Cisco T1 configuration for T1 to Ethernet handoff for Sonicwall wan connection
I have an active, non-managed T1 connection that I've become responsible for implementing as a backup wan connection. There is a sonicwall firewall/router in place currently. There is no managed router or other device for the T1 connection at the moment, so I plan to put a spare cisco 1700 with a T1 card in to use as a "T1 to ethernet converter" of sorts. I do not believe you can accomplish this by simply bridging the T1 port and an ethernet port (please correct me if I'm wrong here), so just a basic config is needed. I have *some cisco experience, but I've never tried to configure one for this purpose, so I'm just trying to wrap my head around the config. Here's my current train of thought.
I have this IP information from my provider:
Network WAN IP: XX.XXX.167.60
Carrier WAN IP: XX.XXX.167.61
Customer WAN IP: XX.XXX.167.62
WAN SUBNET: 255.255.255.252
LAN BLOCK: YY.YYY.191.72 (this is a /30 block so I'm assuming .72 is the gateway, .73 and .74 are usable)
LAN SUBNET: 255.255.255.252
Line Coding/Framing: B8ZS/ESF (for DS1s)
Proposed config:
Patch cable from T1/DS1 to cisco WIC
Interface serial 0/0
service-module t1 clock source line
service-module t1 timeslots 1-24 speed 64
service-module t1 framing esf
service-module t1 linecode b8zs
ip address XX.XXX.167.62 255.255.255.252
encapsulation pppfair-que
no shut
interface FastEthernet 0/0
ip address YY.YYY.191.73 255.255.255.252
patch cable from Eth0/0 to Sonicwall WAN interface
Sonicwall WAN interface
IP: YY.YYY.191.74
Subnet: 255.255.255.252
Gateway YY.YYY.191.72
What else am I missing? I'm a little foggy on the carrier/wan/local IPs, as far as which goes where, so I may have that wrong or completely fubar'd. Also, I would like for the cisco to do ZERO routing or anything else, as the sonicwall will handle that. Basically, the cisco should be a bridge, so if someone could help with commands to disable that, I'd be grateful.
I have this IP information from my provider:
Network WAN IP: XX.XXX.167.60
Carrier WAN IP: XX.XXX.167.61
Customer WAN IP: XX.XXX.167.62
WAN SUBNET: 255.255.255.252
LAN BLOCK: YY.YYY.191.72 (this is a /30 block so I'm assuming .72 is the gateway, .73 and .74 are usable)
LAN SUBNET: 255.255.255.252
Line Coding/Framing: B8ZS/ESF (for DS1s)
Proposed config:
Patch cable from T1/DS1 to cisco WIC
Interface serial 0/0
service-module t1 clock source line
service-module t1 timeslots 1-24 speed 64
service-module t1 framing esf
service-module t1 linecode b8zs
ip address XX.XXX.167.62 255.255.255.252
encapsulation pppfair-que
no shut
interface FastEthernet 0/0
ip address YY.YYY.191.73 255.255.255.252
patch cable from Eth0/0 to Sonicwall WAN interface
Sonicwall WAN interface
IP: YY.YYY.191.74
Subnet: 255.255.255.252
Gateway YY.YYY.191.72
What else am I missing? I'm a little foggy on the carrier/wan/local IPs, as far as which goes where, so I may have that wrong or completely fubar'd. Also, I would like for the cisco to do ZERO routing or anything else, as the sonicwall will handle that. Basically, the cisco should be a bridge, so if someone could help with commands to disable that, I'd be grateful.
ASKER
Thank you. I believe YY.YYY.191.72 to be the gateway assigned by the ISP who is providing the T1. I am basing that on my understanding of YY.YYY.191.72/30, which is what what was given me by my ISP.
I understand that to mean .72 is the gateway, .73 and .74 are usable, and .75 is the broadcast address. I am trying to verify this with the ISP, but standard subnet rules would make the above correct.
For the default route, I should point to the network WAN IP from my carrier?
So...
(config)#ip default-network XX.XXX.167.60
?
I understand that to mean .72 is the gateway, .73 and .74 are usable, and .75 is the broadcast address. I am trying to verify this with the ISP, but standard subnet rules would make the above correct.
For the default route, I should point to the network WAN IP from my carrier?
So...
(config)#ip default-network XX.XXX.167.60
?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Okay, got it. I knew I was off somewhere on the ip setup. So the corrected config below with the IP changes.
Proposed config:
Patch cable from T1/DS1 to cisco WIC
Interface serial 0/0
service-module t1 clock source line
service-module t1 timeslots 1-24 speed 64
service-module t1 framing esf
service-module t1 linecode b8zs
ip address XX.XXX.167.62 255.255.255.252
encapsulation pppfair-que
no shut
interface FastEthernet 0/0
ip address YY.YYY.191.73 255.255.255.252
(config)#ip default-network XX.XXX.167.60
patch cable from Eth0/0 to Sonicwall WAN interface
Sonicwall WAN interface
IP: YY.YYY.191.74
Subnet: 255.255.255.252
Gateway YY.YYY.191.73
As for the sonicwall, I can configure multiple WAN interfaces independently. I currently have WAN1 configured and connected to a cable modem from a local provider, NOT the same provider that's bringing in the T1. I'm planning to configure WAN2 for the T1, which I don't believe will cause any issues. I'm very comfortable within the sonicwall so I can handle everything from there.
Agreed?
Proposed config:
Patch cable from T1/DS1 to cisco WIC
Interface serial 0/0
service-module t1 clock source line
service-module t1 timeslots 1-24 speed 64
service-module t1 framing esf
service-module t1 linecode b8zs
ip address XX.XXX.167.62 255.255.255.252
encapsulation pppfair-que
no shut
interface FastEthernet 0/0
ip address YY.YYY.191.73 255.255.255.252
(config)#ip default-network XX.XXX.167.60
patch cable from Eth0/0 to Sonicwall WAN interface
Sonicwall WAN interface
IP: YY.YYY.191.74
Subnet: 255.255.255.252
Gateway YY.YYY.191.73
As for the sonicwall, I can configure multiple WAN interfaces independently. I currently have WAN1 configured and connected to a cable modem from a local provider, NOT the same provider that's bringing in the T1. I'm planning to configure WAN2 for the T1, which I don't believe will cause any issues. I'm very comfortable within the sonicwall so I can handle everything from there.
Agreed?
That looks good. Do you host any servers that people access from the Internet, or is this just purely for outbound access to the Internet?
My questions about the primary Internet question are only relevant if you host server(s) that would need to be accessed from the Internet.
My questions about the primary Internet question are only relevant if you host server(s) that would need to be accessed from the Internet.
ASKER
No servers or anything hosted in this case so that shouldn't be an issue. Thank you very much for your time and effort. I hope to have this setup Tuesday or Wednesday of next week, and I'll report back if you're interested. Thanks again!
Now as for your configuration. Off hand the only thing I see missing is a default route pointing to the ISP's WAN address and possibly a NAT.
I am assuming the yy.yyy.191.72 address on the Sonicwall is a public IP address assigned to you by your ISP. If that ISP is not the same ISP that provide the T1, then you will need to NAT everything coming out of the Sonicwall to XX.XXX.167.62, otherwise it will never get back to you.
If you have one ISP that is providing both connections, you don't need to NAT, but you need to make sure the ISP will route the yy.yyy.191.72 back over the T1 is they see the primary connection go down.