JVANH
IS-IT--Management
- Apr 12, 2005
- 26
I have a Cisco 1841 setup in a point to point T1 configuration with an education service center whose equipment I have no controll over.
The serial interface on my end is 10.255.255.226/30 their end is 10.255.255.225/30. I can ping from my serial to theirs. I can ping and traceroute from my serial to theirs and to the equipment I need to access at their location (216.48.236.16/28). My ethernet interface is 10.10.10.50/24 and my equipment is in the same subnet. I cannot ping (using extended ping) from 10.10.10.50 to 10.255.255.225 (their serial) or anywhere else on their end.
I tried to get them to set a route in thier router to my 10.10.10.0/24 network but they won't. They insist that I use public IP addresses (216.63.141.0/25)
Here is the running config
Current configuration : 3674 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname xxx-c1841
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
ip cef
!
!
no ip dhcp use vrf connected
!
!
no ip domain lookup
ip domain name xxx.edu
!
username xxxxxx privilege 15 secret 5 $1$5ukr$xxxxxxxxxxxxx..
username xxxxxx privilege 15 secret 5 $1$MZ7.$7p1O8fEAxxxxxxj5dwY9V.
!
!
!
interface FastEthernet0/0
description LAN Connection to Outside Network
ip address 216.63.141.2 255.255.255.128 secondary
ip address 216.63.140.81 255.255.255.128
ip nat outside
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 10.10.10.50 255.255.255.0
ip nat inside
duplex auto
speed auto
!
interface Serial0/0/0
ip address 10.255.255.226 255.255.255.252
service-module t1 clock source internal
service-module t1 timeslots 1-24
!
ip default-gateway 216.63.140.126
ip classless
ip route 0.0.0.0 0.0.0.0 216.63.141.1
ip route 10.0.0.0 255.255.0.0 10.10.10.254 permanent
ip route 192.168.201.0 255.255.255.0 10.10.10.254 permanent
ip route 216.48.236.16 255.255.255.240 10.255.255.225
!
ip http server
ip http access-class 23
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat pool no-overload 216.63.141.8 216.63.141.15 netmask 255.255.255.248
ip nat inside source list 7 pool no-overload
ip nat inside source static 10.10.10.51 216.63.141.51
ip nat inside source static 10.10.10.54 216.63.141.54
ip nat inside source static 10.10.10.55 216.63.141.55
ip nat inside source static 10.10.10.56 216.63.141.56
ip nat inside source static 10.10.10.57 216.63.141.57
!
access-list 7 permit 10.10.10.0 0.0.0.255
access-list 23 permit 216.63.140.0 0.0.0.127
access-list 23 permit 65.203.109.0 0.0.0.255
access-list 23 permit 216.63.141.0 0.0.0.127
access-list 23 permit 216.48.236.0 0.0.0.255
!
control-plane
!
!
line con 0
login local
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet
!
end
The serial interface on my end is 10.255.255.226/30 their end is 10.255.255.225/30. I can ping from my serial to theirs. I can ping and traceroute from my serial to theirs and to the equipment I need to access at their location (216.48.236.16/28). My ethernet interface is 10.10.10.50/24 and my equipment is in the same subnet. I cannot ping (using extended ping) from 10.10.10.50 to 10.255.255.225 (their serial) or anywhere else on their end.
I tried to get them to set a route in thier router to my 10.10.10.0/24 network but they won't. They insist that I use public IP addresses (216.63.141.0/25)
Here is the running config
Current configuration : 3674 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname xxx-c1841
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
ip cef
!
!
no ip dhcp use vrf connected
!
!
no ip domain lookup
ip domain name xxx.edu
!
username xxxxxx privilege 15 secret 5 $1$5ukr$xxxxxxxxxxxxx..
username xxxxxx privilege 15 secret 5 $1$MZ7.$7p1O8fEAxxxxxxj5dwY9V.
!
!
!
interface FastEthernet0/0
description LAN Connection to Outside Network
ip address 216.63.141.2 255.255.255.128 secondary
ip address 216.63.140.81 255.255.255.128
ip nat outside
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 10.10.10.50 255.255.255.0
ip nat inside
duplex auto
speed auto
!
interface Serial0/0/0
ip address 10.255.255.226 255.255.255.252
service-module t1 clock source internal
service-module t1 timeslots 1-24
!
ip default-gateway 216.63.140.126
ip classless
ip route 0.0.0.0 0.0.0.0 216.63.141.1
ip route 10.0.0.0 255.255.0.0 10.10.10.254 permanent
ip route 192.168.201.0 255.255.255.0 10.10.10.254 permanent
ip route 216.48.236.16 255.255.255.240 10.255.255.225
!
ip http server
ip http access-class 23
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat pool no-overload 216.63.141.8 216.63.141.15 netmask 255.255.255.248
ip nat inside source list 7 pool no-overload
ip nat inside source static 10.10.10.51 216.63.141.51
ip nat inside source static 10.10.10.54 216.63.141.54
ip nat inside source static 10.10.10.55 216.63.141.55
ip nat inside source static 10.10.10.56 216.63.141.56
ip nat inside source static 10.10.10.57 216.63.141.57
!
access-list 7 permit 10.10.10.0 0.0.0.255
access-list 23 permit 216.63.140.0 0.0.0.127
access-list 23 permit 65.203.109.0 0.0.0.255
access-list 23 permit 216.63.141.0 0.0.0.127
access-list 23 permit 216.48.236.0 0.0.0.255
!
control-plane
!
!
line con 0
login local
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet
!
end