Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Wan not working on cisco 1601r

Status
Not open for further replies.
billmx

billmx

MIS
Aug 27, 2002
66
US
I'm configuring a cisco 1601r as listed below. On the lan side, things seem to be working fine. I can browse and ping internally, but I can't get past the Wan interface serial0. I can ping the ip of serial0, but nothing past that. Can anyone see what I am doing wrong ? Thanks !
 
 
ip subnet-zero
no ip source-route
no ip routing
no ip finger
!
!
!
interface Ethernet0
ip address 192.168.1.1 255.255.255.0
no ip directed-broadcast
no ip proxy-arp
ip nat inside
no ip route-cache
no cdp enable
!
interface Serial0
ip address **public IP 1**  255.255.255.248
no ip directed-broadcast
no ip proxy-arp
ip nat outside
encapsulation frame-relay IETF
no ip route-cache
no fair-queue
frame-relay interface-dlci 16
frame-relay lmi-type ansi
!
ip nat pool pool01 **public IP 1**  **public IP 1**  netmask 255.255.255.248
ip nat inside source list 100 pool pool01 overload
ip nat inside source static 192.168.1.10 **public IP 2**  
ip nat inside source static 192.168.1.9 **public IP 3**  
ip nat inside source static 192.168.1.8 **public IP 4**  
ip nat inside source static 192.168.1.7 **public IP 5**  
ip nat inside source static 192.168.1.6 **public IP 6**  
ip nat inside source static 192.168.1.5 **public IP 7**  
ip classless
no ip forward-protocol udp bootpc
ip route 0.0.0.0 0.0.0.0 **public IP 1**  
ip route 192.168.3.0 255.255.255.0 192.168.1.17
ip route 192.168.5.0 255.255.255.0 192.168.1.17
!
access-list 100 permit ip 192.168.1.0 0.0.0.225 any
no cdp run
snmp-server community public RO
 
Sort by date Sort by votes
Firstly, get rid of the line frame-relay interface-dlci 16 as this is used on logical subinterfaces, not physical interfaces. Also, if you're using IOS release newer than 11.1 you shouldn't need to specify the LMI type as the router should auto-detect it. So get rid of the line frame-relay lmi-type ansi.

Once you've done that, do a show interface serial 0 to check your line protocol is up, and if that's okay use show frame-relay lmi to check you're sending and receiving LMI frames. Near the bottom of the output you will see Num Status Enq. Sent and Num Status msgs Rcvd. These numbers should increment every 10 seconds.

If you're still having problems, try show frame-relay pvc to check the status of your PVC's.

Graham
 
Upvote 0 Downvote
I think this is your problem "no ip routing". Please remove this from your config, by entering "ip routing" in the configuration.
 
Upvote 0 Downvote
Yep, checking the basics could also help! (My bad not spotting that)
 
Upvote 0 Downvote
I tried the simple solution first and added ip routing. This did not resolve the problem. I ran the show interface serial 0 command and got the reply that "line is up, protocol is up". In fact I see that message from the router when I plug into the ISP interface. I'm assuming that means that my cable is OK and that I'm making a connection with the ISP. Next I'll try removing the frame-relay lines that techkiwi recommended and along with the show frame-relay commands to get some more information.

Thanks for the suggestions !
 
Upvote 0 Downvote
billmx,
The frame-relay interface-dlci 16 is required to identify your PVC (the default for your first PVC is usually 16). I would not remove this line, but instead I would refine you config to run sub-interface.

interface s0
no ip addres
encapsulation frame-relay
no shutdown

interface s0.1 point-to-point
ip address < xxxxx >
frame-relay interface-dlci 16

When you do a &quot;show frame pvc&quot; it will tell you whether the PVC is ACTIVE, INACTIVE or DELETED.

If ACTIVE, do a test ping on from the router to the other routers serial IP. Run an extended ping, using your router's s0.1 IP as the source. The reason may be that the remote router may not be allow pings through from other IPs. When you get the FR going, apply your NAT statement back to your s0.1 interface.

If your PVC is INACTIVE or DELETED, there may be a problem with the circuit or a mismatch with the LMI config.

Let us know how you go.

JimmyZ


 
Upvote 0 Downvote
When I did the &quot;show frame pvc&quot; it told me that the connection was active. I figured there were no problems there, so I went back to my statements and looked at each one. I found the problem line :
access-list 100 permit ip 192.168.1.0 0.0.0.225 any

When I changed the .225 to .255 I was able to get out through the wan port. So I think that removing the &quot;no ip routing&quot; and correcting this statement resolved my problem.

I do have a couple more questions :
1. Is there a benefit to creating the subinterface described by jimmyz and running that way ?
2. We have a lotus notes email server with a NAT address. When I ping it from behind the old router it would reply with the public address. With the new router it gives the private address. From the internal network, I could not access the notes server for an hour or so, then it suddenly started working. Is there any explanation for this ?

Thanks

Thanks,
Bill
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

CPM86
  • Question
Cisco isr 4331 with IOS and sip busy fail over to 2nd sip number on pbx?
Replies
0
Views
372
CPM86
CPM86
B
  • Locked
  • Question
Cisco IP phone 7841 8851 unable to forward all to external number
Replies
0
Views
229
badwolf1686
B
pbxcomm
  • Locked
  • Question
CISCO VG450
Replies
1
Views
596
nt8d09
nt8d09
Skip Rango
  • Locked
  • Question
how to backup cisco sg500-52p switch
Replies
1
Views
584
madwok
madwok
Jared R
  • Locked
  • Question
Cisco UC320W Paging Help
Replies
0
Views
559
Jared R
Jared R

Part and Inventory Search

Sponsor

Back
Top