Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Show int Tunnel 0, have I been assigned wrong IP address?

Status
Not open for further replies.
Rod25

Rod25

Technical User
Joined
Sep 19, 2003
Messages
122
Hi Guys,
I have installed two 837 ADSL routers interconnected with GRE Tunnels. The ATM 0 interface is up and up, int tunnel 0 is up and up, int eth 0 is up and up. But I cannot ping from one site to the other. I have IP routes in place. I can however ping from each site to public address on the internet but not to each other.

One thing that puzzles me on both sites is that for example the public IP address assigned by ISP is x.x.x.50 but when I look at interface tunnel 0 I get the following output:

int tunnel 0
Tunnel0 is up, line protocol is up
Hardware is Tunnel
Description: *** GRE TUNNEL TO REMOTE SITE ***
Internet address is 192.168.1.2/30
MTU 1514 bytes, BW 9 Kbit, DLY 500000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation TUNNEL, loopback not set
Keepalive not set
Tunnel source X.X.X.51 (Dialer1), destination X.X.X.4

The tunnel source is x.x.x.51 instead of x.x.x.50?? Have I been given the wrong IP Address from my ISP???

Any help on this would be great.

Thanks,

Rod
 
Sort by date Sort by votes
Rod,

Normally, tunnel interfaces are 'up' all the time (unless you flipped on keepalives), so, it's really important to check your config. Can you post the tunnel interface configs?

 
Upvote 0 Downvote
Hi rtfmdude,

I have pasted the configs of my routers. I hope you can spot something. should the tunnel show the IP address assigned by ISP under 'show int tunnel 0' for example x.x.x.50 instead of x.x.x.51?

int tunnel 0
Tunnel0 is up, line protocol is up
Hardware is Tunnel
Description: *** GRE TUNNEL TO REMOTE SITE ***
Internet address is 192.168.1.2/30
MTU 1514 bytes, BW 9 Kbit, DLY 500000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation TUNNEL, loopback not set
Keepalive not set
Tunnel source X.X.X.51 (Dialer1), destination X.X.X.4

ROUTER-A

crypto isakmp key 1234567 address X.X.X.4
!
!
crypto ipsec transform-set vpnrouter esp-3des esp-sha-hmac
mode transport
!
crypto map vpn 10 ipsec-isakmp
set peer X.X.X.4
set transform-set vpnrouter
match address 106
!
!
!
interface Tunnel0
description *** GRE TUNNEL TO ROUTER B ***
ip address 192.168.1.1 255.255.255.252
tunnel source Dialer1
tunnel destination X.X.X.4
crypto map vpn
!
interface ATM0
no ip address
atm vc-per-vp 64
no atm ilmi-keepalive
dsl operating-mode auto
pvc 8/35
pppoe-client dial-pool-number 1
!
!
interface Dialer1
ip address negotiated
ip access-group 101 in
ip mtu 1492
ip nat outside
ip inspect myfw out
ip virtual-reassembly
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
dialer remote-name redback
dialer-group 1
ppp authentication pap chap callin
ppp chap hostname XXXXXX
ppp chap password XXXXXX
ppp pap sent-username XXXX password 7 XXXX
crypto map vpn
!
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 10.0.0.0 255.255.255.0 Tunnel0
!
ip http server
no ip http secure-server
!
ip nat inside source list 102 interface Dialer1 overload
!
access-list 102 permit ip 10.1.1.0 0.0.0.255 any
access-list 106 permit ip 10.1.1.0 0.0.0.255 10.0.0.0 0.0.0.255
access-list 106 permit gre host 83.71.189.4 host 83.71.184.168
!

ROUTER-B

crypto isakmp key 1234567 address X.X.X.50
!
!
crypto ipsec transform-set vpnrouter esp-3des esp-sha-hmac
mode transport
!
crypto map vpn 10 ipsec-isakmp
set peer X.X.X.50
set transform-set vpnrouter
match address 106
!
!
!
interface Tunnel0
description *** GRE TUNNEL TO ROUTER A ***
ip address 192.168.1.2 255.255.255.252
tunnel source Dialer1
tunnel destination X.X.X.50
crypto map vpn
!
interface ATM0
no ip address
atm vc-per-vp 64
no atm ilmi-keepalive
dsl operating-mode auto
pvc 8/35
pppoe-client dial-pool-number 1
!
!
interface Dialer1
ip address negotiated
ip access-group 101 in
ip mtu 1492
ip nat outside
ip inspect myfw out
ip virtual-reassembly
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
dialer remote-name redback
dialer-group 1
ppp authentication pap chap callin
ppp chap hostname XXXXXX
ppp chap password XXXXXX
ppp pap sent-username XXXX password 7 XXXX
crypto map vpn
!
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 10.0.0.0 255.255.255.0 Tunnel0
!
ip http server
no ip http secure-server
!
ip nat inside source list 102 interface Dialer1 overload
!
access-list 102 permit ip 10.1.1.0 0.0.0.255 any
access-list 106 permit ip 10.1.1.0 0.0.0.255 10.0.0.0 0.0.0.255
access-list 106 permit gre host 83.71.189.4 host 83.71.184.168
!


Thanks,
Rod
 
Upvote 0 Downvote
Rod,

Ah - I see what you're saying. Can you paste in a show int from the atm interface? Just want to verify that ip address. Any difference if you bounce the tunnel interface after the dsl connection comes up? Whatabout if you statically define the tunnel source ip address? What version of code are you running, also?
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

jobsp90
  • Locked
  • Question Question
I have a issue in my office hospital network regarding using IPPBX software.
Replies
2
Views
529
DavetheChef
DavetheChef
B
  • Locked
  • Question Question
Cisco IP phone 7841 8851 unable to forward all to external number
Replies
0
Views
403
badwolf1686
B
WinstonCH
  • Locked
  • Helpful tip Helpful tip
What is wrong with the diagram, there are people who will help to fix it? How do i do the configurat
Replies
1
Views
897
BIS
BIS
CPM86
  • Locked
  • Question Question
Cisco isr 4331 with IOS and sip busy fail over to 2nd sip number on pbx?
Replies
0
Views
561
CPM86
CPM86
PThomp3344
  • Locked
  • Question Question
Trying to connect to Cisco Unified Controller web interface: UC520W-16U-4FXO-K9
Replies
1
Views
680
nt8d09
nt8d09

Part and Inventory Search

Sponsor

Back
Top