COMPUTERTECH33
IS-IT--Management
Hi all. If you can help me fix this issue, I'll put $20 in your PayPal account.
This has been a nightmare for me.
I have a 1750 that uses the AUX port to dial backup into a 3640. It dials and connects when I disconnect the E0..At that point, I can ping all internal computers by name and IP. I can also ping Internet sites by ip or FQDN.
1750 config
test#sh run
Building configuration...
Current configuration : 3980 bytes
!
version 12.1
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
service password-encryption
service udp-small-servers
service tcp-small-servers
!
hostname test
!
no logging on
enable password 7 xxxxx
!
username gvs17rt01tc password 7 xxxx
username gvs17rt02ec password 7 xxxx
username tor01rt02ec password 7 xxxx
memory-size iomem 20
ip subnet-zero
no ip finger
ip tcp chunk-size 1200
no ip domain-lookup
ip host test 2005 192.168.17.1
ip dhcp excluded-address 192.168.17.1 192.168.17.20
!
ip dhcp pool test
import all
network 192.168.17.0 255.255.255.0
default-router 192.168.17.1
domain-name test.com
dns-server 172.17.2.60 65.118.56.73
netbios-name-server 172.17.2.60 172.17.2.30
netbios-node-type h-node
lease 30
!
ip dhcp pool jdirect1
host 192.168.17.18 255.255.255.0
hardware-address 0010.8394.7e2a
client-name NPI947E2A
!
chat-script modem ABORT ERROR "" "ATDT\T" TIMEOUT 60 CONNECT \c
!
!
crypto policy..deleted
!
!
crypto ipsec transform-set sharks esp-des esp-md5-hmac
!
crypto map nolan 11 ipsec-isakmp
set peer x.x.x.x
set transform-set sharks
match address 121
!
!
!
!
interface Ethernet0
mac-address 0004.5a86.37f2
backup delay 10 60
backup interface Async5
ip address x.x.x.x 255.255.248.0
ip nat outside
no ip route-cache
no ip mroute-cache
half-duplex
crypto map nolan
!
interface FastEthernet0
ip address 192.168.17.1 255.255.255.0
ip helper-address 172.17.2.30
ip helper-address 172.17.2.255
ip helper-address 172.17.255.255
ip helper-address 172.16.255.255
ip directed-broadcast
ip nat inside
no ip route-cache
no ip mroute-cache
speed auto
!
interface Async5
ip address 170.1.1.16 255.255.255.0
encapsulation ppp
keepalive 10
dialer in-band
dialer idle-timeout 300
dialer string 9,1800xxxxxxx
dialer-group 1
fair-queue 64 16 0
ppp authentication chap
!
interface Dialer1
no ip address
no cdp enable
!
ip nat inside source route-map nonat interface Ethernet0 overload
ip kerberos source-interface any
ip classless
no ip forward-protocol udp netbios-ns
no ip forward-protocol udp netbios-dgm
ip forward-protocol udp netbios-ss
ip forward-protocol udp 42508
ip route 0.0.0.0 0.0.0.0 Async5 200
no ip http server
!
no logging trap
logging facility local0
logging 172.17.1.31
access-list 3 permit any
access-list 110 deny ip 192.168.17.0 0.0.0.255 172.16.0.0 0.0.255.255
access-list 110 deny ip 192.168.17.0 0.0.0.255 172.17.0.0 0.0.255.255
access-list 110 permit ip 192.168.17.0 0.0.0.255 any
access-list 120 permit ip 192.168.17.0 0.0.0.255 172.16.0.0 0.0.255.255
access-list 120 permit ip 192.168.17.0 0.0.0.255 172.17.0.0 0.0.255.255
access-list 121 permit ip 192.168.16.0 0.0.0.255 172.17.0.0 0.0.255.255
access-list 121 permit ip 192.168.17.0 0.0.0.255 172.17.0.0 0.0.255.255
access-list 150 permit esp host x.x.x.x host 0.0.0.0
access-list 150 permit udp host x.x.x.x host 0.0.0.0 eq isakmp
access-list 150 permit ip any 192.168.16.0 0.0.0.255
access-list 150 permit ip any 192.168.17.0 0.0.0.255
priority-list 1 protocol ip high
dialer-list 1 protocol ip permit
route-map nonat permit 10
match ip address 110
!
snmp-server engineID local 0000000902000001422C57FB
snmp-server community xxx RO
banner motd ^CCCCC
Unauthorized access is prohibited
Violators will be prosecuted
Welcome to Seattle
^C
!
--More--
line con 0
password 7 xxxxxxxx
login
transport input none
line aux 0
password 7 xxxxxxxxxxxxxx
autoselect ppp
modem InOut
modem autoconfigure discovery
transport input all
autohangup
speed 115200
flowcontrol hardware
line vty 0 4
access-class 3 in
password 7xxxxx
login
!
no scheduler allocate
end
Thanks
This has been a nightmare for me.
I have a 1750 that uses the AUX port to dial backup into a 3640. It dials and connects when I disconnect the E0..At that point, I can ping all internal computers by name and IP. I can also ping Internet sites by ip or FQDN.
1750 config
test#sh run
Building configuration...
Current configuration : 3980 bytes
!
version 12.1
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
service password-encryption
service udp-small-servers
service tcp-small-servers
!
hostname test
!
no logging on
enable password 7 xxxxx
!
username gvs17rt01tc password 7 xxxx
username gvs17rt02ec password 7 xxxx
username tor01rt02ec password 7 xxxx
memory-size iomem 20
ip subnet-zero
no ip finger
ip tcp chunk-size 1200
no ip domain-lookup
ip host test 2005 192.168.17.1
ip dhcp excluded-address 192.168.17.1 192.168.17.20
!
ip dhcp pool test
import all
network 192.168.17.0 255.255.255.0
default-router 192.168.17.1
domain-name test.com
dns-server 172.17.2.60 65.118.56.73
netbios-name-server 172.17.2.60 172.17.2.30
netbios-node-type h-node
lease 30
!
ip dhcp pool jdirect1
host 192.168.17.18 255.255.255.0
hardware-address 0010.8394.7e2a
client-name NPI947E2A
!
chat-script modem ABORT ERROR "" "ATDT\T" TIMEOUT 60 CONNECT \c
!
!
crypto policy..deleted
!
!
crypto ipsec transform-set sharks esp-des esp-md5-hmac
!
crypto map nolan 11 ipsec-isakmp
set peer x.x.x.x
set transform-set sharks
match address 121
!
!
!
!
interface Ethernet0
mac-address 0004.5a86.37f2
backup delay 10 60
backup interface Async5
ip address x.x.x.x 255.255.248.0
ip nat outside
no ip route-cache
no ip mroute-cache
half-duplex
crypto map nolan
!
interface FastEthernet0
ip address 192.168.17.1 255.255.255.0
ip helper-address 172.17.2.30
ip helper-address 172.17.2.255
ip helper-address 172.17.255.255
ip helper-address 172.16.255.255
ip directed-broadcast
ip nat inside
no ip route-cache
no ip mroute-cache
speed auto
!
interface Async5
ip address 170.1.1.16 255.255.255.0
encapsulation ppp
keepalive 10
dialer in-band
dialer idle-timeout 300
dialer string 9,1800xxxxxxx
dialer-group 1
fair-queue 64 16 0
ppp authentication chap
!
interface Dialer1
no ip address
no cdp enable
!
ip nat inside source route-map nonat interface Ethernet0 overload
ip kerberos source-interface any
ip classless
no ip forward-protocol udp netbios-ns
no ip forward-protocol udp netbios-dgm
ip forward-protocol udp netbios-ss
ip forward-protocol udp 42508
ip route 0.0.0.0 0.0.0.0 Async5 200
no ip http server
!
no logging trap
logging facility local0
logging 172.17.1.31
access-list 3 permit any
access-list 110 deny ip 192.168.17.0 0.0.0.255 172.16.0.0 0.0.255.255
access-list 110 deny ip 192.168.17.0 0.0.0.255 172.17.0.0 0.0.255.255
access-list 110 permit ip 192.168.17.0 0.0.0.255 any
access-list 120 permit ip 192.168.17.0 0.0.0.255 172.16.0.0 0.0.255.255
access-list 120 permit ip 192.168.17.0 0.0.0.255 172.17.0.0 0.0.255.255
access-list 121 permit ip 192.168.16.0 0.0.0.255 172.17.0.0 0.0.255.255
access-list 121 permit ip 192.168.17.0 0.0.0.255 172.17.0.0 0.0.255.255
access-list 150 permit esp host x.x.x.x host 0.0.0.0
access-list 150 permit udp host x.x.x.x host 0.0.0.0 eq isakmp
access-list 150 permit ip any 192.168.16.0 0.0.0.255
access-list 150 permit ip any 192.168.17.0 0.0.0.255
priority-list 1 protocol ip high
dialer-list 1 protocol ip permit
route-map nonat permit 10
match ip address 110
!
snmp-server engineID local 0000000902000001422C57FB
snmp-server community xxx RO
banner motd ^CCCCC
Unauthorized access is prohibited
Violators will be prosecuted
Welcome to Seattle
^C
!
--More--
line con 0
password 7 xxxxxxxx
login
transport input none
line aux 0
password 7 xxxxxxxxxxxxxx
autoselect ppp
modem InOut
modem autoconfigure discovery
transport input all
autohangup
speed 115200
flowcontrol hardware
line vty 0 4
access-class 3 in
password 7xxxxx
login
!
no scheduler allocate
end
Thanks