The IT Service Excellence Tool Kit has best practices to keep your clients happy and business booming. Inside, you’ll find everything you need to increase client satisfaction and retention, become more competitive, and increase your overall success.
Cisco T1 configuration for T1 to Ethernet handoff for Sonicwall wan connection
I have an active, non-managed T1 connection that I've become responsible for implementing as a backup wan connection. There is a sonicwall firewall/router in place currently. There is no managed router or other device for the T1 connection at the moment, so I plan to put a spare cisco 1700 with a T1 card in to use as a "T1 to ethernet converter" of sorts. I do not believe you can accomplish this by simply bridging the T1 port and an ethernet port (please correct me if I'm wrong here), so just a basic config is needed. I have *some cisco experience, but I've never tried to configure one for this purpose, so I'm just trying to wrap my head around the config. Here's my current train of thought.
I have this IP information from my provider:
Network WAN IP: XX.XXX.167.60
Carrier WAN IP: XX.XXX.167.61
Customer WAN IP: XX.XXX.167.62
WAN SUBNET: 255.255.255.252
LAN BLOCK: YY.YYY.191.72 (this is a /30 block so I'm assuming .72 is the gateway, .73 and .74 are usable)
LAN SUBNET: 255.255.255.252
Line Coding/Framing: B8ZS/ESF (for DS1s)
Proposed config:
Patch cable from T1/DS1 to cisco WIC
Interface serial 0/0
service-module t1 clock source line
service-module t1 timeslots 1-24 speed 64
service-module t1 framing esf
service-module t1 linecode b8zs
ip address XX.XXX.167.62 255.255.255.252
encapsulation pppfair-que
no shut
interface FastEthernet 0/0
ip address YY.YYY.191.73 255.255.255.252
patch cable from Eth0/0 to Sonicwall WAN interface
Sonicwall WAN interface
IP: YY.YYY.191.74
Subnet: 255.255.255.252
Gateway YY.YYY.191.72
What else am I missing? I'm a little foggy on the carrier/wan/local IPs, as far as which goes where, so I may have that wrong or completely fubar'd. Also, I would like for the cisco to do ZERO routing or anything else, as the sonicwall will handle that. Basically, the cisco should be a bridge, so if someone could help with commands to disable that, I'd be grateful.
I have this IP information from my provider:
Network WAN IP: XX.XXX.167.60
Carrier WAN IP: XX.XXX.167.61
Customer WAN IP: XX.XXX.167.62
WAN SUBNET: 255.255.255.252
LAN BLOCK: YY.YYY.191.72 (this is a /30 block so I'm assuming .72 is the gateway, .73 and .74 are usable)
LAN SUBNET: 255.255.255.252
Line Coding/Framing: B8ZS/ESF (for DS1s)
Proposed config:
Patch cable from T1/DS1 to cisco WIC
Interface serial 0/0
service-module t1 clock source line
service-module t1 timeslots 1-24 speed 64
service-module t1 framing esf
service-module t1 linecode b8zs
ip address XX.XXX.167.62 255.255.255.252
encapsulation pppfair-que
no shut
interface FastEthernet 0/0
ip address YY.YYY.191.73 255.255.255.252
patch cable from Eth0/0 to Sonicwall WAN interface
Sonicwall WAN interface
IP: YY.YYY.191.74
Subnet: 255.255.255.252
Gateway YY.YYY.191.72
What else am I missing? I'm a little foggy on the carrier/wan/local IPs, as far as which goes where, so I may have that wrong or completely fubar'd. Also, I would like for the cisco to do ZERO routing or anything else, as the sonicwall will handle that. Basically, the cisco should be a bridge, so if someone could help with commands to disable that, I'd be grateful.
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get this solution by purchasing an Individual license!
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
Thank you. I believe YY.YYY.191.72 to be the gateway assigned by the ISP who is providing the T1. I am basing that on my understanding of YY.YYY.191.72/30, which is what what was given me by my ISP.
I understand that to mean .72 is the gateway, .73 and .74 are usable, and .75 is the broadcast address. I am trying to verify this with the ISP, but standard subnet rules would make the above correct.
For the default route, I should point to the network WAN IP from my carrier?
So...
(config)#ip default-network XX.XXX.167.60
?
I understand that to mean .72 is the gateway, .73 and .74 are usable, and .75 is the broadcast address. I am trying to verify this with the ISP, but standard subnet rules would make the above correct.
For the default route, I should point to the network WAN IP from my carrier?
So...
(config)#ip default-network XX.XXX.167.60
?
O.K. read, I guess I read the info too fast the first time. First, a /30 only has 2 usable addresses, in your case .73 or .74., the subnet is broken down as:
YY.YYY.191.72 -- Network - can't be used
YY.YYY.191.73 and .74 usable addresses
YY.YYY.191.75 -- Broadcast - can't be used
Your configuration would look something like this for the T1 connection to your SonicWall:
ISP (167.61/30) <--- T1/WAN ---> (167.62/30) 1700 (191.73/30) <--- LAN---> (191.74/30) SonicWall
Your 1700 will have a default route pointing to 167.61.
Now the big question is how is your primary Internet link setup and is your primary link provided by the same ISP as the T1?
YY.YYY.191.72 -- Network - can't be used
YY.YYY.191.73 and .74 usable addresses
YY.YYY.191.75 -- Broadcast - can't be used
Your configuration would look something like this for the T1 connection to your SonicWall:
ISP (167.61/30) <--- T1/WAN ---> (167.62/30) 1700 (191.73/30) <--- LAN---> (191.74/30) SonicWall
Your 1700 will have a default route pointing to 167.61.
Now the big question is how is your primary Internet link setup and is your primary link provided by the same ISP as the T1?
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trial
Okay, got it. I knew I was off somewhere on the ip setup. So the corrected config below with the IP changes.
Proposed config:
Patch cable from T1/DS1 to cisco WIC
Interface serial 0/0
service-module t1 clock source line
service-module t1 timeslots 1-24 speed 64
service-module t1 framing esf
service-module t1 linecode b8zs
ip address XX.XXX.167.62 255.255.255.252
encapsulation pppfair-que
no shut
interface FastEthernet 0/0
ip address YY.YYY.191.73 255.255.255.252
(config)#ip default-network XX.XXX.167.60
patch cable from Eth0/0 to Sonicwall WAN interface
Sonicwall WAN interface
IP: YY.YYY.191.74
Subnet: 255.255.255.252
Gateway YY.YYY.191.73
As for the sonicwall, I can configure multiple WAN interfaces independently. I currently have WAN1 configured and connected to a cable modem from a local provider, NOT the same provider that's bringing in the T1. I'm planning to configure WAN2 for the T1, which I don't believe will cause any issues. I'm very comfortable within the sonicwall so I can handle everything from there.
Agreed?
Proposed config:
Patch cable from T1/DS1 to cisco WIC
Interface serial 0/0
service-module t1 clock source line
service-module t1 timeslots 1-24 speed 64
service-module t1 framing esf
service-module t1 linecode b8zs
ip address XX.XXX.167.62 255.255.255.252
encapsulation pppfair-que
no shut
interface FastEthernet 0/0
ip address YY.YYY.191.73 255.255.255.252
(config)#ip default-network XX.XXX.167.60
patch cable from Eth0/0 to Sonicwall WAN interface
Sonicwall WAN interface
IP: YY.YYY.191.74
Subnet: 255.255.255.252
Gateway YY.YYY.191.73
As for the sonicwall, I can configure multiple WAN interfaces independently. I currently have WAN1 configured and connected to a cable modem from a local provider, NOT the same provider that's bringing in the T1. I'm planning to configure WAN2 for the T1, which I don't believe will cause any issues. I'm very comfortable within the sonicwall so I can handle everything from there.
Agreed?
That looks good. Do you host any servers that people access from the Internet, or is this just purely for outbound access to the Internet?
My questions about the primary Internet question are only relevant if you host server(s) that would need to be accessed from the Internet.
My questions about the primary Internet question are only relevant if you host server(s) that would need to be accessed from the Internet.
No servers or anything hosted in this case so that shouldn't be an issue. Thank you very much for your time and effort. I hope to have this setup Tuesday or Wednesday of next week, and I'll report back if you're interested. Thanks again!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Cisco
From novice to tech pro — start learning today.
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get this solution by purchasing an Individual license!
Start your 7-day free trial.
Now as for your configuration. Off hand the only thing I see missing is a default route pointing to the ISP's WAN address and possibly a NAT.
I am assuming the yy.yyy.191.72 address on the Sonicwall is a public IP address assigned to you by your ISP. If that ISP is not the same ISP that provide the T1, then you will need to NAT everything coming out of the Sonicwall to XX.XXX.167.62, otherwise it will never get back to you.
If you have one ISP that is providing both connections, you don't need to NAT, but you need to make sure the ISP will route the yy.yyy.191.72 back over the T1 is they see the primary connection go down.