Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Wanet Telecoms Ltd on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Dialup only if I ping the router on the other side 1

Status
Not open for further replies.
marty74

marty74

IS-IT--Management
Jun 13, 2002
6
DE
Hello,

I have a mysterious thing on my routers:
On the one side is a Cisco 3640 with IOS 12.2(12) running. On the other side is a Cisco 803. Both connected with 64 K ISDN.

The 3640 has the IP 10.10.1.254
The 803 has the IP 10.10.2.254 both netmask is 255.255.255.0

If I ping from the 3640 to the 803 directly all runs normally. If I ping from the 3640 to any host in the net of 10.10.2.0/24 the 3640 makes no dialup or isdn events.

If the hosts from the 10.10.2.0/24 net pings to me (any address in 10.10.1.0/24) all works fine.

So, in the moment I have to ping first the router in the remote company before I can connect to any PC in this net.

The sh ip route command shows "directly connected to dialer1" for the network.

Why does the 3640 make absolutely no ISDN events if I ping an host? There happen nothing! If I ping the router (ping 10.10.2.254 the 3640-Router open the connection very fine.

Can anybody help me??

thanks a lot.

Marty
 
Sort by date Sort by votes
Depends on your config I guess. You should have a dialer-group on the interface which references a dialer-list in the main body of the config. I may be as simple as 'dialer-list permit ip any any' or it may in turn reference an access-list. In either case, the scope of the dialer-list or access-list statement dictates what is interesting traffic. It may be that you only have the host address .254 defined as interesting. Take a look at that or post that part of your config and maybe we can help you out.

Regards.

 
Upvote 0 Downvote
Hallo Svermill,

thanks for your help.

Here my config. I thank you for all your help.

Marty


Building configuration...

Current configuration : 3459 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname XXXXXXXXX
!
aaa new-model
aaa authentication login default local
aaa authentication ppp default local
aaa authentication ppp billing group radius
aaa authentication nasi billing group radius
aaa authorization config-commands
aaa authorization network default local
aaa authorization network billing group radius
aaa authorization network nothing none
aaa authorization reverse-access billing group radius
aaa authorization configuration default group radius
aaa accounting update newinfo
aaa accounting network billing start-stop group radius
aaa nas port extended
aaa route download 60
enable password XXXXXXXX
!
username root password 0 XXXXXXXX
username wusa0401 password 0 XXXXXXXX
ip subnet-zero
!
!
no ip domain-lookup
!
no ip bootp server
virtual-profile virtual-template 1
multilink virtual-template 1
isdn switch-type primary-net5
!
controller E1 1/0
pri-group timeslots 1-31
description physical interface for billing
!
!
!
interface FastEthernet0/0
ip address 10.10.1.254 255.255.255.0
duplex auto
speed auto
!
interface Serial1/0:15
description control interface for billing
ip unnumbered FastEthernet0/0
encapsulation ppp
dialer rotary-group 1
isdn switch-type primary-net5
isdn fast-rollover-delay 1
no cdp enable
ppp authentication chap billing
ppp authorization billing
ppp accounting billing
!
!
interface Virtual-Template1
description Template interface for billing
ip unnumbered FastEthernet0/0
load-interval 30
compress stac
ppp authentication chap billing
ppp authorization billing
ppp accounting billing
ppp multilink bap
multilink load-threshold 200 either
!
interface Dialer1
description billing
ip unnumbered FastEthernet0/0
encapsulation ppp
dialer in-band
dialer aaa
dialer idle-timeout 90
dialer enable-timeout 2
dialer hold-queue 50
dialer-group 1
no cdp enable
ppp authentication chap billing
ppp authorization billing
ppp accounting billing
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.10.1.251
no ip http server
ip http authentication local
ip pim bidir-enable
!
access-list 102 deny udp any eq netbios-dgm any
access-list 102 deny udp any eq netbios-ns any
access-list 102 deny udp any eq netbios-ss any
access-list 102 deny udp any range snmp snmptrap any
access-list 102 deny udp any range bootps bootpc any
access-list 102 deny tcp any eq 137 any
access-list 102 deny tcp any eq 138 any
access-list 102 deny tcp any eq 139 any
access-list 102 permit ip any any
dialer-list 1 protocol ip list 102
radius-server host 10.30.1.240 auth-port 1645 acct-port 1646
radius-server retransmit 3
radius-server timeout 1
radius-server deadtime 1
radius-server key cisco
radius-server vsa send accounting
radius-server vsa send authentication
!
line con 0
speed 115200
line aux 0
line vty 0 4
logging synchronous
!
end
 
Upvote 0 Downvote
It looks like from the configuration that the 3640 has no routing protocol and doesn't know about anything not connected to it. You say that 10.20.2.0/24 shows up in the 'show ip route' display. Is this when the ISDN is already up or when it's down? From the config, I cannot see how it could be there is the ISDN line is not already connected. If you add 'ip route 10.10.2.0 255.255.255.0 Dialer1' does it work? Todd Hethmon
thethmon@hethmon.com
 
Upvote 0 Downvote
Well...your dialer-group/access-list config is fine. You're implementing some pretty advanced aaa stuff that I'm not too familiar with. I was looking to figure out how that route was showing up in your table as "via dialer1." It appears as though you are pulling static routes down from radius. I would first make sure that static route entry is good.

From there, all I could recommend would be to do some debugging to see where things are getting hung. Do a 'debug dialer events' and observe what happens when you are able to successfully ping the 803. Then compare to what happens when you fail to ping a host. This may point you in the right direction for the next debug to look at (is it a routing issue, and authorization issue, and so forth).

I'll be glad to try and keep helping you but I just don't have a lot of aaa/radius experience. I'm sure other folks in this forum do and hopefully they will chime in with good suggestions.

Regards.

 
Upvote 0 Downvote
I did a bit of reading at the following link on "Large-Scale Dialout"


The more about it I read, the more convinced I become that you will find your answer on your RADIUS server - not on your router. I say this because dialup can be made to work in your case, just not yet to all the hosts that you want. That appears to be a aaa/radius thing as far as I can tell.

There are some good example configs in the link above. You might want to compare some of them against your profiles and see if anything jumps out at you.
 
Upvote 0 Downvote
Please let us know when you find your answer of if there is anything else we can do to help you find it. That way, we all learn something.

Thanks.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Blackybear
  • Question
Cisco RV042G router
Replies
0
Views
145
Blackybear
Blackybear
woza
  • Locked
  • Question
GNS3: Delete the lines "transport preferred none"
Replies
1
Views
577
DrB0b
DrB0b
CPM86
  • Locked
  • Question
Cisco isr 4331 with IOS and sip busy fail over to 2nd sip number on pbx?
Replies
0
Views
403
CPM86
CPM86
jobsp90
  • Locked
  • Question
I have a issue in my office hospital network regarding using IPPBX software.
Replies
2
Views
320
DavetheChef
DavetheChef
WinstonCH
  • Locked
  • Helpful tip
What is wrong with the diagram, there are people who will help to fix it? How do i do the configurat 1
Replies
1
Views
736
BIS
BIS

Part and Inventory Search

Sponsor

Back
Top