Hi All
I'm trying to replace a T1 line with a MultiLink internet connection using the attached config from a Telco. I've had little success with this. I can only browse the internet when directly connected to the router. However, when I'm behind my PIX firewall I canot access the internet. At first glance this appears to be a firewall issue, however this multilink is the only thing that has changed (The firewall works fine with our exsiting T1 line) No changes were made to the firewall since the ip address scheme remanins the same. The telco is saying that its my PIX, but I cant see how it could be since, in essence, nothing has changed (i,e. IP address, protocols etc). Any ideas would be greatly appreciated.
Here's the router config:
Current configuration : 3584 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname MIS
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$3YQw$V7pPDom6dUj12345699Z3spiF23331
!
no aaa new-model
!
resource policy
!
!
ip cef
!
!
no ip domain lookup
!
voice-card 0
no dspfarm
!
!
username NI_NY_
!
!
interface Multilink103482
ip address 12.98.x.x 255.255.255.252
ip access-group 101 in
no keepalive
no cdp enable
ppp chap hostname 12.98.x.x
ppp multilink
ppp multilink group 103482
ppp multilink fragment disable
!
interface GigabitEthernet0/0
description connection to customer LAN
ip address 12.94.x.x 255.255.255.240
no ip redirects
no ip unreachables
no ip proxy-arp
no ip mroute-cache
duplex full
speed auto
no cdp enable
!
interface GigabitEthernet0/1
description connection to customer LAN
ip address 12.95.x.x 255.255.255.240
no ip redirects
no ip unreachables
no ip proxy-arp
no ip mroute-cache
duplex full
speed 100
no cdp enable
!
interface Serial0/0/0
description connection to NY Circuit 1 1xT1
no ip address
encapsulation ppp
no cdp enable
ppp chap hostname 12.98.x.x
ppp multilink
ppp multilink group 103482
max-reserved-bandwidth 100
!
interface Serial0/1/0
description connection to NY Circiut 2 2xT1
no ip address
encapsulation ppp
no cdp enable
ppp chap hostname 12.98.x.x
ppp multilink
ppp multilink group 103482
max-reserved-bandwidth 100
!
interface Serial0/2/0
description connection to NY Circiut 3 3xT1
no ip address
encapsulation ppp
no cdp enable
ppp chap hostname 12.98.x.x
ppp multilink
ppp multilink group 103482
max-reserved-bandwidth 100
!
ip route 0.0.0.0 0.0.0.0 Multilink103482
ip route 12.95.x.x 255.255.255.240 12.94.x.x
!
!
no ip http server
no ip http secure-server
!
access-list 101 deny ip 127.0.0.0 0.255.255.255 any log
access-list 101 deny ip 12.94.x.x 0.0.0.15 any log
access-list 101 deny ip 12.95.x.x 0.0.0.15 any log
access-list 101 permit ip any any
no cdp run
!
!
!
I'm trying to replace a T1 line with a MultiLink internet connection using the attached config from a Telco. I've had little success with this. I can only browse the internet when directly connected to the router. However, when I'm behind my PIX firewall I canot access the internet. At first glance this appears to be a firewall issue, however this multilink is the only thing that has changed (The firewall works fine with our exsiting T1 line) No changes were made to the firewall since the ip address scheme remanins the same. The telco is saying that its my PIX, but I cant see how it could be since, in essence, nothing has changed (i,e. IP address, protocols etc). Any ideas would be greatly appreciated.
Here's the router config:
Current configuration : 3584 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname MIS
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$3YQw$V7pPDom6dUj12345699Z3spiF23331
!
no aaa new-model
!
resource policy
!
!
ip cef
!
!
no ip domain lookup
!
voice-card 0
no dspfarm
!
!
username NI_NY_
!
!
interface Multilink103482
ip address 12.98.x.x 255.255.255.252
ip access-group 101 in
no keepalive
no cdp enable
ppp chap hostname 12.98.x.x
ppp multilink
ppp multilink group 103482
ppp multilink fragment disable
!
interface GigabitEthernet0/0
description connection to customer LAN
ip address 12.94.x.x 255.255.255.240
no ip redirects
no ip unreachables
no ip proxy-arp
no ip mroute-cache
duplex full
speed auto
no cdp enable
!
interface GigabitEthernet0/1
description connection to customer LAN
ip address 12.95.x.x 255.255.255.240
no ip redirects
no ip unreachables
no ip proxy-arp
no ip mroute-cache
duplex full
speed 100
no cdp enable
!
interface Serial0/0/0
description connection to NY Circuit 1 1xT1
no ip address
encapsulation ppp
no cdp enable
ppp chap hostname 12.98.x.x
ppp multilink
ppp multilink group 103482
max-reserved-bandwidth 100
!
interface Serial0/1/0
description connection to NY Circiut 2 2xT1
no ip address
encapsulation ppp
no cdp enable
ppp chap hostname 12.98.x.x
ppp multilink
ppp multilink group 103482
max-reserved-bandwidth 100
!
interface Serial0/2/0
description connection to NY Circiut 3 3xT1
no ip address
encapsulation ppp
no cdp enable
ppp chap hostname 12.98.x.x
ppp multilink
ppp multilink group 103482
max-reserved-bandwidth 100
!
ip route 0.0.0.0 0.0.0.0 Multilink103482
ip route 12.95.x.x 255.255.255.240 12.94.x.x
!
!
no ip http server
no ip http secure-server
!
access-list 101 deny ip 127.0.0.0 0.255.255.255 any log
access-list 101 deny ip 12.94.x.x 0.0.0.15 any log
access-list 101 deny ip 12.95.x.x 0.0.0.15 any log
access-list 101 permit ip any any
no cdp run
!
!
!