Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!
Cisco T1 configuration for T1 to Ethernet handoff for Sonicwall wan connection
I have an active, non-managed T1 connection that I've become responsible for implementing as a backup wan connection. There is a sonicwall firewall/router in place currently. There is no managed router or other device for the T1 connection at the moment, so I plan to put a spare cisco 1700 with a T1 card in to use as a "T1 to ethernet converter" of sorts. I do not believe you can accomplish this by simply bridging the T1 port and an ethernet port (please correct me if I'm wrong here), so just a basic config is needed. I have *some cisco experience, but I've never tried to configure one for this purpose, so I'm just trying to wrap my head around the config. Here's my current train of thought.
I have this IP information from my provider:
Network WAN IP: XX.XXX.167.60
Carrier WAN IP: XX.XXX.167.61
Customer WAN IP: XX.XXX.167.62
WAN SUBNET: 255.255.255.252
LAN BLOCK: YY.YYY.191.72 (this is a /30 block so I'm assuming .72 is the gateway, .73 and .74 are usable)
LAN SUBNET: 255.255.255.252
Line Coding/Framing: B8ZS/ESF (for DS1s)
Proposed config:
Patch cable from T1/DS1 to cisco WIC
Interface serial 0/0
service-module t1 clock source line
service-module t1 timeslots 1-24 speed 64
service-module t1 framing esf
service-module t1 linecode b8zs
ip address XX.XXX.167.62 255.255.255.252
encapsulation pppfair-que
no shut
interface FastEthernet 0/0
ip address YY.YYY.191.73 255.255.255.252
patch cable from Eth0/0 to Sonicwall WAN interface
Sonicwall WAN interface
IP: YY.YYY.191.74
Subnet: 255.255.255.252
Gateway YY.YYY.191.72
What else am I missing? I'm a little foggy on the carrier/wan/local IPs, as far as which goes where, so I may have that wrong or completely fubar'd. Also, I would like for the cisco to do ZERO routing or anything else, as the sonicwall will handle that. Basically, the cisco should be a bridge, so if someone could help with commands to disable that, I'd be grateful.
I have this IP information from my provider:
Network WAN IP: XX.XXX.167.60
Carrier WAN IP: XX.XXX.167.61
Customer WAN IP: XX.XXX.167.62
WAN SUBNET: 255.255.255.252
LAN BLOCK: YY.YYY.191.72 (this is a /30 block so I'm assuming .72 is the gateway, .73 and .74 are usable)
LAN SUBNET: 255.255.255.252
Line Coding/Framing: B8ZS/ESF (for DS1s)
Proposed config:
Patch cable from T1/DS1 to cisco WIC
Interface serial 0/0
service-module t1 clock source line
service-module t1 timeslots 1-24 speed 64
service-module t1 framing esf
service-module t1 linecode b8zs
ip address XX.XXX.167.62 255.255.255.252
encapsulation pppfair-que
no shut
interface FastEthernet 0/0
ip address YY.YYY.191.73 255.255.255.252
patch cable from Eth0/0 to Sonicwall WAN interface
Sonicwall WAN interface
IP: YY.YYY.191.74
Subnet: 255.255.255.252
Gateway YY.YYY.191.72
What else am I missing? I'm a little foggy on the carrier/wan/local IPs, as far as which goes where, so I may have that wrong or completely fubar'd. Also, I would like for the cisco to do ZERO routing or anything else, as the sonicwall will handle that. Basically, the cisco should be a bridge, so if someone could help with commands to disable that, I'd be grateful.
Do more with
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
I believe the only way you could bridge the T1 and Ethernet interfaces is if the other side was setup the same. Then it would be Ethernet <-- Bridge --> T1 <-------> T1 <-- bridge --> Ethernet.
Now as for your configuration. Off hand the only thing I see missing is a default route pointing to the ISP's WAN address and possibly a NAT.
I am assuming the yy.yyy.191.72 address on the Sonicwall is a public IP address assigned to you by your ISP. If that ISP is not the same ISP that provide the T1, then you will need to NAT everything coming out of the Sonicwall to XX.XXX.167.62, otherwise it will never get back to you.
If you have one ISP that is providing both connections, you don't need to NAT, but you need to make sure the ISP will route the yy.yyy.191.72 back over the T1 is they see the primary connection go down.
Now as for your configuration. Off hand the only thing I see missing is a default route pointing to the ISP's WAN address and possibly a NAT.
I am assuming the yy.yyy.191.72 address on the Sonicwall is a public IP address assigned to you by your ISP. If that ISP is not the same ISP that provide the T1, then you will need to NAT everything coming out of the Sonicwall to XX.XXX.167.62, otherwise it will never get back to you.
If you have one ISP that is providing both connections, you don't need to NAT, but you need to make sure the ISP will route the yy.yyy.191.72 back over the T1 is they see the primary connection go down.
Thank you. I believe YY.YYY.191.72 to be the gateway assigned by the ISP who is providing the T1. I am basing that on my understanding of YY.YYY.191.72/30, which is what what was given me by my ISP.
I understand that to mean .72 is the gateway, .73 and .74 are usable, and .75 is the broadcast address. I am trying to verify this with the ISP, but standard subnet rules would make the above correct.
For the default route, I should point to the network WAN IP from my carrier?
So...
(config)#ip default-network XX.XXX.167.60
?
I understand that to mean .72 is the gateway, .73 and .74 are usable, and .75 is the broadcast address. I am trying to verify this with the ISP, but standard subnet rules would make the above correct.
For the default route, I should point to the network WAN IP from my carrier?
So...
(config)#ip default-network XX.XXX.167.60
?
O.K. read, I guess I read the info too fast the first time. First, a /30 only has 2 usable addresses, in your case .73 or .74., the subnet is broken down as:
YY.YYY.191.72 -- Network - can't be used
YY.YYY.191.73 and .74 usable addresses
YY.YYY.191.75 -- Broadcast - can't be used
Your configuration would look something like this for the T1 connection to your SonicWall:
ISP (167.61/30) <--- T1/WAN ---> (167.62/30) 1700 (191.73/30) <--- LAN---> (191.74/30) SonicWall
Your 1700 will have a default route pointing to 167.61.
Now the big question is how is your primary Internet link setup and is your primary link provided by the same ISP as the T1?
YY.YYY.191.72 -- Network - can't be used
YY.YYY.191.73 and .74 usable addresses
YY.YYY.191.75 -- Broadcast - can't be used
Your configuration would look something like this for the T1 connection to your SonicWall:
ISP (167.61/30) <--- T1/WAN ---> (167.62/30) 1700 (191.73/30) <--- LAN---> (191.74/30) SonicWall
Your 1700 will have a default route pointing to 167.61.
Now the big question is how is your primary Internet link setup and is your primary link provided by the same ISP as the T1?
Okay, got it. I knew I was off somewhere on the ip setup. So the corrected config below with the IP changes.
Proposed config:
Patch cable from T1/DS1 to cisco WIC
Interface serial 0/0
service-module t1 clock source line
service-module t1 timeslots 1-24 speed 64
service-module t1 framing esf
service-module t1 linecode b8zs
ip address XX.XXX.167.62 255.255.255.252
encapsulation pppfair-que
no shut
interface FastEthernet 0/0
ip address YY.YYY.191.73 255.255.255.252
(config)#ip default-network XX.XXX.167.60
patch cable from Eth0/0 to Sonicwall WAN interface
Sonicwall WAN interface
IP: YY.YYY.191.74
Subnet: 255.255.255.252
Gateway YY.YYY.191.73
As for the sonicwall, I can configure multiple WAN interfaces independently. I currently have WAN1 configured and connected to a cable modem from a local provider, NOT the same provider that's bringing in the T1. I'm planning to configure WAN2 for the T1, which I don't believe will cause any issues. I'm very comfortable within the sonicwall so I can handle everything from there.
Agreed?
Proposed config:
Patch cable from T1/DS1 to cisco WIC
Interface serial 0/0
service-module t1 clock source line
service-module t1 timeslots 1-24 speed 64
service-module t1 framing esf
service-module t1 linecode b8zs
ip address XX.XXX.167.62 255.255.255.252
encapsulation pppfair-que
no shut
interface FastEthernet 0/0
ip address YY.YYY.191.73 255.255.255.252
(config)#ip default-network XX.XXX.167.60
patch cable from Eth0/0 to Sonicwall WAN interface
Sonicwall WAN interface
IP: YY.YYY.191.74
Subnet: 255.255.255.252
Gateway YY.YYY.191.73
As for the sonicwall, I can configure multiple WAN interfaces independently. I currently have WAN1 configured and connected to a cable modem from a local provider, NOT the same provider that's bringing in the T1. I'm planning to configure WAN2 for the T1, which I don't believe will cause any issues. I'm very comfortable within the sonicwall so I can handle everything from there.
Agreed?
Premium Content
You need an Expert Office subscription to comment.Start Free Trial