RE: back to back AUX - Any way to do simulated dialup, dialer lis ts?

From: Sandy Turnage (hexdump@xxxxxxxxxxx)
Date: Tue Jan 09 2001 - 15:15:05 GMT-3

   
My configs were using external USR modems and private lines. I didn't notice th
at the link Chuck
had referenced was using a direct connection until *after* my post (sorry Chuck
).

ST

>I played around with the back to back using rolled cables last night, and to
>assign dialer commands you need 'dialer in-band' on the async port. But
>without a dial string, it will never come up. If you enter some bogus dial
>string, the dialer debug shows the line already in use. Luckily, I had some
>VCard credits for Mentor Labs. I went through the first one, and was able
>to play around with ISDN for an hour.
>
>Chuck Church
>CCNP, CCDP, MCNE, MCSE
>Sr. Network Engineer
>Magnacom Technologies
>140 N. Rt. 303
>Valley Cottage, NY 10989
>845-267-4000 x218
>
>
>
>-----Original Message-----
>From: Bolcer, Matt [mailto:matt.bolcer@eds.com]
>Sent: Tuesday, January 09, 2001 11:45 AM
>To: Chuck Church; ccielab@groupstudy.com
>Subject: RE: back to back AUX - Any way to do simulated dialup, dialer
>lis ts?
>
>
>Can this be done with a cable (straight-thru, cross-over) directly between
>the ports or does it require modems and business lines?
>
>-----Original Message-----
>From: Sandy Turnage [mailto:sturnage@netdoor.com]
>Sent: Monday, January 08, 2001 10:03 PM
>To: Chuck Church; ccielab@groupstudy.com
>Subject: Re: back to back AUX - Any way to do simulated dialup, dialer
>lists?
>
>
>Here is a config that I'm working on for async dial backup for an IPSEC VPN.
>I
>converted it to dialer profiles (from legacy dialer) late last night but it
>seemed to working. I haven't tried it with snapshot routing, but it seems to
>work with dialer watch (w/eigrp) and ospf demand-circuit.
>
> ============= IPSEC VPN between R1 and R5
>R1 ------ R2 ------- R5
> -------------------- Async dial backup
>
>**** R1 ****
>
>R1#
>R1#show run
>Building configuration...
>
>Current configuration:
>!
>version 12.0
>service timestamps debug uptime
>service timestamps log uptime
>no service password-encryption
>!
>hostname R1
>!
>enable secret 5 $1$Qlme$GesMXE2DG/x9StzSZ55B/1
>!
>username R5 password 0 cisco
>!
>!
>!
>!
>ip subnet-zero
>no ip domain-lookup
>!
>chat-script modem "" "ATDT\T" TIMEOUT 60 CONNECT \c
>chat-script rstusr "" "AT&FS0=1E0&R2&D2&C1&B1&H1M4&K1Q0&W" "OK"
>!
>!
>crypto isakmp policy 1
> hash md5
> authentication pre-share
>crypto isakmp key cisco123 address 200.100.25.5
>!
>!
>crypto ipsec transform-set myvpnset esp-des esp-md5-hmac
>!
>!
>crypto map vpnmap 10 ipsec-isakmp
> description ** connection to R5 **
> set peer 200.100.25.5
> set transform-set myvpnset
> match address 110
>!
>!
>!
>interface Loopback10
> ip address 220.1.1.1 255.255.255.0
> no ip directed-broadcast
>!
>interface Tunnel0
> bandwidth 1000000
> ip address 192.168.15.1 255.255.255.0
> no ip directed-broadcast
> tunnel source 200.100.12.1
> tunnel destination 200.100.25.5
> crypto map vpnmap
>!
>interface Ethernet0
> ip address 192.168.1.1 255.255.255.0
> no ip directed-broadcast
>!
>interface Serial0
> ip address 200.100.12.1 255.255.255.0
> no ip directed-broadcast
> crypto map vpnmap
>!
>interface Serial1
> no ip address
> no ip directed-broadcast
> shutdown
>!
>interface Async1
> no ip address
> no ip directed-broadcast
> encapsulation ppp
> dialer in-band
> dialer pool-member 1
> async default routing
> async dynamic routing
> async mode dedicated
> ppp authentication chap
>!
>interface Dialer1
> ip address 192.168.25.1 255.255.255.0
> no ip directed-broadcast
> encapsulation ppp
> ip ospf demand-circuit
> dialer remote-name R5
> dialer pool 1
> dialer string 8925522
> dialer-group 1
> ppp authentication chap
>!
>router ospf 100
> network 192.168.1.1 0.0.0.0 area 0
> network 192.168.15.1 0.0.0.0 area 0
> network 192.168.25.1 0.0.0.0 area 0
> network 220.1.1.1 0.0.0.0 area 0
>!
>ip classless
>ip route 0.0.0.0 0.0.0.0 200.100.12.2
>no ip http server
>!
>access-list 100 deny eigrp any any
>access-list 100 permit ip any any
>access-list 110 permit gre host 200.100.12.1 host 200.100.25.5
>dialer watch-list 1 ip 192.168.161.0 255.255.255.0
>dialer-list 1 protocol ip list 100
>!
>line con 0
> exec-timeout 0 0
> privilege level 15
> transport input none
>line aux 0
> script reset rstusr
> modem InOut
> transport input all
> stopbits 1
> speed 38400
> flowcontrol hardware
>line vty 0 4
> password cisco
> login
>!
>end
>
>**** R5 ****
>
>
>R5#shw o run
>Building configuration...
>
>Current configuration:
>!
>version 12.0
>service timestamps debug uptime
>service timestamps log uptime
>no service password-encryption
>!
>hostname R5
>!
>enable secret 5 $1$XXz3$rc3WkhAcC5RNFJe18X.QY1
>!
>username R1 password 0 cisco
>!
>!
>!
>!
>ip subnet-zero
>no ip domain-lookup
>!
>chat-script modem "" "ATDT\T" TIMEOUT 60 CONNECT \c
>chat-script rstusr "" "AT&FS0=1E0&R2&D2&C1&B1&H1M4&K1Q0&W" "OK"
>!
>!
>crypto isakmp policy 1
> hash md5
> authentication pre-share
>crypto isakmp key cisco123 address 200.100.12.1
>!
>!
>crypto ipsec transform-set myvpnset esp-des esp-md5-hmac
>!
>!
>crypto map vpnmap 10 ipsec-isakmp
> set peer 200.100.12.1
> set transform-set myvpnset
> match address 110
>!
>!
>!
>interface Loopback10
> ip address 220.5.5.5 255.255.255.0
> no ip directed-broadcast
>!
>interface Tunnel0
> bandwidth 1000000
> ip address 192.168.15.5 255.255.255.0
> no ip directed-broadcast
> tunnel source 200.100.25.5
> tunnel destination 200.100.12.1
> crypto map vpnmap
>!
>interface Ethernet0
> ip address 192.168.161.5 255.255.255.0
> no ip directed-broadcast
>!
>interface Serial0
> no ip address
> no ip directed-broadcast
> shutdown
>!
>interface Serial1
> ip address 200.100.25.5 255.255.255.0
> no ip directed-broadcast
> crypto map vpnmap
>!
>interface Async1
> no ip address
> no ip directed-broadcast
> encapsulation ppp
> dialer in-band
> dialer pool-member 1
> async default routing
> async dynamic routing
> async mode dedicated
> ppp authentication chap
>!
>interface Dialer1
> ip address 192.168.25.5 255.255.255.0
> no ip directed-broadcast
> encapsulation ppp
> dialer remote-name R1
> dialer pool 1
> dialer-group 1
> ppp authentication chap
>!
>router ospf 100
> network 192.168.15.5 0.0.0.0 area 0
> network 192.168.25.5 0.0.0.0 area 0
> network 192.168.161.5 0.0.0.0 area 0
>!
>ip classless
>ip route 0.0.0.0 0.0.0.0 200.100.25.2
>no ip http server
>!
>access-list 100 permit ip any any
>access-list 110 permit gre host 200.100.25.5 host 200.100.12.1
>dialer-list 1 protocol ip list 100
>!
>line con 0
> exec-timeout 0 0
> privilege level 15
> transport input none
>line aux 0
> script reset rstusr
> modem InOut
> transport input all
> stopbits 1
> speed 38400
> flowcontrol hardware
>line vty 0 4
> password cisco
> login
>!
>end
>
>***************
>
>Hope this helps,
>ST
>
>Chuck Church wrote:
>
>> All,
>>
>> I've been using this URL:
>>
>>
>http://www.cisco.com/warp/customer/793/access_dial/auxback.html#async_aux_po
>> rt
>>
>> and got back to back connectivity, but it acts like a serial connection.
>Is
>> there any way to make it act like a dial up interface, so I can test
>> snapshot routing, and dialer lists? I played around changing the
>dedicated
>> async mode to interactive, but snapshot won't bring it back up. Any
>ideas?
>>
>> Thanks,
>>
>> Chuck Church
>> CCNP, CCDP, MCNE, MCSE
>> Sr. Network Engineer
>> Magnacom Technologies
>> 140 N. Rt. 303
>> Valley Cottage, NY 10989
>> 845-267-4000 x218
>>

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:27:25 GMT-3