03-18-2003 08:19 AM - edited 03-02-2019 05:57 AM
Our firm is having problems with users that need to dial into the network. It seems they are having trouble accessing servers - even though the dialup session is supposed to assign the client's TCP/IP settings from the local DHCP server, we are forced to add at least the DNS servers manually so they can access the network properly.
I have a feeling the routers are not configured correctly for this. Here is an example of a router configuration:
!
version 12.0
service timestamps debug datetime localtime
service timestamps log datetime localtime
service password-encryption
!
hostname TESTrouter
!
no logging console
aaa new-model
aaa authentication login default tacacs+
aaa authentication login consoles tacacs+ line
aaa authentication ppp default tacacs+
aaa authorization exec default tacacs+ none
aaa authorization network default tacacs+
aaa accounting exec default start-stop tacacs+
aaa accounting network default start-stop tacacs+
enable secret ***erased***
!
ip subnet-zero
ip domain-name parente.dom
ip name-server 120.1.10.3
async-bootp dns-server 120.1.10.3 120.1.25.5
async-bootp nbns-server 120.1.10.8
!
!
!
!
interface Ethernet0
description INTERNAL LAN
ip address 120.1.55.1 255.255.255.0
no ip directed-broadcast
!
interface Serial0
description SERIAL PORT USED FOR SUB-INTERFACE (FRAME-RELAY
no ip address
no ip directed-broadcast
encapsulation frame-relay
!
interface Serial0.1 point-to-point
description TO SOME-PLACE
ip address 120.1.56.2 255.255.255.0
no ip directed-broadcast
no ip mroute-cache
frame-relay interface-dlci 100
!
interface Serial1
no ip address
no ip directed-broadcast
shutdown
!
interface Group-Async1
ip unnumbered Ethernet0
ip helper-address 120.1.55.16
no ip directed-broadcast
encapsulation ppp
no ip route-cache
ip tcp header-compression passive
no ip mroute-cache
dialer in-band
dialer idle-timeout 999999
async dynamic address
async mode interactive
peer default ip address dhcp
no fair-queue
no cdp enable
ppp authentication pap chap
group-range 1 8
!
router eigrp 1
network 120.1.0.0
no auto-summary
!
ip local pool wellsboro-dialin 120.1.55.2 120.1.55.10
ip nat translation timeout never
ip nat translation tcp-timeout never
ip nat translation udp-timeout never
ip nat translation finrst-timeout never
ip nat translation syn-timeout never
ip nat translation dns-timeout never
ip nat translation icmp-timeout never
ip classless
ip route 0.0.0.0 0.0.0.0 120.1.56.1
!
tacacs-server host 120.1.10.7
tacacs-server host 120.1.25.5
tacacs-server timeout 60
tacacs-server key ***erased***
snmp-server community parentenet RO
snmp-server community parentenet1 RW
!
line con 0
password ***erased***
login authentication consoles
transport input none
line 1 8
autoselect during-login
autoselect ppp
modem InOut
modem autoconfigure discovery
transport input all
speed 115200
flowcontrol hardware
line aux 0
password ***erased***
login authentication consoles
transport input all
line vty 0 4
password ***erased***
login authentication consoles
!
ntp clock-period 17180232
ntp server 120.1.10.1
end
And here is the result of IPConfig when dialed into this:
PPP adapter TESTOFFICE:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 120.1.55.108
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 120.1.55.108
DNS Servers . . . . . . . . . . . : 120.1.10.3
120.1.25.5
Primary WINS Server . . . . . . . : 120.1.10.8
Secondary WINS Server . . . . . . : 120.1.10.8
NetBIOS over Tcpip. . . . . . . . : Disabled
I'm not very knowledgeable about PPP, but I'm hoping there's away to get the IPConfig to look like this (if possible):
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
Dhcp Enabled. . . . . . . . . . . : Yes
IP Address. . . . . . . . . . . . : 120.1.55.108
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 120.1.55.1
DNS Servers . . . . . . . . . . . : 120.1.10.3
120.1.25.5
Primary WINS Server . . . . . . . : 120.1.10.3
NetBIOS over Tcpip. . . . . . . . : Enabled
???
thanks for any help
03-18-2003 09:21 AM
The config looks good...The first output is what we will typically see for a ppp dialup client & the second is for a client connected on the LAN.
On the PPP dialup output, the netmask will be either /32 or a classful mask depending on the clinet Win OS....we do not negotiate mask in PPP.
Default GW will always be self address as there is no way to negotiate the GW during ppp nego. However in LAN connection it's possible.
You mentioned that you need to add the DNS servers manually for network connectivity, based on the as5300 configs, the dns should be downloaded during ipcp....Can you ping your network servers on ip address? Maybe we have a dns issue.
Can suggest a few debugs to troubleshoot this issue, mainly "deb ppp nego" will indicate whether the dns info is passed on or not.
Thanks, Mak.
03-18-2003 09:51 AM
Okay that's what I figured, for the subnet mask and gateway. The second ipconfig is what we get on the LAN, and I was hoping to mimick that... my goal is to have the laptops function on the network the same when they're on dialup.
Yes we can ping. The first IPConfig shows that tcp/ip is getting the right dns servers but it seems that there is something missing for them to function correctly... perhaps it isn't registering on the domain properly... the connection specific domain suffix isn't showing up like it should either...
Is there a way to have the PPP session pull ALL of it's settings from the local DHCP server, rather than from the router? How do we turn on Netbios over TCP/IP... and why am I getting 2 WINS servers of the same IP...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide