Re: isdn one way dialup

From: Nigel Taylor (nigel_taylor@xxxxxxxxxxx)
Date: Sun Apr 01 2001 - 19:43:25 GMT-3

• Next message: Gordon Olson: "Summarization Shortcuts?"
• Previous message: Cox, Bryan: "RE: OSPF area 0 VLSM summarization"
• Maybe in reply to: Masood Malik: "isdn one way dialup"
• Next in thread: Alejandro Cadarso: "Re: isdn one way dialup"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Andy,
            I've seen the error of my ways... You're correct after reading
Masood's post again I misread that part..
Typically, when you don't want the call initiated you should just leave out
the number on the "dialer map" command or leave out the dial string(for
dialer profiles), but your suggestions will do the same..

Just a couple of different ways at achieving the same objective...

I've been trying to teach myself not to glance over stuff as I read it.
 I'm sure that's what gets most folks during the lab.

Thanks

Nigel.
34 days..:-)

----- Original Message -----
From: Andrew Lennon <andrew.lennon@nscglobal.com>
To: Nigel Taylor <nigel_taylor@hotmail.com>; Andrew Lennon
<andrew.lennon@nscglobal.com>; Masood Malik <malikm24@hotmail.com>;
<ccielab@groupstudy.com>
Sent: Sunday, April 01, 2001 5:15 PM
Subject: RE: isdn one way dialup

> Nigel,
>
> "This
> > allows to have rb to initiate dial into ra which is not needed in this
> > scenario." -
>
>
>
>
> -----Original Message-----
> From: Nigel Taylor [mailto:nigel_taylor@hotmail.com]
> Sent: 01 April 2001 21:41
> To: Andrew Lennon; Masood Malik; ccielab@groupstudy.com
> Subject: Re: isdn one way dialup
>
>
> Andy, Masood
>
> See Inline...
>
> ----- Original Message -----
> From: Andrew Lennon <andrew.lennon@nscglobal.com>
> To: Masood Malik <malikm24@hotmail.com>; <ccielab@groupstudy.com>
> Sent: Sunday, April 01, 2001 3:21 PM
> Subject: RE: isdn one way dialup
>
>
> > Masood,
> >
> > 1: on rb, erase "dialer-list 1 protocol ip permit"
>
> NT: Andy, the reqirement called for rb to be able to dial out.. if you
> remove this how will that work.
>
>
> AL: "This
> > allows to have rb to initiate dial into ra which is not needed in this
> > scenario." - see further down and read the question.
>
>
> > 2 and 3: use "ppp auth chap callin" on the router to be authenticated
> (ra).
>
> NT: very much so.. but since ra is doing the authentication on callin, rb
> shouldn't need a ppp authentication chap command. I tested this and it
> works without it..
>
> AL : > "2. ra authenticates ppp chap to rb
> > 3. rb doesnot authenticate ra"
>
> Read the question. ra authenticate TO rb, ie ra is requesting
> authentication.
>
> You have it arseways round.
>
> Andy
>
>
>
> >
> > the keyword "callin" tells the router no to authenticate.
> >
> > On ra under bri0, "ppp chap hostname <user>" and "ppp chap password
> <word>"
> > On rb under global config, "username <user> password <word>", where
<user>
> > and <word> match on each router.
> >
> > Using the lines above allows you to use alternate hostnames and
passwords.
>
> NT: There were specific requirements for this setup... no alternate host
> name was provided hence the local router name should be sufficient.
>
> This is definitely a layer 2 to layer 3 problem. I've experienced things
> like this if I simply screw-up on using the wrong ip in the "dialer map"
> command.
>
> Just my $0.02 sense...
>
> Nigel..
>
>
> >
> > Hope that helps
> >
> >
> > Andy
> >
> >
> >
> >
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
> > Masood Malik
> > Sent: 01 April 2001 05:52
> > To: ccielab@groupstudy.com
> > Subject: isdn one way dialup
> >
> >
> > Hi,
> >
> > I have the following scenario.
> > 1. ra to dials into rb. rb should not be able to initiate the dial
> > connection.
> > 2. ra authenticates ppp chap to rb
> > 3. rb doesnot authenticate ra
> >
> > Following is the config I use. When I ping 10.1.1.2 from ra, the isdn
line
> > comes up. I can see layer 3 connected and the packets traverse to router
> rb,
> > but the reply packets donot come come. I see encap failure on rb.
> >
> > I could get this working by adding the dial string at the end of map
> > statement in rb (dialer map ip 10.1.1.1 name ra broadcast 7782001). This
> > allows to have rb to initiate dial into ra which is not needed in this
> > scenario.
> >
> > Am I missing something here.
> >
> > regards
> > Masood Malik
> >
> >
> > Following are the configs and debug.
> >
> > *********************
> > Config router a
> > *******************
> > software ver 12.0.10 (2500)
> >
> > hostname ra
> > !
> > enable password cisco
> > !
> > username rb password 0 cisco
> > ip subnet-zero
> > no ip domain-lookup
> > isdn switch-type basic-5ess
> > !
> > interface BRI0
> > ip address 10.1.1.1 255.255.255.0
> > no ip directed-broadcast
> > encapsulation ppp
> > dialer map ip 10.1.1.2 name rb broadcast 7782002
> > dialer-group 1
> > isdn switch-type basic-5ess
> > ppp authentication chap
> > !
> > ip classless
> > !
> > dialer-list 1 protocol ip permit
> > !
> > *******************
> > Conig router b
> > *******************
> >
> > hostname rb
> > !
> > enable password cisco
> > !
> > username ra password 0 cisco
> > ip subnet-zero
> > isdn switch-type basic-5ess
> > !
> > interface BRI0
> > ip address 10.1.1.2 255.255.255.0
> > no ip directed-broadcast
> > encapsulation ppp
> > dialer map ip 10.1.1.1 name ra broadcast
> > dialer-group 1
> > isdn switch-type basic-5ess
> > !
> > ip classless
> > !
> > dialer-list 1 protocol ip permit
> > !
> > *************************************************
> > Ping response on router a with debug ip packet on
> > *************************************************
> > ra#ping 10.1.1.2
> >
> > Type escape sequence to abort.
> > Sending 5, 100-byte ICMP Echos to 10.1.1.2, timeout is 2 seconds:
> >
> > 00:39:02: IP: s=10.1.1.1 (local), d=10.1.1.2 (BRI0), len 100, sending.
> > 00:39:04: IP: s=10.1.1.1 (local), d=10.1.1.2 (BRI0), len 100, sending.
> > 00:39:06: IP: s=10.1.1.1 (local), d=10.1.1.2 (BRI0), len 100, sending.
> > 00:39:08: IP: s=10.1.1.1 (local), d=10.1.1.2 (BRI0), len 100, sending.
> > 00:39:10: IP: s=10.1.1.1 (local), d=10.1.1.2 (BRI0), len 100, sending.
> > Success rate is 0 percent (0/5)
> >
> > **********************************************
> > Response of the above seen from router b
> > **********************************************
> >
> > 00:32:59: IP: s=10.1.1.1 (BRI0), d=10.1.1.2 (BRI0), len 100, rcvd 3
> > 00:32:59: IP: s=10.1.1.2 (local), d=10.1.1.1 (BRI0), len 100, sending
> > 00:32:59: IP: s=10.1.1.2 (local), d=10.1.1.1 (BRI0), len 100,
> encapsulation
> > failed
> > 00:33:01: IP: s=10.1.1.1 (BRI0), d=10.1.1.2 (BRI0), len 100, rcvd 3
> > 00:33:01: IP: s=10.1.1.2 (local), d=10.1.1.1 (BRI0), len 100, sending
> > 00:33:01: IP: s=10.1.1.2 (local), d=10.1.1.1 (BRI0), len 100,
> encapsulation
> > failed
> > **NOTE** All LAB SWAP messages should now be sent to the
> > LAB SWAP Message board on groupstudy.com.

• Next message: Gordon Olson: "Summarization Shortcuts?"
• Previous message: Cox, Bryan: "RE: OSPF area 0 VLSM summarization"
• Maybe in reply to: Masood Malik: "isdn one way dialup"
• Next in thread: Alejandro Cadarso: "Re: isdn one way dialup"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:29:38 GMT-3