I have been trying to move my company from a 1.5 managed Internet line
(includes telco router) to a 4.5 multilink Internet line (3 T1 lines +
telco router) for over a month now. We have a PIX Firewall behind our
current 1.5 managed Internet connection which works perfectly. The PIX points to the gateway of last resort on the 1.5 Internet router (route outside
0.0.0.0. 0.0.0.0. 12.94.x.x 1). All external IP addressing for the
old and new telco router is the same. The problem is, when I try to
switch to the new 4.5 multilink Internet line -- I cannot get out to
the Internet, ping the serial interface of the new router, nothing. I
clear arp and power the PIX down when I try to switch over to the new
4.5 Internet line + router. I have attached the configuration of the 4.5 telco router and the PIX? Any ideas? We directly
connect our firewall into g0/0, but we are unable to ping the customer
serial IP address. The Telco has basically refused to work with us and says it is our PIX firewall. HELP!!!
Thanks for posting.
The telco controls the router, I do not have the ability to logon to the router.
I keep thinking the acl in permissions are missing on the serial interfaces, but I do not know enough about MLPPP connections.
Can you ping from the outside interface of the PIX to the inside of the router and then try the outside of the router.
I was only able to ping the 12.94.x.x interface on the router (g0/0) from the outside interface of the PIX. I could not ping anything else.
Well that would suggest that it is an issue with the router not passing data from G0/0 to the serial interface of the router. I would do a trace from the pix and copy that and send it to the telco company.
I was only able to ping the g0/0 from our internal subnet as well (inside the pix).
I will try the trace as you have suggested.
I have to bring our current 1.5 Internet line down to test, so I need to come in late at night to test the multilink line + router.
I was able to bring the main line down for a few minutes and bring the mulitlink up to try a tracert. I have attached the results. It just times out through the new router and dns does not resolve. I do not understand this, when everything works fine through the single t1 and the same PIX. I think it is the multilink router. Please help!!!!
I think it is the router. Ping from the inside of your PIX and from the outside of the pix to the inside and outside of the router. Then get the CO on the phone and let them see the results. That should be enought to show them they have an issue with the multilink setup.
Thanks and I will gather this info for the telco. We are going to due another full test this Friday night with the telco. I will post the results.
The Telco finally fixed their router on Friday evening after I sent them the tracert and ping information from outside my Firewall.
Thanks for all your suggestions.