cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
675
Views
0
Helpful
10
Replies

Lab Router Config

HMidkiff
Level 1
Level 1

I have 2 1841 routers in a lab config. Both routers have CSU modules in them and I am using a T1 crossover cable to connect them together. After configuring IP addresses on both sides I can ping the serial interfaces from each of the routers, but I cannot go past the interfaces? I configure EIGRP and added the network, but when I do a "sh ip route" no routes for the networks on the other router show up. I am not sure what I am missing? Any advice anyone has would be great.

10 Replies 10

John Blakley
VIP Alumni
VIP Alumni

Can you post your configs on both sides?

--John

HTH, John *** Please rate all useful posts ***

John:

Thanks for replying. Here is the config for the first router. I will have to repost the second due to character restrictions.

********** LAB-TAMPA-**********

Current configuration : 4480 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname LAB-TAMPA

!

boot-start-marker

boot system flash:c1841-ipbasek9-mz.124-15.T7.bin

boot-end-marker

!

enable secret 5 $1$IqS9$.FNQIoHaMiblAR8DH0KNo1

!

no aaa new-model

dot11 syslog

ip cef

!

no ip domain lookup

ip domain name lab-aviinc.local

ip name-server 192.168.2.34

multilink bundle-name authenticated

!

ip ssh authentication-retries 5

ip ssh version 2

!

interface FastEthernet0/0

description Connected to TEST VLAN NETWORK

no ip address

duplex auto

speed auto

!

interface FastEthernet0/0.2

description VLAN 2 - Voice Network

encapsulation dot1Q 2

ip address 10.2.2.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

interface FastEthernet0/0.3

description VLAN 3 - Data Network

encapsulation dot1Q 3

ip address 10.2.3.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

interface FastEthernet0/0.4

description VLAN 4 - AV Network

encapsulation dot1Q 4

ip address 10.2.4.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

interface FastEthernet0/0.5

description VLAN 5 - SIG Test Network

encapsulation dot1Q 5

ip address 10.2.5.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

interface FastEthernet0/0.6

description VLAN 6 - Guest Network

encapsulation dot1Q 6

ip address 10.2.6.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

interface FastEthernet0/0.7

description VLAN 7 - Public Network

encapsulation dot1Q 7

!

interface FastEthernet0/1

description Connected to ISP (Verizon DSL)

ip address 72.64.198.66 255.255.255.0

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

!

interface Serial0/0/0

ip address 10.0.0.1 255.255.255.252

service-module t1 clock source internal

!

router eigrp 110

network 10.0.0.0

no auto-summary

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 FastEthernet0/1

!

no ip http server

no ip http secure-server

ip nat inside source list INSIDE_NAT_ADDRESSES interface FastEthernet0/1 overload

!

ip access-list standard INSIDE_NAT_ADDRESSES

permit 10.2.0.0 0.0.255.255

!

control-plane

!

********** LAB-TAMPA-**********

John:

Here is the config for the second router.

********** LAB-DALLAS**********

Current configuration : 4679 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname LAB-DALLAS

!

boot-start-marker

boot system flash:c1841-ipbasek9-mz.124-15.T7.bin

boot-end-marker

!

logging buffered 4096

enable secret xxx

!

no aaa new-model

clock timezone CST -6

dot11 syslog

ip cef

!

no ip domain lookup

ip domain name lab-aviinc.local

ip name-server 192.168.2.34

multilink bundle-name authenticated

!

crypto pki trustpoint TP-self-signed-467634406

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-467634406

revocation-check none

rsakeypair TP-self-signed-467634406

!

username XXXXXX secret xxx

archive

log config

hidekeys

!

ip ssh authentication-retries 5

ip ssh version 2

!

interface FastEthernet0/0

description Connected to TEST VLAN NETWORK

no ip address

duplex auto

speed auto

!

interface FastEthernet0/0.2

description VLAN 2 - Voice Network

encapsulation dot1Q 2

ip address 10.5.2.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

interface FastEthernet0/0.3

description VLAN 3 - Data Network

encapsulation dot1Q 3

ip address 10.5.3.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

interface FastEthernet0/0.4

description VLAN 4 - AV Network

encapsulation dot1Q 4

ip address 10.5.4.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

interface FastEthernet0/0.5

description VLAN 5 - SIG Test Network

encapsulation dot1Q 5

ip address 10.5.5.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

interface FastEthernet0/0.6

description VLAN 6 - Guest Network

encapsulation dot1Q 6

ip address 10.5.6.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

interface FastEthernet0/0.7

description VLAN 7 - Public Network

encapsulation dot1Q 7

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface Serial0/0/0

ip address 10.0.0.2 255.255.255.252

ip nat outside

ip virtual-reassembly

!

router eigrp 110

network 10.0.0.0

no auto-summary

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 Serial0/0/0

!

no ip http server

no ip http secure-server

ip nat inside source list INSIDE_NAT_ADDRESSES interface Serial0/0/0 overload

!

ip access-list standard INSIDE_NAT_ADDRESSES

permit 10.0.0.0 0.0.0.255

!

no logging trap

!

control-plane

!

banner motd ^C

!

line con 0

exec-timeout 30 0

password xxx

logging synchronous

login local

line aux 0

line vty 0 4

exec-timeout 30 0

password xxx

login local

transport input ssh

line vty 5 15

exec-timeout 30 0

password xxx

login local

transport input ssh

!

scheduler allocate 4000 1000

end

********** LAB-DALLAS**********

In reality, you don't need to nat across this connection if you have them connected directly. You can take the nat configuration off of the second router, and see if that helps.

--John

HTH, John *** Please rate all useful posts ***

You also may need to do a policy map on your first router destined for anything to your second router go out the S0 interface, because I think (and I may be wrong) that anything that comes into the subinterfaces will try to be natted out your other public interface.

Others may have to chime in here though....

--John

HTH, John *** Please rate all useful posts ***

John:

Thanks for pointing that out. I missed it. I turned off NAT and form the second router (LAB-DALLAS) I can access subnets on the first with out a problem, but from the first (LAB-TAMPA) I still cannot access the subnets on the second (LAB-DALLAS). I am looking through the config but don't see what might be stopping this traffic.

If you run sh ip eigrp neighbors, do you see the other side?

What happens if you put in a static route for the "dallas" router in the "tampa" router, like ip route 10.0.0.0 255.255.255.0 serial0?

John

HTH, John *** Please rate all useful posts ***

I tried a static route already. I even removed EIGRP and entered static routes. What is so odd is I can ping from the LAB-DALLAS to LAB-TAMPA subnets but not the other way.

Try this:

ip route 10.0.0.0 255.255.255.0 serial0

and in your access-list:

ip access-list standard INSIDE_NAT_ADDRESSES

deny 10.0.0.0 0.0.0.255

permit 10.2.0.0 0.0.255.255

HTH, John *** Please rate all useful posts ***

allan.thomas
Level 8
Level 8

The problem is that the destination host beyond the serial interface does not know the return path.

I suspect that your problem lies with your EIGRP router process configuration, ensure that you have added the network address of the serial i/f into the process.

It is possible that EIGRP is being surpressed because updates cannot be routed out of the respective interface if it is configured as a passive interface. Under the router process input the command 'no passive-interface serial?/?'.

Pls post the configurations.

Rgds

Allan.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: