Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Configuring 1721 for T1

Status
Not open for further replies.
Strawhidy

Strawhidy

IS-IT--Management
Nov 7, 2006
35
US
I have a 1721 router and that I attempted to configure it for our T1 and DSL line using PBR. I copied a config from my other 1721 that i use in a different local which works fine. Both of the routers are supposed to be configured in the same manner but this 1721 has an older IOS of 12.2(4). Can someone please have a look at my config and tell what i'm doing wrong?



Using 4512 out of 29688 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
no service dhcp
!
hostname nj-rtr
!
!
ip subnet-zero
no ip source-route
no ip domain-lookup
!
no ip bootp server
!
!
!
interface Ethernet0
ip address 10.4.1.2 255.255.255.0
ip nat outside
full-duplex
!
interface FastEthernet0
description to NetJam LAN
ip address 12.70.80.14 255.255.255.248 secondary
ip address 192.168.1.250 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip route-cache policy
ip policy route-map PBR
speed 100
!
interface Serial0
description connection to lsanca02 GAR20 (Ckt.ID - DHEC.658724)
bandwidth 1536
ip address 12.88.172.46 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
encapsulation ppp
service-module t1 timeslots 1-24
service-module t1 remote-alarm-enable
service-module t1 fdl both
no cdp enable
!
ip nat pool T1 12.70.80.10 12.70.80.13 netmask 255.255.255.248
ip nat pool DSL 10.4.1.4 10.4.1.4 netmask 255.255.255.0
ip nat inside source list 100 pool T1 overload
ip nat inside source list 101 pool DSL overload
ip nat inside source static tcp 192.168.1.5 3389 12.70.80.9 3389 extendable
ip nat inside source static tcp 192.168.1.250 23 12.70.80.9 23 extendable
ip nat inside source static tcp 192.168.1.5 80 12.70.80.9 80 extendable
ip nat inside source static udp 192.168.1.5 80 12.70.80.9 80 extendable
ip nat inside source static tcp 192.168.1.2 3784 12.70.80.9 3784 extendable
ip nat inside source static udp 192.168.1.2 3784 12.70.80.9 3784 extendable
ip nat inside source static udp 192.168.1.2 20800 12.70.80.9 20800 extendable
ip nat inside source static udp 192.168.1.2 20810 12.70.80.9 20810 extendable
ip nat inside source static udp 192.168.1.2 28960 12.70.80.9 28960 extendable
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0
no ip http server
!
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 1 permit 12.70.80.0 0.0.0.255
access-list 1 permit 12.88.172.0 0.0.0.255
access-list 100 remark T1 ACL allow static hosts deny DSL bound traffic
access-list 100 permit ip host 192.168.1.1 any
access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq ftp-data
access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq www
access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 443
access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq pop3
access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 143
access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 1935
access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 27030
access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 27031
access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 27032
access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 27033
access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 27034
access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 27035
access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 27036
access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 27037
access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 27038
access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 27039
access-list 100 permit ip any any
access-list 101 remark DSL ACL for ftp http https pop3 imap and flash deny T1 bound traffic
access-list 101 deny ip host 192.168.1.1 any
access-list 101 permit tcp 192.168.1.0 0.0.0.255 any eq ftp-data
access-list 101 permit tcp 192.168.1.0 0.0.0.255 any eq www
access-list 101 permit tcp 192.168.1.0 0.0.0.255 any eq 443
access-list 101 permit tcp 192.168.1.0 0.0.0.255 any eq pop3
access-list 101 permit tcp 192.168.1.0 0.0.0.255 any eq 143
access-list 101 permit tcp 192.168.1.0 0.0.0.255 any eq 1935
access-list 101 permit tcp 192.168.1.0 0.0.0.255 any eq 27030
access-list 101 permit tcp 192.168.1.0 0.0.0.255 any eq 27031
access-list 101 permit tcp 192.168.1.0 0.0.0.255 any eq 27032
access-list 101 permit tcp 192.168.1.0 0.0.0.255 any eq 27033
access-list 101 permit tcp 192.168.1.0 0.0.0.255 any eq 27034
access-list 101 permit tcp 192.168.1.0 0.0.0.255 any eq 27035
access-list 101 permit tcp 192.168.1.0 0.0.0.255 any eq 27036
access-list 101 permit tcp 192.168.1.0 0.0.0.255 any eq 27037
access-list 101 permit tcp 192.168.1.0 0.0.0.255 any eq 27038
access-list 101 permit tcp 192.168.1.0 0.0.0.255 any eq 27039
route-map PBR permit 10
match ip address 101
set ip next-hop 10.4.1.1
!
route-map PBR permit 20
match ip address 100
set ip next-hop 12.88.172.46
!
!
line con 0
line aux 0
line vty 0 4
login
!
no scheduler allocate
end

 
Sort by date Sort by votes
route-map PBR permit 10
match ip address 101
set ip next-hop 10.4.1.1

wouldnt it be easier to create an acl for the traffic and use that like match access-list 101 ?

what is ip address 101?
 
Upvote 0 Downvote
Im using the DSL line for all Internet users (101) and the T1 for games (100). I don't want Internet users to use the T1 and cause gaming lag in my LAN center. I'm using this config on my other router and it works great. All I know it that my T1 has no online access. However, the DSL line properly routes all web traffic through its interface "10.4.X.X". I just don't understand why the T1 isn't wortking.
 
Upvote 0 Downvote
Any help would be most appreciated. I've been working on this for four days strait and you folks are my last hope. What the heck an I doing wrong?
 
Upvote 0 Downvote
I'm assuming if you remove the route-map and leave the default route going out your serial interface that traffic flows fine??

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
I'm going to try that now.

On another note, I'm currently using an ATT managed router but i'm replacing it with the 1721 i'm trying to configure now. Does ATT need to approve my replacment router's MAC with their service or should I be able to connect regardless?
 
Upvote 0 Downvote
It all depends on you service contract really. If it's a managed router (i.e. ATT gets in to make config changes), I'm sure that they'll want to be the ones providing the new hardware. If it's managed only in that they provide you with the link and you provide the hardware then no there won't be any issues.

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

jarod_paris
  • Locked
  • Question
firmware for an AP2800 WiFi terminal
Replies
0
Views
271
jarod_paris
jarod_paris
disk-us
  • Locked
  • Question
RTU licensing for a901
Replies
0
Views
129
disk-us
disk-us
Willi DB
  • Locked
  • Question
Polycom410 Forward an incoming call
Replies
0
Views
142
Willi DB
Willi DB
MoJHK
  • Locked
  • Question
UAT for Cisco C9200
Replies
0
Views
115
MoJHK
MoJHK
acabezas2014
  • Locked
  • Question
Need to create QoS for SNMP and Radius traffic on Cisco 4948 Switches
Replies
0
Views
130
acabezas2014
acabezas2014

Part and Inventory Search

Sponsor

Back
Top