Telco Cisco 2800 MLPPP Router Config & PIX 515 - Cannot browse the Internet

Unanswered Question
Feb 5th, 2008
User Badges:

I have been trying to move my company from a 1.5 managed Internet line

(includes telco router) to a 4.5 multilink Internet line (3 T1 lines +

telco router) for over a month now. We have a PIX Firewall behind our

current 1.5 managed Internet connection which works perfectly. The PIX points to the gateway of last resort on the 1.5 Internet router (route outside 12.94.x.x 1). All external IP addressing for the

old and new telco router is the same. The problem is, when I try to

switch to the new 4.5 multilink Internet line -- I cannot get out to

the Internet, ping the serial interface of the new router, nothing. I

clear arp and power the PIX down when I try to switch over to the new

4.5 Internet line + router. I have attached the configuration of the 4.5 telco router and the PIX? Any ideas? We directly

connect our firewall into g0/0, but we are unable to ping the customer

serial IP address. The Telco has basically refused to work with us and says it is our PIX firewall. HELP!!!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
smitty6504 Tue, 02/05/2008 - 08:31
User Badges:

When you post "show ip interface brief" from you router. Tue, 02/05/2008 - 09:13
User Badges:

Thanks for posting.

The telco controls the router, I do not have the ability to logon to the router.

I keep thinking the acl in permissions are missing on the serial interfaces, but I do not know enough about MLPPP connections.

smitty6504 Tue, 02/05/2008 - 09:56
User Badges:

Can you ping from the outside interface of the PIX to the inside of the router and then try the outside of the router. Tue, 02/05/2008 - 10:45
User Badges:

I was only able to ping the 12.94.x.x interface on the router (g0/0) from the outside interface of the PIX. I could not ping anything else.

smitty6504 Tue, 02/05/2008 - 11:11
User Badges:

Well that would suggest that it is an issue with the router not passing data from G0/0 to the serial interface of the router. I would do a trace from the pix and copy that and send it to the telco company.

smitty6504 Tue, 02/05/2008 - 11:14
User Badges:

Could you try to ping from the inside of the pix to the g0/0 of the router? Tue, 02/05/2008 - 11:19
User Badges:

I was only able to ping the g0/0 from our internal subnet as well (inside the pix).

I will try the trace as you have suggested.

I have to bring our current 1.5 Internet line down to test, so I need to come in late at night to test the multilink line + router. Tue, 02/05/2008 - 15:29
User Badges:

I was able to bring the main line down for a few minutes and bring the mulitlink up to try a tracert. I have attached the results. It just times out through the new router and dns does not resolve. I do not understand this, when everything works fine through the single t1 and the same PIX. I think it is the multilink router. Please help!!!!

smitty6504 Tue, 02/05/2008 - 15:35
User Badges:

I think it is the router. Ping from the inside of your PIX and from the outside of the pix to the inside and outside of the router. Then get the CO on the phone and let them see the results. That should be enought to show them they have an issue with the multilink setup. Wed, 02/06/2008 - 11:02
User Badges:

Thanks and I will gather this info for the telco. We are going to due another full test this Friday night with the telco. I will post the results. Mon, 02/11/2008 - 07:39
User Badges:

The Telco finally fixed their router on Friday evening after I sent them the tracert and ping information from outside my Firewall.

Thanks for all your suggestions.


This Discussion