From: Nigel Taylor (nigel_taylor@xxxxxxxxxxx)
Date: Sun Apr 01 2001 - 06:10:12 GMT-3
Well Masood,
I mocked this up real quick and was able to ping
through fine on my lab. I had a couple of questions...
1. Is your static map shown for "sh dialer map" ?
2. What does your "debug dialer packet" say when you ping the remote side ?
3. Are the bri interfaces the only one configured on the router...?
Nigel..
----- Original Message -----
From: Masood Malik <malikm24@hotmail.com>
To: Nigel Taylor <nigel_taylor@hotmail.com>; <ccielab@groupstudy.com>
Sent: Sunday, April 01, 2001 3:39 AM
Subject: Re: isdn one way dialup
> Nigel,
>
> As part of the scenario, rb should not authenticate, as such the line is
> missing in rb configuration.
>
> regards
> Masood
> ----- Original Message -----
> From: "Nigel Taylor" <nigel_taylor@hotmail.com>
> To: "Masood Malik" <malikm24@hotmail.com>; <ccielab@groupstudy.com>
> Sent: Sunday, April 01, 2001 3:29 PM
> Subject: Re: isdn one way dialup
>
>
> > Masood,
> > Everything looks pretty straight forward on your
configs,
> > except I noticed that "rb" isn't configured for authentication.. is the
> line
> > even up. What was your "debug ppp authen" showing on call negotiation.
> >
> > Nigel.
> >
> > ----- Original Message -----
> > From: Masood Malik <malikm24@hotmail.com>
> > To: <ccielab@groupstudy.com>
> > Sent: Saturday, March 31, 2001 11:52 PM
> > Subject: isdn one way dialup
> >
> >
> > > Hi,
> > >
> > > I have the following scenario.
> > > 1. ra to dials into rb. rb should not be able to initiate the dial
> > > connection.
> > > 2. ra authenticates ppp chap to rb
> > > 3. rb doesnot authenticate ra
> > >
> > > Following is the config I use. When I ping 10.1.1.2 from ra, the isdn
> line
> > > comes up. I can see layer 3 connected and the packets traverse to
router
> > rb,
> > > but the reply packets donot come come. I see encap failure on rb.
> > >
> > > I could get this working by adding the dial string at the end of map
> > > statement in rb (dialer map ip 10.1.1.1 name ra broadcast 7782001).
This
> > > allows to have rb to initiate dial into ra which is not needed in this
> > > scenario.
> > >
> > > Am I missing something here.
> > >
> > > regards
> > > Masood Malik
> > >
> > >
> > > Following are the configs and debug.
> > >
> > > *********************
> > > Config router a
> > > *******************
> > > software ver 12.0.10 (2500)
> > >
> > > hostname ra
> > > !
> > > enable password cisco
> > > !
> > > username rb password 0 cisco
> > > ip subnet-zero
> > > no ip domain-lookup
> > > isdn switch-type basic-5ess
> > > !
> > > interface BRI0
> > > ip address 10.1.1.1 255.255.255.0
> > > no ip directed-broadcast
> > > encapsulation ppp
> > > dialer map ip 10.1.1.2 name rb broadcast 7782002
> > > dialer-group 1
> > > isdn switch-type basic-5ess
> > > ppp authentication chap
> > > !
> > > ip classless
> > > !
> > > dialer-list 1 protocol ip permit
> > > !
> > > *******************
> > > Conig router b
> > > *******************
> > >
> > > hostname rb
> > > !
> > > enable password cisco
> > > !
> > > username ra password 0 cisco
> > > ip subnet-zero
> > > isdn switch-type basic-5ess
> > > !
> > > interface BRI0
> > > ip address 10.1.1.2 255.255.255.0
> > > no ip directed-broadcast
> > > encapsulation ppp
> > > dialer map ip 10.1.1.1 name ra broadcast
> > > dialer-group 1
> > > isdn switch-type basic-5ess
> > > !
> > > ip classless
> > > !
> > > dialer-list 1 protocol ip permit
> > > !
> > > *************************************************
> > > Ping response on router a with debug ip packet on
> > > *************************************************
> > > ra#ping 10.1.1.2
> > >
> > > Type escape sequence to abort.
> > > Sending 5, 100-byte ICMP Echos to 10.1.1.2, timeout is 2 seconds:
> > >
> > > 00:39:02: IP: s=10.1.1.1 (local), d=10.1.1.2 (BRI0), len 100, sending.
> > > 00:39:04: IP: s=10.1.1.1 (local), d=10.1.1.2 (BRI0), len 100, sending.
> > > 00:39:06: IP: s=10.1.1.1 (local), d=10.1.1.2 (BRI0), len 100, sending.
> > > 00:39:08: IP: s=10.1.1.1 (local), d=10.1.1.2 (BRI0), len 100, sending.
> > > 00:39:10: IP: s=10.1.1.1 (local), d=10.1.1.2 (BRI0), len 100, sending.
> > > Success rate is 0 percent (0/5)
> > >
> > > **********************************************
> > > Response of the above seen from router b
> > > **********************************************
> > >
> > > 00:32:59: IP: s=10.1.1.1 (BRI0), d=10.1.1.2 (BRI0), len 100, rcvd 3
> > > 00:32:59: IP: s=10.1.1.2 (local), d=10.1.1.1 (BRI0), len 100, sending
> > > 00:32:59: IP: s=10.1.1.2 (local), d=10.1.1.1 (BRI0), len 100,
> > encapsulation
> > > failed
> > > 00:33:01: IP: s=10.1.1.1 (BRI0), d=10.1.1.2 (BRI0), len 100, rcvd 3
> > > 00:33:01: IP: s=10.1.1.2 (local), d=10.1.1.1 (BRI0), len 100, sending
> > > 00:33:01: IP: s=10.1.1.2 (local), d=10.1.1.1 (BRI0), len 100,
> > encapsulation
> > > failed
> > > **NOTE** All LAB SWAP messages should now be sent to the
> > > LAB SWAP Message board on groupstudy.com.
> > **NOTE** All LAB SWAP messages should now be sent to the
> > LAB SWAP Message board on groupstudy.com.
> **NOTE** All LAB SWAP messages should now be sent to the
> LAB SWAP Message board on groupstudy.com.
**NOTE** All LAB SWAP messages should now be sent to the
LAB SWAP Message board on groupstudy.com.
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:29:37 GMT-3