need a simple Point to Point config setup for 1760 routers 2

[gman10]

Good morning to all-

I need a rather simple config setup for two routers doing point to point. Both have been setup with Verizon T1 service and the routers are Cisco 1760 routers. Can someone point the way with perhaps a url or site with template configs out there? There will be no VPNing in or outside traffic going out just an end to end connection between two sites.. I have a general config started on both routers and from what I've heard from a few staff members at one of the two customer sites, there may eventually be a PIX firewall deployed behind one of the two sites and perhaps a pc ... eventually.. Anyone know of a good reference to view such a scenario, once again, I've started the configs just need slight guidance to solidify the this solution!

thx everyone
gman

 

[dearingkr]

Here is one of my templates for a standard point-to-point:

service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname [highlight]router[/highlight]
!
no logging console
enable secret 5 [highlight]xxxxx[/highlight]
enable password [highlight]xxxxx[/highlight]
!
no ip finger
!
no ip subnet-zero
!
interface FastEthernet0/0
description [highlight]whatever[/highlight]
ip address [highlight]10.10.10.1 255.255.255.0[/highlight]
no ip mroute-cache
speed auto
half-duplex
!
interface Serial0/0
ip address [highlight]10.10.210.1 255.255.255.252[/highlight]
!
router eigrp 10
network [highlight]10.10.0.0 0.0.255.255[/highlight]
auto-summary
!
ip default-gateway [highlight]x.x.x.x[/highlight]
ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 [highlight]x.x.x.x[/highlight]
!
line con 0
password [highlight]xxxxx[/highlight]
login
line aux 0
line vty 0 4
password [highlight]xxxxx[/highlight]
login
!
end
[/color green]
If your circuit is not a full T1, then the telco will give you channel assignments. The serial interface config will look something like this for a 256k circuit:

interface Serial0/0
description [highlight]whatever[/highlight]
ip address [highlight]10.10.210.1 255.255.255.252[/highlight]
no fair-queue
service-module t1 timeslots 1-4
!
[/color green]
If your circuit is frame-relay, then you will have to include encapsulation and DLCI statements, such as:

interface Serial0/0
no ip address
encapsulation frame-relay
frame-relay lmi-type ansi

interface Serial 0/0.1
description [highlight]whatever[/highlight]
ip address [highlight]10.10.210.1 255.255.255.252[/highlight]
frame-relay interface DLCI xxx
[/color green]
Of course you'll have to fill in the blanks, like ip addresses, passwords, hostname, etc.

Please note that this is just a basic template to get the routers up and talking to each other. There are no 'lockdown' procedures, access lists, etc.

Hope this helps you out.

MCSE CCNA CCDA

 

[gman10]

I highly thank you dearingkr.. I will use this and add to it and really appreciate it

gman

 

[gman10]

Hi Dearingkr,

I did have a question not pertaining to your template but will pertain to it.. Verizon is the carrier that brought the T1 in to the customers building thru the demarc.. I asked them if they could provide me with an IP address/es for the serial connections from site to site.. is that an insane question? should I be creating these addresses myself, isn't this something the carrier is suppossed to give you.. I realize that its a closed point to point connection where no Internet service is administer in comparison to how an ISP provides this type of pipe with a dynamic global address.. but then what IPs do I use and set to my serial interfaces?? How do I bring the links up on these serial ports without any IP address.. just a bit confused..

thx again!
gman

 

[dearingkr]

If it is a true point-to-point, then you can use whatever you please. Verizon is providing you the link only.

You put whatever IPs you choose on the serial ports.
Of course you'll need to use one of the private IP ranges:
10.x.x.x
172.16.x.x - 172.31.x.x
192.168.x.x

Take a look at the config and you'll see that the serial interface is set for 10.10.15.x/252


MCSE CCNA CCDA

 

[gman10]

Thx again Dearingkr,

I'll probably use the 10.xx.xx.xx address for the serial ports w/252 mask.. there's nothing wrong with that at all my friend.. I originally was going to set everything to 192.xx.xx.xx addresses, even the fastethernet addresses but I will sleep on it.. Yes, also I will need a short but sweet access-list created for a possible PIX that will eventually be deployed behind one of the routers at Site A.. generally Site A will need to view whats going on at Site B.. so essentially everything at Site B will have it's packets routed then filtered thru the PIX at Site A .. just afew apps that will utilize data from Site B.. nothing more really.. your a tremendous help.. Are you devoted more to infrastructure stuff like routers or switches? or just a "wearer of many hats depending on the fire" like I tend to be..

cheers
gman

 

[dearingkr]

I work for an IT company that provides total solutions: cabling, routers, switches, firewalls, servers, workstation, phone systems, wireless, etc. My specialty is Cisco and Microsoft, but as the sr. engineer, I have to wear many hats.

FYI,
The Cisco PIX has a very nice GUI. Point, click, and fill in the blanks. No need to sit down and code ACL's unless you need to get really elaborate.

MCSE CCNA CCDA

 

[gman10]

Hey that sounds great!

I was wondering, as far as the access-lists go.. Should I just leave everything on the routers open (or in this case just the router that has the PIX behind it? and setup the access-lists on the PIX.. but on the other router I would need to setup the router with some sort of access list.. or maybe not.. this is just a point to point connection.. literally nothing will be setup on that router Site B unless there may eventually contain a few pcs at that end..

 

[IllegalOperation]

Think of a point-to-point circuit as your very own CAT5 cable that you ran yourself, from one specific location to the other. Why? Because thats pretty much all it is in a nutshell. It is your own circuit. There is absolutely no outside communications involved with it, no third party routers, no nothing. The configuration is completely up to you....

 

[gman10]

Thx IllegalOperation,

so from router to router, when I place each serial address on each router, how will they see eachother? Each router has to know about eachothers serial address even though it's a point to point T1 connection.. I believe there would have to be an entry placed in each routers config file telling both routers about eachothers address.. Am I correct by saying this?

thx for all your help guys!
gman

 

[lgarner]

No, it will know. The router knows that every address in the same subnet as a configured interface is available via that interface. For example, if you set the Ethernet0 interface to have IP address 10.1.1.0/24, the router knows that all 10.1.1.x addresses are reachable via that interface.

For your serial i/f, you'd probably use a /30 mask which allows for 2 useable IP addresses: Your router, and the remote router. Once your circuit is up and everything's connected you should see this if you type "show ip route" on one of the routers:

C 10.1.1.0/24 is directly connected, Ethernet0
C 10.0.1.0/30 is directly connected, Serial0

...And the router knows about the other.

A different question is how to get router A to know about networks on the other side of router B. For that, you need to configure static routes, or use a dynamic routing protocol. I use EIGRP almost exclusively, because it's simple and very good (as long as all routers are Cisco).

You could add:
router eigrp 1
network 10.0.0.0

to each router's configuration, with a "network" statement for each connected network. If all your addresses are 10.x.x.x, then this is all you need. EIGRP is smart about subnet masks.

Then, a "show ip route" might yield:

10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
C 10.1.1.0/24 is directly connected, Ethernet0
C 10.0.1.0/30 is directly connected, Serial0
D 10.1.2.0/24 [90/7332096] via 10.0.1.2, 3:48:07, Serial0

The "D" indicates a route learned via EIGRP from another router, in this case the route to your remote network.

Make sense? Probably not, but it did while I was writing it...

Lee.

 

[gman10]

Thx Igarner,

So essentially let me spit this out to you and tell if if I've nailed thing or I'm totally wrong

Router A (site a) will have a serial 0/0 address of.. let's say interface Serial0/0

ip address 10.10.210.1 255.255.255.252

should Router B (site b) have something like serial address 0/0 of...
ip address 10.10.210.2 255..255.255.252 .. is this correct? they will essentially be in the same network or am I totally off by saying this.. or should my serial address on router B be something else.. jsut want to make sure.. also teh entry in the sample config up top (from this post that concerns the default gateway..

ip default-gateway x.x.x.x
ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 x.x.x.x

this is another static route but what should be my default gateway.. should it just be one of the address from one of my two routers?? sorry for all the confusion but if I could nail this aspect I think I'll understand this much more!

thx to all of you for your grand help!!

gman

 

[dearingkr]

The sample template I gave you already has a routing protocol configured (EIGRP). You don't need any static routes. Both routers will know of any subnet attached to any interface of either router.

As far as the default gateway, it depends on how the rest of your network is set up.

Does each site have their own internet access?
What default gateway are you currently using on the workstations?

Here is how I have some clients set up...

Internet Internet
| |
| |
Public IP Public IP
Firewall Firewall
10.10.1.1/24 10.10.2.1/24
| |
| |
Switch------E0 10.10.1.3/24 E0 10.10.2.3/24-------Switch
10.10.1.2 Router A Router B 10.10.2.2
| GW 10.10.1.1 GW 10.10.2.1 |
| S0 10.10.215.1/30---S0 10.10.215.2/30 |
| |
Workstations Workstations
10.10.1.x/24 10.10.2.x/24
GW 10.10.1.3 GW 10.10.2.3


MCSE CCNA CCDA

 

[gman10]

Thx Dearingkr,

Ah! so the serial interface IP addresses on both distinct routers A and B will be in the same network so to speak.. At least that is what your drawing depicts and this is what I had the most trouble understanding -what addresses to use at each routers serial port, as far as same/different network, could it be two totally different IP schemes entirely but from what I see in your drawing they are par to the same range.. you have router A's S/0 address at 10.10.215.1/30 and router B's S/0 address at S0 10.10.215.2/30.. If I'm wrong about this please let me know but that is what is looks like..

Anyway, as far as the default gateway issue.. Right now, there are no pc's that will be tied into this point to point assessment, perhaps in 3 weeks they'll bring a computer in at site A (router A).. Right now they have web access and a totally different network setup for production workstation's etc.. our point to point will never be tied into their other production network and will be used for different purposes with no web interface at all.

thx again
gman

 

[lgarner]

Yes, you've got it.

If you connect a router and some computers to an ethernet segment, you could see that there is one network and all devices will have IP addresses in that network's range.

Your point-point circuit is a single network. All devices will need addresses within that network. That's really all there is to it. Once the devices are set up this way, they behave as if they were sitting next to each other on your LAN.

As for the default gateway: This is used only if your router needs to forward packets to a network that isn't explicitely in its routing table, such as to the Internet. In your case it appears that you won't need one since you're only routing on your own networks. If you use EIGRP, then both routers will automatically know how to reach your LAN's and won't need the default route.

 

[dearingkr]

gman10,
You're correct.

MCSE CCNA CCDA

 

[gman10]

To All-

I commend all of you for having the patience with me and letting everyone know that you helped me nail this Point to Point assessment down!!

thx again
gman

 

[gman10]

hey all-

I was wondering if I would need to configure EIGRP for my point to point on both routers.. If I setup EIGRP on router A as ...router eigrp 10
network 10.10.0.0 0.0.255.255
auto-summary
Would that suffice or would I need to implement this on router B as well? Just curious.. have a great evening and thanx again

gman

 

[nawlej]

You need to implement it on both routers.

 

[gman10]

Thk nawlej,

Same AS number on both assumingly?

thx again
gman