cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
809
Views
0
Helpful
16
Replies

1811w and DSL WAN

winstoncheng
Level 1
Level 1

I current have a setup with two WAN's, one T1 and one DSL. I've got the T1 working fine, but am having trouble with the DSL connection.

Through the "Test Connection" interface, it passes the "Checking interface status", "Checking DNS settings" (wrong servers though, it looks up the ones meant for the T1), and "Checking interface IP address", but fails "Checking exit interface".

The failure reason is listed as "To test connectivity, SDM tries to ping the configured DNS servers. However, there is no configured route to any of the DNS servers through selected interface."

Recommended action: Select 'User-specified' option or add a 'host specific/network specific/default' route through this interface ad retest connection.

The test passes if I used the IP picked up through the PPPoE under the "User-specified" box. I'm pretty sure it's the DNS settings, as it's using the servers meant for the T1, but I don't know how to separate them. I basically went to the DNS section in "Additional Tasks" and just listed all of them there.

Can someone help me with this? As far as the configuration goes, here's what I have:

bridge irb

!

!

!

interface FastEthernet0

description Logix$ETH-LAN$$FW_OUTSIDE$

ip address 216.x.x.226 255.255.255.240

ip access-group 101 in

ip verify unicast reverse-path

no ip redirects

no ip unreachables

no ip proxy-arp

ip nbar protocol-discovery

ip flow ingress

ip flow egress

ip nat outside

ip inspect SDM_MEDIUM out

ip virtual-reassembly

ip route-cache flow

ip tcp adjust-mss 1412

duplex auto

speed auto

service-policy input sdmappfwp2p_SDM_MEDIUM

service-policy output sdmappfwp2p_SDM_MEDIUM

!

interface FastEthernet1

description Covad$ETH-WAN$

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

ip route-cache flow

duplex auto

speed auto

pppoe enable group global

pppoe-client dial-pool-number 1

!

!

interface Vlan1

description $ETH-SW-LAUNCH$$INTF-INFO-FE 2$$FW_INSIDE$

no ip address

ip tcp adjust-mss 1452

bridge-group 1

!

interface Async1

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

encapsulation slip

!

interface Dialer2

ip address negotiated

ip mtu 1452

ip nat outside

ip virtual-reassembly

encapsulation ppp

dialer pool 1

dialer-group 1

no cdp enable

ppp authentication chap pap callin

ppp chap hostname [hostname]

ppp chap password xxx

ppp pap sent-username [username] password [password]

!

interface BVI1

description $ES_LAN$$FW_INSIDE$

ip address 192.168.123.18 255.255.255.0

ip access-group 100 in

no ip redirects

no ip unreachables

no ip proxy-arp

ip nat inside

ip virtual-reassembly

ip route-cache flow

ip tcp adjust-mss 1412

!

ip route 0.0.0.0 0.0.x.x.215.127.225

ip route 0.0.0.0 0.0.0.0 Dialer2 10

!

Also, assuming DSL is working, does my current config work for load-balancing and/or redundancy?

16 Replies 16

paolo bevilacqua
Hall of Fame
Hall of Fame

Hello,

Please let alone the SDM that can be confusing and often does not produce the intended results.

Do show interfaces. You should see a virtual-access. If up/up, your dsl line is working. Then do show ip route, to see if it has installed a default route. Probably you don't want that, because you're tryon load balancing and redundancy.

Let see how these tings go and then we can go for more sophistication.

Hope this helps, please rate post if it does!

yes, virtual-access1 is up, link protocol is up.

show ip route returns:

C 192.168.123.0/24 is directly connected, BVI1

67.0.0.0/32 is subnetted, 2 subnets

C 67.101.64.94 is directly connected, Dialer0

C 67.101.64.94 is directly connected, Dialer0

216.215.127.0/28 is subnetted, 1 subnets

216.215.127.224 is directly connected, FastEthernet0

S* 0.0.0.0/0 m[1/0] via 216.215.127.225

I'm not sure if that says I have default route or not.

All good, your default is

S* 0.0.0.0/0 m[1/0] via 216.215.127.225

that is the router on fastethernet 0

Now, what is that you want to do with the two connections exactly?

I'd like for both T1 and DSL to work on the network simultaneously.

Right now, if I set the distance metric for T1 to 1, DSL to 2, I can browse the web with no problems, but FastEthernet1 will not pass the interface exit test.

If I put T1 to 2 and DSL to 1, FastEthernet1 will pass the test, but I cannot browse the web regardless.

Ok, as I said, SDM will get confused because you have two interfaces and can't really cope with that. Beside, it will prevent you from learning how to do thing the professional way.

Use strictly the CLI for now. Do show run. You will see that you have a statement like "ip nat ... fastethernet0 overload". Do conf t and copy that statement just the same, but replace fastethernet0 with dialer0. Make sure there is "ip nat outside" under dialer0. This will be your second interface. Then, you know what you default route is now, do "ip route 0.0.0.0 0.0.0.0 dialer0 1". Do the same for the other default, but use an higher metric. Check that you can browse the internet via DSL.

Once you are happy with that, try setting both default routes to the same metric. That should do the load balancing.

Good luck, come back to report the results.

Thanks for helping so far, I can't continue on this until Monday. I will report back asap.

ip nat inside source list 1 interface FastEthernet0 overload

ip nat inside source list 2 interface Dialer0 overload

Those are what i have at the moment, when I tried changing both to source list 1, it says "%Dynamic mapping in use, cannot change".

To work around that, you would need to shutdown the nat inside interface, the do "clear ip nat translations. You can either do that, or configure access list 1 and 2 to be identical.

The part that matter most is having the two default routes with same metric (correctly called "administrative distance"). But first try them one at time.

Sigh, the moment I tried putting them both on the same administrative distance, I'd lose Internet access.

I'm going to wait until the office is closed today and start everything over from scratch, using the CLI, starting with the DSL setup first.

Thanks for the help so far, I'll keep reporting back.

If the individual default routes works, when configured one a time, you are on the right way.

There a bit more config that you can try on the NAT, but let's wait until you positively prove the above.

Bad news, I followed the included instructions which included erasing the start-up config, so now I'm just totally lost. Is there a way to bring it back to the way it was out of box? Not having a default IP address is beyond my abilities at this point.

I tried re-adding BVI 1 through the console to get the IP back, but the status of it remains down even after a "no shutdown" command.

Have to head home now, to be continued...

Never mind, it's just of a little bit of router fighting that everyone does at the beginning.

But you gave an easy round to the router erasing the config!

You partially working configuration is in your first post above. Connect via a serial cable, copy and paste it. Then manually go under each and any interface, and type "no shutdown". And you will start from there.

After pasting back, I'm able to ping the router, but not able to access it through telnet or http.

Check under "line vty 0 4", do "no access-group".

Forget HTTP that gives you nothing.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: