Hello all,
In my home lab environment I use the following order...Cable modem to linksys ---> 3620. If I am connected via the linksys I can connect just fine when using Nortel networks connectivity client (VPN). If I am connected to the 3620 I cannot get past it. From Ethereal I see there are packets dropped. The 3620 uses version 12.1. Are there any commands or defaults I should be aware of to allow these packets to pass?
output below
version 12.1
no service single-slot-reload-enable
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname SITE_A_CORE
!
logging rate-limit console 10 except errors
enable secret 5
ip subnet-zero
no ip source-route
!
!
no ip finger
no ip domain-lookup
no ip dhcp conflict logging
ip dhcp excluded-address 10.0.100.1 10.0.100.99
!
ip dhcp pool internal
network 10.0.100.0 255.255.255.0
default-router 10.0.100.1
dns-server xxxxxxxxxxxxxxxxxx
netbios-name-server 10.0.100.2 10.0.100.3
lease 5
!
no ip bootp server
!
!
call rsvp-sync
!
!
!
!
!
!
!
!
interface Ethernet0/0
description Connection to Linksys
ip address 192.168.1.2 255.255.255.0
no ip unreachables
no ip proxy-arp
ip nat outside
half-duplex
no cdp enable
!
interface Serial0/0
description WAN connection to Site_C
ip address 172.16.2.1 255.255.255.240
ip nat inside
encapsulation ppp
no fair-queue
clockrate 4000000
no cdp enable
!
interface Serial0/1
description WAN connection to SITE_D
ip address 172.16.1.1 255.255.255.240
ip nat inside
encapsulation ppp
no fair-queue
clockrate 4000000
no cdp enable
!
interface FastEthernet1/0
ip address 10.0.100.1 255.255.255.0
ip nat inside
speed 100
full-duplex
no cdp enable
!
router eigrp 210
network 10.0.0.0
network 172.16.0.0
network 192.168.1.0
no auto-summary
no eigrp log-neighbor-changes
!
ip nat inside source list 1 interface Ethernet0/0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.1.1
no ip http server
!
access-list 1 permit 10.0.100.0 0.0.0.255
access-list 1 permit 10.0.102.0 0.0.0.255
access-list 1 permit 10.0.103.0 0.0.0.255
access-list 1 permit 10.0.104.0 0.0.0.255
access-list 1 permit 172.16.1.0 0.0.0.15
access-list 1 permit 172.16.2.0 0.0.0.15
access-list 1 permit 172.16.3.0 0.0.0.15
access-list 1 permit 172.16.4.0 0.0.0.15
no cdp run
!
dial-peer cor custom
!
!
!
!
banner motd ^C!!! WARNING UNAUTHORIZED ACCESS PROHIBITED !!!^C
!
line con 0
exec-timeout 0 0
password 7 xxxxxxxxxxxx
logging synchronous
login
transport input none
line aux 0
line vty 0 4
access-class 1 in
exec-timeout 0 0
password 7 xxxxxxxxxxxx
login
!
end
Thanks a bunch
In my home lab environment I use the following order...Cable modem to linksys ---> 3620. If I am connected via the linksys I can connect just fine when using Nortel networks connectivity client (VPN). If I am connected to the 3620 I cannot get past it. From Ethereal I see there are packets dropped. The 3620 uses version 12.1. Are there any commands or defaults I should be aware of to allow these packets to pass?
output below
version 12.1
no service single-slot-reload-enable
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname SITE_A_CORE
!
logging rate-limit console 10 except errors
enable secret 5
ip subnet-zero
no ip source-route
!
!
no ip finger
no ip domain-lookup
no ip dhcp conflict logging
ip dhcp excluded-address 10.0.100.1 10.0.100.99
!
ip dhcp pool internal
network 10.0.100.0 255.255.255.0
default-router 10.0.100.1
dns-server xxxxxxxxxxxxxxxxxx
netbios-name-server 10.0.100.2 10.0.100.3
lease 5
!
no ip bootp server
!
!
call rsvp-sync
!
!
!
!
!
!
!
!
interface Ethernet0/0
description Connection to Linksys
ip address 192.168.1.2 255.255.255.0
no ip unreachables
no ip proxy-arp
ip nat outside
half-duplex
no cdp enable
!
interface Serial0/0
description WAN connection to Site_C
ip address 172.16.2.1 255.255.255.240
ip nat inside
encapsulation ppp
no fair-queue
clockrate 4000000
no cdp enable
!
interface Serial0/1
description WAN connection to SITE_D
ip address 172.16.1.1 255.255.255.240
ip nat inside
encapsulation ppp
no fair-queue
clockrate 4000000
no cdp enable
!
interface FastEthernet1/0
ip address 10.0.100.1 255.255.255.0
ip nat inside
speed 100
full-duplex
no cdp enable
!
router eigrp 210
network 10.0.0.0
network 172.16.0.0
network 192.168.1.0
no auto-summary
no eigrp log-neighbor-changes
!
ip nat inside source list 1 interface Ethernet0/0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.1.1
no ip http server
!
access-list 1 permit 10.0.100.0 0.0.0.255
access-list 1 permit 10.0.102.0 0.0.0.255
access-list 1 permit 10.0.103.0 0.0.0.255
access-list 1 permit 10.0.104.0 0.0.0.255
access-list 1 permit 172.16.1.0 0.0.0.15
access-list 1 permit 172.16.2.0 0.0.0.15
access-list 1 permit 172.16.3.0 0.0.0.15
access-list 1 permit 172.16.4.0 0.0.0.15
no cdp run
!
dial-peer cor custom
!
!
!
!
banner motd ^C!!! WARNING UNAUTHORIZED ACCESS PROHIBITED !!!^C
!
line con 0
exec-timeout 0 0
password 7 xxxxxxxxxxxx
logging synchronous
login
transport input none
line aux 0
line vty 0 4
access-class 1 in
exec-timeout 0 0
password 7 xxxxxxxxxxxx
login
!
end
Thanks a bunch
