto_N
In your first solution, how the RV325 LAN must be configured if I'm using the WAN with Transparent Bridge.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 40541599
If you are not going to use NAT or the firewall feature of the RV325, the instead of using the WAN port use one of the LAN ports.  Connect all the hosts to LAN ports and give them public IP addresses.
0
 
LVL 57

Accepted Solution

by:
giltjr earned 500 total points
ID: 40541601
Now, if you want to use the NAT and firewall features, then get a cheap 5 or 8 port switch.  Connet the Adtran, WAN port of the RV325, and any host you want to give public IP address to this switch.  

Connect any computers you want to protect with the RV325' firewall to the LAN ports.  

However, I personally would not connect a web server or Exchange server directly to the Internet.  I would always put them behind a firewall and NAT.
0
 
LVL 14

Expert Comment

by:Otto_N
ID: 40543815
@fferdinan

To configure transparent bridging, you select it under "WAN Connection Type" for WAN1 or WAN2.  From the RV325 Administration Guide:
To configure WAN Connection Settings, select a WAN interface and click Edit.  WAN Connection Settings appears.  Select the WAN Connection Type from the menu and modify the related parameters.
Once you've chosen "Transparent Bridge (IPv4)", you must specify a WAN IP address (92.133.31.118), Subnet Mask (255.255.255.248), Default Gateway (92.133.31.117), DNS Server (I assume 92.133.31.117) and Internal LAN IP address range, as mentioned on page 23 of the Administration Guide (Sidenote: I think your subnet assignment is not entirely correct -  92.133.31.116/29 is part of the 92.133.31.112/29 subnet, with available IP's from .113 to .118).

However, as @giltjr said, this is not a good idea.  Rather implement the WAN with a static IP (p. 20 of the Admin Guide), a private address space on the LAN with NAT, and configure one-to-one NAT (p. 38 of the Admin Guide) for the specific servers and services you wish to expose to the Internet - The one-to-one NAT will link a public address (that was assigned by your service provider) to a private address.  Users from the outside will use the public address, while the RV325 will translate that to the configured private address.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Transparency shows that a company is the kind of business that it wants people to think it is.
The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now