Router Migration: from Cisco 2501 to Cisco 1841

[EllettIT]

Howdy All! I'm in the process of replacing our current core router (Cisco 2501) with a newer, better (I hope) unit. I'm guessing our config is fairly straightforward (looks like it to me) but I was hoping someone could point out any gotcha's I might run into. Here's the old config:

!
version 11.1
service slave-log
service password-encryption
service udp-small-servers
service tcp-small-servers
!
hostname *******
!
clock timezone EST -5
enable password 7 ******
!
ip subnet-zero
ip domain-list ******
ip domain-list ******
ip dhcp-server 10.1.1.50
ip dhcp-server 10.1.1.17
!
stun peer-name 10.4.0.1
stun protocol-group 9 basic
location *******
!
interface Loopback0
ip address 10.4.0.1 255.255.0.0
!
interface Ethernet0
ip address 10.1.1.110 255.255.0.0
ip helper-address 10.1.1.50
ip helper-address 10.1.1.17
no ip mroute-cache
no ip route-cache
!
interface Serial0
description ******* point-to-point T1 CH 1-23
ip address 10.2.1.110 255.255.0.0
ip helper-address 10.1.1.50
ip helper-address 10.1.1.17
no ip mroute-cache
no ip route-cache
!
router rip
network 10.0.0.0
!
ip host ******* 10.3.1.110
ip domain-name ********
ip name-server 10.1.1.26
ip name-server 10.1.1.27
ip classless
ip route 0.0.0.0 0.0.0.0 10.1.1.120
ip route 10.3.0.0 255.255.0.0 10.2.1.111
ip route 10.9.0.0 255.255.0.0 10.1.1.120
ip route 10.20.0.0 255.255.0.0 10.1.1.120
ip route 10.30.0.0 255.255.0.0 10.1.1.120
ip http server
logging console critical
logging trap notifications
logging 10.1.1.40
!
snmp-server community public RO
snmp-server chassis-id 02112359-****** 2501
banner motd
This is an official computer system of *******. It is for authorized users only. Unauthorized users are prohibited. Users (authorized or unauthorized) have no explicit or implicit expectation of privacy.
!
line con 0
password 7 ********
login
line aux 0
transport input all
line vty 0 4
password 7 ********
login
line vty 5 15
password 7 ********
login

I astricked out the "sensitive" information but everything else is the same. As far as what will change with this, the Point to Point T1 on serial 0 will have the Cisco 2501 + DSU/CSU removed on it's end to be replaced with a WAN module in our Avaya G350 Media Gateway device. It will function as the router for that site. Some stuff I have questions about would be the loopback address, should I change it back to the standard or leave it as is? Do I need the "STUN" commands anymore? From what I've read it seems like it won't apply. Thanks for your input!

 

[Minue]

Hello
If you will be pasting the old conf to the new router, make sure you change the inteface names,like Ethernet0 to fastethernet.If you have level 5 or 7 password change them to plain text.
As for the loopback,it's recommended to use a /32 mask to save address space.But you don't have this problem.You will have to keep the stun commands to make the foreign protocol work.
Regards

 

[EllettIT]

Thanks Minue,
I've only been at this job so I'm not exactly sure why everything is configured the way that it is. From what I can tell the STUN commands would be due to our having and IBM AS/400 correct? The devices on the other side of the PtP T1 link will be using terminal emulation to get back to the AS/400 on this side of the link but does that require the STUN settings or is there something different with the 1841 for this? The IOS version on the 1841 is 12.4(1)

 

[EllettIT]

You know, now that I think about it we have an odd device on both end's of that link for the old phone system that consists of an AT&T MUX device (AT&T Integration Multiplexor 500) connected to our PBX here and the old Add Tran CSU / DSU device. Would the STUN settings be configured for that?

 

[burtsbees]

Well, STUN is for non-Cisco serial links, usually going across frame. What is/was at IP 10.4.0.1?

Burt

 

[Minue]

The Stun is for the IBM AS/400.The 1841 doesn't do any special for the stun.It's just a faster router will some new feature's and more advance IOS for newer technologies.You will have to configure it.
Regards

 

[EllettIT]

I wish I knew! I've only been with company about a year now and no one seems to know how or why anything around here was configured the way it was. At one point we were using SNA for access to our mainframe (AS/400) across frame relay links but we are no longer using either of those methods (for about 5+ years now) so I'm guessing the STUN settings were related to that. I guess if it doesn't work I'll know when I implement it.... :S

 

[burtsbees]

What's on the other end of the frame connection? If it's another Cisco, you won't have to worry about hdlc encapsulation, and therefor no STUN.

Burt

 

[EllettIT]

Currently it's configured like the linked file (2501 + DSU/CSU + AT&T Mux ------ 2501 + DSU/CSU + AT&T Mux) and I'm 99.9% sure the multiplexor device is strictly to seperate out the voice channel (1-23 for data and 24 for voice) for the phone system. The phone system is being replace in favor of an IP enabled device (Avaya G350 media gatway w/ WAN module to act as router on the other end) and all of the systems over there are already using Citrix / TS Services to connect back here via IP, even for their terminal emulation (AS/400). From what our IBM guys are telling me the AS/400 stuff is all IP based now too, no more SNA.

 

[burtsbees]

Yeah---good thing Novell's IPX/SPX went away and IP took over!

Burt