Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Can anyone shed a light on my BRI Configs

I have set up a simple ISDN dial up between two routers, and I don't see any wrong with the configs may be. The funny thing is when I use dialer string command on both routers then I can successfully ping each other, but if I replace Dialer String with Dialer Map which is a preferred way I am not able to ping. The Bri channel 1 will be connected, but my ping times out. Here is the configs for both routers:

r1#wr t

Building configuration...

Current configuration:

!

version 11.3

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname r1

!

enable secret 5 $1$oix0$jjbU/t1qjJlHT1zYajIeG/

!

no ip domain-lookup

isdn switch-type basic-ni1

!

!

interface Ethernet0

ip address 170.10.22.1 255.255.255.0

no keepalive

media-type 10BaseT

!

interface Ethernet1

no ip address

shutdown

media-type 10BaseT

!

interface Serial0

no ip address

encapsulation frame-relay

!

interface Serial0.1 point-to-point

ip address 170.10.29.1 255.255.255.252

frame-relay interface-dlci 102

!

interface Serial1

ip address 170.10.23.1 255.255.255.252

!

interface Serial2

no ip address

shutdown

!

interface Serial3

no ip address

shutdown

!

interface BRI0

ip address 170.10.129.1 255.255.255.252

encapsulation ppp

dialer map ip 170.10.129.2 name r2 broadcast 9636000

dialer-group 1

isdn spid1 25696350000101

isdn spid2 25696350010101

!

interface BRI1

no ip address

shutdown

!

interface BRI2

no ip address

shutdown

!

interface BRI3

no ip address

shutdown

!

router ospf 1

passive-interface BRI0

network 170.10.22.1 0.0.0.0 area 1

network 170.10.23.1 0.0.0.0 area 1

network 170.10.29.1 0.0.0.0 area 0

network 170.10.129.1 0.0.0.0 area 0

!

ip classless

!

dialer-list 1 protocol ip permit

!

line con 0

logging synchronous

line aux 0

line vty 0 4

no login

!

end

r1#

r2#wr t

Building configuration...

Current configuration:

!

version 11.3

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname r2

!

enable secret 5 $1$D58d$cmNsq25bGd02XGPfZSUY9/

!

no ip domain-lookup

isdn switch-type basic-ni1

!

!

interface Ethernet0

no ip address

shutdown

media-type 10BaseT

!

interface Ethernet1

no ip address

shutdown

media-type 10BaseT

!

interface Serial0

no ip address

encapsulation frame-relay

no ip mroute-cache

!

interface Serial0.1 point-to-point

ip address 170.10.29.2 255.255.255.252

frame-relay interface-dlci 201

!

interface Serial1

ip address 170.10.49.2 255.255.255.252

!

interface Serial2

no ip address

shutdown

!

interface Serial3

no ip address

shutdown

!

interface BRI0

ip address 170.10.129.2 255.255.255.252

encapsulation ppp

dialer map ip 170.10.129.1 name r1 broadcast 9635000

dialer-group 1

isdn spid1 25696360000101

isdn spid2 25696360010101

!

interface BRI1

no ip address

shutdown

!

interface BRI2

no ip address

shutdown

!

interface BRI3

no ip address

shutdown

!

router ospf 1

passive-interface BRI0

network 170.10.0.0 0.0.255.255 area 0

!

ip classless

!

dialer-list 1 protocol ip permit

!

line con 0

logging synchronous

line aux 0

line vty 0 4

no login

!

end

r2#

4 REPLIES
VIP Purple

Re: Can anyone shed a light on my BRI Configs

Hello Abbas,

your config looks ok, it might just be that ppp authentication is needed when you use the dialer map statements. So I would try to add ppp authentication chap on both sides (and don't forget the username r1 password xxx and username r2 password xxx ojn both routers as well).

Regards,

Georg

Re: Can anyone shed a light on my BRI Configs

Two remarks:

1: On both routers you need to configure a username / password to authenticate. Example for r1

username r2 password cisco

On the dialers, you should then add: ppp authentication chap

To test what goes wrong you may want to use the command: debug ppp neg

It will show the ppp negotiations.

2: A static route will be required to point to the BRI as the destination interface. Without a valid entry in the routing table, your traffic will be discarded by the first router. So the dialer is never activated. Use a distance on it to make the router select s0 when available:

ip route xxxx mask 170.10.129.x 130

Regards,

Leo

Silver

Re: Can anyone shed a light on my BRI Configs

Your pings are going to fail because if you do a sh interface bri0/0 your interface is showing down down . A router wil not send traffic out an interface that is down

You do not need a static route to ping an interface that is directly connected as stated above. You will however need a floating static route i.e

"ip route 0.0.0.0 0.0.0.0 NEXT hop ip address " on the side that makes the call .

You should refine your dialer-list with an ACL that denies certain traffic from bringing up the line

access-list 100 deny ip any host 224.0.0.0 0.0.0.255

access-list 100 deny ip any host 255.255.255.255

access-list 100deny udp any any eq ntp

access-list 100 deny udp any any eq snmp

access-list 100 permit ip any any

dialer-list 1 protocol ip list 101

3. try using dialer interface

int dialer 1

ip address xxxx xxxx

encapsulation ppp

no ip mroute-cache

load-interval 30

dialer in-band

dialer map ip 170.10.129.1 name r1 broadcast 9635000

dialer idle-timeout 300

dialer hold-queue 100

dialer-group 1

ppp authentication chap

int bri 0/0

dialer rotary-group 1 (this associated a dialer interface with a physical interface )

You may also want to try to use just the dialer in-band statement under your bri interface this will make your interface go 'BRI0/0 is up, line protocol is up (spoofing)'

Cisco Employee

Re: Can anyone shed a light on my BRI Configs

just turn on the authentication pap or chap under both the bri interface and configure username and passwords accordingly on both the routers. After that you will be able to ping eachother using dialer-map.

85
Views
0
Helpful
4
Replies
CreatePlease to create content