From: Nigel Taylor (nigel_taylor@xxxxxxxxxxx)
Date: Sun Apr 01 2001 - 02:29:43 GMT-3
Masood,
Everything looks pretty straight forward on your configs,
except I noticed that "rb" isn't configured for authentication.. is the line
even up. What was your "debug ppp authen" showing on call negotiation.
Nigel.
----- Original Message -----
From: Masood Malik <malikm24@hotmail.com>
To: <ccielab@groupstudy.com>
Sent: Saturday, March 31, 2001 11:52 PM
Subject: isdn one way dialup
> Hi,
>
> I have the following scenario.
> 1. ra to dials into rb. rb should not be able to initiate the dial
> connection.
> 2. ra authenticates ppp chap to rb
> 3. rb doesnot authenticate ra
>
> Following is the config I use. When I ping 10.1.1.2 from ra, the isdn line
> comes up. I can see layer 3 connected and the packets traverse to router
rb,
> but the reply packets donot come come. I see encap failure on rb.
>
> I could get this working by adding the dial string at the end of map
> statement in rb (dialer map ip 10.1.1.1 name ra broadcast 7782001). This
> allows to have rb to initiate dial into ra which is not needed in this
> scenario.
>
> Am I missing something here.
>
> regards
> Masood Malik
>
>
> Following are the configs and debug.
>
> *********************
> Config router a
> *******************
> software ver 12.0.10 (2500)
>
> hostname ra
> !
> enable password cisco
> !
> username rb password 0 cisco
> ip subnet-zero
> no ip domain-lookup
> isdn switch-type basic-5ess
> !
> interface BRI0
> ip address 10.1.1.1 255.255.255.0
> no ip directed-broadcast
> encapsulation ppp
> dialer map ip 10.1.1.2 name rb broadcast 7782002
> dialer-group 1
> isdn switch-type basic-5ess
> ppp authentication chap
> !
> ip classless
> !
> dialer-list 1 protocol ip permit
> !
> *******************
> Conig router b
> *******************
>
> hostname rb
> !
> enable password cisco
> !
> username ra password 0 cisco
> ip subnet-zero
> isdn switch-type basic-5ess
> !
> interface BRI0
> ip address 10.1.1.2 255.255.255.0
> no ip directed-broadcast
> encapsulation ppp
> dialer map ip 10.1.1.1 name ra broadcast
> dialer-group 1
> isdn switch-type basic-5ess
> !
> ip classless
> !
> dialer-list 1 protocol ip permit
> !
> *************************************************
> Ping response on router a with debug ip packet on
> *************************************************
> ra#ping 10.1.1.2
>
> Type escape sequence to abort.
> Sending 5, 100-byte ICMP Echos to 10.1.1.2, timeout is 2 seconds:
>
> 00:39:02: IP: s=10.1.1.1 (local), d=10.1.1.2 (BRI0), len 100, sending.
> 00:39:04: IP: s=10.1.1.1 (local), d=10.1.1.2 (BRI0), len 100, sending.
> 00:39:06: IP: s=10.1.1.1 (local), d=10.1.1.2 (BRI0), len 100, sending.
> 00:39:08: IP: s=10.1.1.1 (local), d=10.1.1.2 (BRI0), len 100, sending.
> 00:39:10: IP: s=10.1.1.1 (local), d=10.1.1.2 (BRI0), len 100, sending.
> Success rate is 0 percent (0/5)
>
> **********************************************
> Response of the above seen from router b
> **********************************************
>
> 00:32:59: IP: s=10.1.1.1 (BRI0), d=10.1.1.2 (BRI0), len 100, rcvd 3
> 00:32:59: IP: s=10.1.1.2 (local), d=10.1.1.1 (BRI0), len 100, sending
> 00:32:59: IP: s=10.1.1.2 (local), d=10.1.1.1 (BRI0), len 100,
encapsulation
> failed
> 00:33:01: IP: s=10.1.1.1 (BRI0), d=10.1.1.2 (BRI0), len 100, rcvd 3
> 00:33:01: IP: s=10.1.1.2 (local), d=10.1.1.1 (BRI0), len 100, sending
> 00:33:01: IP: s=10.1.1.2 (local), d=10.1.1.1 (BRI0), len 100,
encapsulation
> failed
> **NOTE** All LAB SWAP messages should now be sent to the
> LAB SWAP Message board on groupstudy.com.
**NOTE** All LAB SWAP messages should now be sent to the
LAB SWAP Message board on groupstudy.com.
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:29:37 GMT-3