i have put the idle timeout as 10800 and no keepalive set

Hi peter,

This are the configuration in my office :

!

version 12.0

service timestamps debug uptime

service timestamps log datetime localtime show-timezone

service password-encryption

service udp-small-servers

service tcp-small-servers

!

!

isdn switch-type basic-net3

chat-script mod ABORT ERROR ABORT BUSY "" "ATZ" OK "ATDT \T" TIMEOUT 30 CONNECT \c

chat-script offhook "" "ATH1" OK \c

!

!

!

interface Ethernet0/0

ip address 172.16.50.1 255.255.255.0

no ip directed-broadcast

!

interface Ethernet0/1

no ip address

no ip directed-broadcast

shutdown

!

interface BRI1/0

ip address 172.16.200.25 255.255.255.248

no ip directed-broadcast

encapsulation ppp

dialer idle-timeout 10800

dialer map ip 172.16.200.27 name PCR 97712445

dialer load-threshold 3 outbound

dialer-group 1

no snmp trap link-status

isdn switch-type basic-net3

no fair-queue

no cdp enable

ppp authentication chap

ppp multilink

!

interface BRI1/1

no ip address

no ip directed-broadcast

shutdown

isdn switch-type basic-net3

!

!

interface BRI1/2

no ip address

no ip directed-broadcast

shutdown

isdn switch-type basic-net3

!

!

interface BRI1/3

no ip address

no ip directed-broadcast

shutdown

isdn switch-type basic-net3

!

interface Serial2/0

no ip address

no ip directed-broadcast

shutdown

!

interface Serial2/1

no ip address

no ip directed-broadcast

shutdown

!

interface Serial2/3

no ip address

no ip directed-broadcast

shutdown

!

ip local pool ippool 172.16.50.80 172.16.50.100

ip classless

ip route 172.16.3.0 255.255.255.0 BRI1/0

ip route 172.16.3.0 255.255.255.0 172.16.201.27

ip http server

ip http authentication local

!

logging 172.16.50.10

access-list 5 permit 172.16.100.0 0.0.0.255

access-list 10 permit 172.16.0.0 0.0.255.255

access-list 101 deny eigrp any any

access-list 101 permit ip any any

access-list 115 permit ip host 172.16.50.181 172.16.100.0 0.0.0.255

access-list 115 permit ip host 172.16.50.180 172.16.100.0 0.0.0.255

access-list 115 permit ip host 172.16.1.189 172.16.3.0 0.0.0.255

access-list 115 permit ip host 172.16.1.55 172.16.3.0 0.0.0.255

access-list 190 permit ip any 172.16.100.0 0.0.0.255

access-list 190 permit icmp any 172.16.100.0 0.0.0.255

access-list 190 permit ip 172.16.100.0 0.0.0.255 any

access-list 190 permit icmp 172.16.100.0 0.0.0.255 any

dialer-list 1 protocol ip list 115

route-map GM permit 10

match ip address 115

set interface BRI1/0

set ip next-hop 172.16.200.27

!

!

l

end

and this is the output for sh version at my site :

Cisco Internetwork Operating System Software

IOS (tm) 3600 Software (C3640-I-M), Version 12.0(4)T, RELEASE SOFTWARE (fc1)

Copyright (c) 1986-1999 by cisco Systems, Inc.

Compiled Thu 29-Apr-99 14:28 by kpma

Image text-base: 0x600088F0, data-base: 0x60726000

ROM: System Bootstrap, Version 11.1(20)AA1, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)

Router uptime is 1 week, 3 days, 23 hours, 6 minutes

System restarted by reload

System image file is "flash:aaa0435.bin"

cisco 3640 (R4700) processor (revision 0x00) with 28672K/4096K bytes of memory.

Processor board ID 14827567

R4700 CPU at 100Mhz, Implementation 33, Rev 1.0

Bridging software.

X.25 software, Version 3.0.0.

Basic Rate ISDN software, Version 1.1.

2 Ethernet/IEEE 802.3 interface(s)

4 Serial network interface(s)

4 ISDN Basic Rate interface(s)

16 terminal line(s)

DRAM configuration is 64 bits wide with parity disabled.

125K bytes of non-volatile configuration memory.

8192K bytes of processor board System flash (Read/Write)

Configuration register is 0x2102

Regrds

nikki

Hi Peter

This are the configs at the remote office :

Current configuration:

!

version 11.2

service timestamps debug uptime

service timestamps log uptime

service password-encryption

service udp-small-servers

service tcp-small-servers

!

!

!

interface Ethernet0

ip address 172.16.100.1 255.255.255.0

no ip directed-broadcast

ip nat inside

!

!

interface BRI0

ip address 172.16.200.27 255.255.255.248

ip access-group 102 in

no ip directed-broadcast

encapsulation ppp

dialer idle-timeout 10800

dialer map ip 172.16.200.25 name PCN broadcast 5234564

dialer-group 1

hold-queue 75 in

!

ip classless

ip route 172.16.50.0 255.255.255.0 172.16.200.25

ip route 172.16.50.0 255.255.255.0 172.16.200.25 250

access-list 10 permit 172.16.0.0 0.0.255.255

access-list 101 permit ip host 172.16.100.40 172.16.1.0 0.0.0.255

access-list 101 permit ip host 172.16.100.50 172.16.1.0 0.0.0.255

access-list 115 permit ip any host 172.16.50.180

access-list 115 permit ip any host 172.16.50.181

route-map GM permit 10

match ip address 115

set interface BRI0

set ip next-hop 172.16.200.25

!

dialer-list 1 protocol ip list 101

banner motd ^C 4

^C

!

l

end

this is output of sh version command :

Cisco Internetwork Operating System Software

IOS (tm) 1600 Software (C1600-OY-L), Version 11.2(16)P, RELEASE SOFTWARE (fc1)

Copyright (c) 1986-1998 by cisco Systems, Inc.

Compiled Mon 19-Oct-98 12:59 by pwade

Image text-base: 0x0200544C, data-base: 0x0237ED30

ROM: System Bootstrap, Version 12.0(3)T, RELEASE SOFTWARE (fc1)

ROM: 1600 Software (C1600-RBOOT-R), Version 12.0(3)T, RELEASE SOFTWARE (fc1)

Router uptime is 2 weeks, 4 days, 22 hours, 37 minutes

System restarted by power-on

System image file is "c1600-oy-l.112-16.P", booted via flash

cisco 1603 (68360) processor (revision C) with 7680K/512K bytes of memory.

Processor board ID 13604538, with hardware revision 00000001

Bridging software.

X.25 software, Version 2.0, NET2, BFE and GOSIP compliant.

Basic Rate ISDN software, Version 1.0.

1 Ethernet/IEEE 802.3 interface(s)

1 serial(sync/async) network interface(s)

1 ISDN Basic Rate interface(s)

System/IO memory with parity disabled

8192K bytes of DRAM onboard

System running from RAM

8K bytes of non-volatile configuration memory.

4096K bytes of processor board PCMCIA flash (Read/Write)

Configuration register is 0x2102

Hello,

I see you have only one customer and on the local site ppp multilink enabled and not on the remote site, enable this also on the remote site. The idle timeout you are using right now is very high, around 600 will be enough.

Let me here your results.

i have enable ppp on other site also but still i am not able dial from my side, once disconnected it will not dial even when i ping from my side but if pinged from the remote office it will dial and establish a connection.

i am not able to dial from my side after it is disconnected.i dont find any reason not to dial out and it was working fine till 1 week before.

when i ping and dial from office the isdn led at the remote office shows an activity but doesnt establish a connection.

Okay, for ease of understanding where "here" and "there" and my side and the other side are at, it might be useful to give a name to each of the routers, such as, "MainOffice" and "RemoteOffice". I found it easier when looking at the two configs to do that myself. I assume the main office has the 3600 and the remote office is running the IOS 11.2. A couple of things to think about here:

1. When at the main office, I am looking for triggering events to establish a call. Looking at your routing table I have this:

ip route 172.16.3.0 255.255.255.0 BRI1/0

ip route 172.16.3.0 255.255.255.0 172.16.201.27

I assume that any attempt to try to get to network 172.16.3.x will fire up a connection to either int bri1/0 or the IP addr that corresponds to the far end.

I then go looking for that distant network on the remote router. Here is what I deduced from the routing table I cannot see:

ip address 172.16.100.0

ip address 172.16.200.24

ip address 172.16.50.0

Okay, where exactly are we hiding the 172.16.3.x network? From what I can see, there is no network for 172.16.3.x in either routing tables for the mainor remote office.

My guess is that you had a working config one week ago and nobody saved it with the "write mem" or "copy run start" command. You also might want to have your ISDN switch type set on both routers (they may be different). Also, you need to recheck all of your access lists on both sides that tie into your dialer group commands and make sure the from/to networks make sense. Right now, they do not. For example, you have this on your remote office:

access-list 101 permit ip host 172.16.100.40 172.16.1.0 0.0.0.255

access-list 101 permit ip host 172.16.100.50 172.16.1.0 0.0.0.255

Show me where the network 172.16.1.x exists in the main office?

pw

A lot of good catches pw. You have to wonder about the Nat statement on the Remote Ethernet interface if it should be there or if there are more config lines missing.

There is also an access list applied to the remote BRI0 interface but no access list in the configuration.

I think access list 101 should be a mirror image of 115 at the host.

Mike

I wondered about the NAT statement and I just drew blanks. I just wasn't sure where to go with that, so I didn't. You are correct about the access group expression applied without a corresponding access list. Depending upon how old the IOS is, different behaviors will ensue. Older versions of the IOS will assume what you really *meant* to say, which was to drop all packets (silly you, why would you apply an access group without a corresponding access list). In later versions of the code train, the software engineers figured you had already whacked the access list, but forgot to drop the access group expression from the interface. The net effect would be to allow all packets. Guys like Rick Burts or Terry Slattery would probably have enough history working with the IOS to know exactly where that line of demarcation was in the IOS. 11.2 may be in the ballpark...

pw