Problem with Cisco 2611 Like RAS

dian.it · ‎07-15-2002

I have a Cisco 2611 series router with an interface Group-Async working like RAS. When remote user call to router, PPP conection is stablished. Client have a IP address and mask delivery by Router. But the mask that RAS delivery to user is 255.255.255.255 and default gateway its the same ip address that router give them. The DNS that user received its correct. How i can configure IP address, mask and default gateway , that router delivery to users?

My configuration is:

interface Group-Async1

ip unnumbered Ethernet0/0

ip helper-address 132.221.1.2

no ip directed-broadcast

encapsulation ppp

ip tcp header-compression passive

async default routing

async mode interactive

peer default ip address pool dialin_pool

no fair-queue

no cdp enable

ppp authentication chap pap

group-range 33 48

!

ip local pool dialin_pool 132.221.15.230 132.221.15.254

ip default-gateway 132.221.1.1

ip classless

ip forward-protocol spanning-tree

ip route 0.0.0.0 0.0.0.0 132.221.1.1

ip route 132.221.16.0 255.255.240.0 10.10.79.157

no ip http server

!

dialer-list 1 protocol ip permit

!

line con 0

transport input none

line 33 48

exec-timeout 0 0

autoselect during-login

autoselect ppp

login local

modem InOut

transport preferred none

transport input all

stopbits 1

flowcontrol hardware

line aux 0

line vty 0 4

password XXXX

login

!

end

Thaks

makchitale · ‎07-15-2002

This is a normal behaviour...

1)The subnet mask on the DUN client will depend on the O/S on the client, The subnet mask is not passed by the Access server. IPCP is the PPP component that passes TCP/IP address information, and the subnet mask is not defined in the RFC as a legal value to pass.( RFC 1332)

Typically NT 3.5 would diplay 0.0.0.0 / NT 3.51, win95 will display classful mask depending on the ip address class / win2k, XP will display 255.255.255.255

2)The dialup client uses the local subnet mask to determine whether to send data over the RAS connection or the local network connection. The default gateway displays the IP address of the RAS connection. This is expected behavior. It is up to the Access server to forward RAS IP traffic (dialup) to its own default gateway.

Thanks, Mak.

dian.it · ‎07-16-2002

Thanks for your response. This RAS connect users to network 132.221.0.0 with mask 255.255.240.0, all clients in this LAN acces internet trought a firewall that do NAT to internal users. When remote client havent default gateway he dosent to reach internet access, how i can resolve this ?

Best Regards

Herberto E Ortiz

makchitale · ‎07-15-2002

Further to the previous response...from Microsoft's site:

Default Routing to Remote TCP/IP Networks

---------------------------------------------------------------

All TCP/IP host computers (including your Windows PC) share a routing limitation that will be important for Dial-Up and PPTP users accessing remote TCP/IP networks. Host computers rely on a routing scheme called default gateway routing. This mechanism is simple: to reach any computer not on the local network, and not specified by any other routing table entries, forward the traffic to a specified default gateway router. The gateway router generally knows how to forward the traffic correctly. This approach has the advantage that your Windows computer can connect to millions of other computers without complex routing tables. This approach has the disadvantage that it assumes that there is only a single connection to all of the external networks it may wish to reach.

The default gateway concept works particularly well for a stand-alone PC that is dialing into a remote network. When a dial-up connection is established, a default gateway is assigned to route traffic through that connection.

The concept breaks down when your PC already has a default gateway, and a second default gateway is assigned by Dial-Up Networking to reach a new network. This could happen, for example, if your computer had a default route for its local LAN and then dialed an additional connection into a remote network. It could also happen if your computer dialed into the Internet and then made a second PPTP connection to a remote tunnel server. In both of these cases, the first gateway is replaced by the most recent gateway, and computers that were reachable though the first gateway will no longer be visible. Note that a DNS or WINS name server that may be one of the computers that is hidden. This will result in the inability to resolve computer names on the affected network.

In summary, TCP/IP default gateway routing is designed to work with computers that connect to a single network. A PPTP connection over a Dial-up link, or a Dial-Up connection from a LAN-based PC, result in two network connections.. In each case, the default route will point to the most recent connection. When the PPTP or Dial-Up connection is released, all connectivity to the first network will be restored.

Thanks, Mak.