Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

funny problem with cisco1603 & isdn 1

Status
Not open for further replies.
sixtoedsloth

sixtoedsloth

IS-IT--Management
Jan 1, 2002
118
GB
Hi guys.

i have two 1603 routers on isdn

i have two subnets 192.168.9.0 and 192.168.200.0

i can go from .9 to .200 and everything is fine
but if i try to go from .200 to .9 it doesnt lift the
isdn line.

everything is fine if .9 inits the call
then .200 can see .9

are there any easy to use debug tools
to see whats happening

and is there any difference between a BT home highway and an isdn2e line?

Regards,


sixToedSloth

 
Sort by date Sort by votes
show your config of each router!!! Leave out your passwords. Jeter@LasVegas.com
J.Fisher CCNA
 
Upvote 0 Downvote
Cheers, Below are the confs



Conf for router on .200 subnet

hcs#sh conf
Using 2598 out of 7506 bytes
!
version 11.3
no service password-encryption
!
hostname hcs
!
enable password
!
username oriel password 0
ip subnet-zero
isdn switch-type basic-net3
isdn tei-negotiation first-call
!
!
interface Ethernet0
ip address 192.168.200.251 255.255.255.0
no ip directed-broadcast
no ip route-cache
!
interface BRI0
no ip address
no ip directed-broadcast
encapsulation ppp
no ip route-cache
dialer pool-member 1
isdn switch-type basic-net3
no fair-queue
no cdp enable
ppp authentication chap
!
interface Dialer0
ip unnumbered Ethernet0
no ip directed-broadcast
encapsulation ppp
dialer remote-name oriel
dialer idle-timeout 30
dialer string **********
dialer pool 1
dialer-group 1
ppp authentication chap
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.200.254
ip route 128.127.1.0 255.255.255.0 192.168.200.252
ip route 128.127.2.0 255.255.255.0 192.168.200.252
ip route 128.127.3.0 255.255.255.0 192.168.200.252
ip route 128.127.4.0 255.255.255.0 192.168.200.252
ip route 128.127.5.0 255.255.255.0 192.168.200.252
ip route 128.127.6.0 255.255.255.0 192.168.200.252
ip route 128.127.7.0 255.255.255.0 192.168.200.252
ip route 128.127.8.0 255.255.255.0 192.168.200.252
ip route 128.127.9.0 255.255.255.0 192.168.200.252
ip route 128.127.10.0 255.255.255.0 192.168.200.252
ip route 128.127.11.0 255.255.255.0 192.168.200.252
ip route 128.127.12.0 255.255.255.0 192.168.200.252
ip route 128.127.14.0 255.255.255.0 192.168.200.252
ip route 128.127.15.0 255.255.255.0 192.168.200.252
ip route 128.127.16.0 255.255.255.0 192.168.200.252
ip route 128.127.17.0 255.255.255.0 192.168.200.252
ip route 128.127.18.0 255.255.255.0 192.168.200.252
ip route 128.127.19.0 255.255.255.0 192.168.200.252
ip route 128.127.20.0 255.255.255.0 192.168.200.252
ip route 128.127.21.0 255.255.255.0 192.168.200.252
ip route 128.127.22.0 255.255.255.0 192.168.200.252
ip route 128.127.23.0 255.255.255.0 192.168.200.252
ip route 128.127.126.0 255.255.255.0 192.168.200.252
ip route 128.137.60.0 255.255.255.0 192.168.200.252
ip route 192.168.9.0 255.255.255.0 Dialer0
ip route 192.168.27.0 255.255.255.0 192.168.200.252
access-list 100 deny ip any host 255.255.255.255
access-list 100 deny udp any any eq rip
access-list 100 deny udp any any eq snmp
access-list 100 deny udp any any eq snmptrap
access-list 100 deny udp any any eq syslog
access-list 100 deny udp any any eq netbios-dgm
access-list 100 deny udp any any eq netbios-ns
access-list 100 deny eigrp any any
dialer-list 1 protocol ip list 100
!
line con 0
transport input none
line vty 0 4
password
login
!
end

hcs#



Conf for router on .9 subnet

oriel#sh conf
Using 2761 out of 7506 bytes
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname oriel
!
enable secret 5
enable password
!
username hcs password 0
ip subnet-zero
isdn switch-type basic-net3
isdn tei-negotiation first-call
!
!
!
interface Ethernet0
ip address 192.168.9.252 255.255.255.0
no ip directed-broadcast
no ip route-cache
!
interface BRI0
no ip address
no ip directed-broadcast
encapsulation ppp
no ip route-cache
dialer pool-member 1
isdn switch-type basic-net3
no fair-queue
no cdp enable
ppp authentication chap
!
interface Dialer4
ip unnumbered Ethernet0
no ip directed-broadcast
encapsulation ppp
dialer remote-name hcs
dialer idle-timeout 150
dialer string ****
dialer pool 1
dialer-group 1
ppp authentication chap
!
ip classless
ip route 192.168.200.0 255.255.255.0 Dialer4
!
access-list 100 deny ip any host 255.255.255.255
access-list 100 deny udp any any eq rip
access-list 100 deny udp any any eq snmp
access-list 100 deny udp any any eq snmptrap
access-list 100 deny udp any any eq syslog
access-list 100 deny udp any any eq netbios-dgm
access-list 100 deny udp any any eq netbios-ns
access-list 100 deny eigrp any any
access-list 100 permit ip any any
dialer-list 1 protocol ip list 100
dialer-list 1 protocol ipx permit
!
line con 0
transport input none
line vty 0 4
password
login
!
end
 
Upvote 0 Downvote
You have a problem with your access-lists that you are using to define traffic that is seen to be "interesting" and so will pick up the line!

On the working router (.9 subnet) you have the following access list ..

access-list 100 deny ip any host 255.255.255.255
access-list 100 deny udp any any eq rip
access-list 100 deny udp any any eq snmp
access-list 100 deny udp any any eq snmptrap
access-list 100 deny udp any any eq syslog
access-list 100 deny udp any any eq netbios-dgm
access-list 100 deny udp any any eq netbios-ns
access-list 100 deny eigrp any any
access-list 100 permit ip any any

This defines what isn't allowed to bring up the line and then allows anything else to bring up the line (ie. ip any any).

However, on your .200 router you have this rather bizzare access list:

access-list 100 deny ip any host 255.255.255.255
access-list 100 deny udp any any eq rip
access-list 100 deny udp any any eq snmp
access-list 100 deny udp any any eq snmptrap
access-list 100 deny udp any any eq syslog
access-list 100 deny udp any any eq netbios-dgm
access-list 100 deny udp any any eq netbios-ns
access-list 100 deny eigrp any any

Remember that at the end of any ACL there is a default deny any any statement. So, this ACL says deny traffic from host 255.255.255.255, rip, snmp smnptrap, syslog, netbios-dgm, netbios-nm, eigrp and then deny everything else!! In other words .. no traffic of any kind is allowed!! Therefore no traffic will be allowed to bring the line up. You need a permit ip any any command at the end to allow anything that isn't denied by the list.

To debug your access-lists just put "log" at the end of the statement that you want to monitor. Either log this to a syslog server or enter the command "logging buffered 5000". You can then use the command "sh logging" to look at logged messages from the console. If you are on the console you can see log messages as they are generated using the "logging console" command.

Good luck!

Chris.

************************
Chris Andrew, CCNA
chrisac@gmx.co.uk
************************
 
Upvote 0 Downvote
No problem!! ************************
Chris Andrew, CCNA
chrisac@gmx.co.uk
************************
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

DavidSigma
  • Locked
  • Question
CP7861 problem
Replies
0
Views
196
DavidSigma
DavidSigma
inlsp05
  • Locked
  • Question
2811&2960 48 volts wiring diagram
Replies
1
Views
260
BOKA
BOKA
WinstonCH
  • Locked
  • Helpful tip
What is wrong with the diagram, there are people who will help to fix it? How do i do the configurat 1
Replies
1
Views
485
BIS
BIS
khashyar2021
  • Locked
  • Question
Problem with cisco switch after upgrading
Replies
1
Views
225
Geraldine Souza
Geraldine Souza
inlsp05
  • Locked
  • Question
2811 ios start with cf
Replies
0
Views
160
inlsp05
inlsp05

Part and Inventory Search

Sponsor

Back
Top