From: DAN DORTON (DHSTS68@xxxxxxxxxxxxxxx)
Date: Fri Apr 12 2002 - 11:26:43 GMT-3
Someone was asking me about this the other day & I just happened to configure i
t, so I thought I would share.
P.S. To whomever said the dialer profiles cannot use the ppp callback commands.
... Think again.
Anyways, here is the pudding. Enjoy!
R5#sr
Building configuration...
Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R5
!
aaa new-model
aaa authentication banner ^CWelcome to R5 dipwad!^C
aaa authentication fail-message ^CTry again later dickweed!^C
aaa authentication password-prompt <Password>#:
aaa authentication username-prompt <Username>#:
aaa authentication enable default line
!
username R3 password 0 dial
username telnet password 0 cisco
memory-size iomem 15
ip subnet-zero
ip telnet source-interface Loopback0
no ip domain-lookup
ip host R3 135.3.3.3
ipx routing 0000.0005.0005
isdn switch-type basic-ni
!
voice-port 1/0/0
!
voice-port 1/1/0
!
voice-port 1/0/1
!
voice-port 1/1/1
!
!
dlsw local-peer peer-id 135.5.56.5 lf 1500
dlsw remote-peer 0 tcp 135.5.20.2 lsap-output-list 200 dmac-output-list 700
dlsw icanreach mac-exclusive
dlsw icanreach mac-address 00e0.702d.0000 mask ffff.ffff.0000
dlsw mac-addr 0000.3098.9c93 remote-peer ip-address 135.5.20.2
dlsw bridge-group 1
!
!
!
dspu pu PU1 rmac 00e0.702d.7983 rsap 4 lsap 4
!
interface Loopback0
ip address 135.5.5.5 255.255.255.0
no ip directed-broadcast
ip ospf message-digest-key 1 md5 cisco
ip ospf network point-to-point
!
interface Loopback41
ip address 135.5.15.5 255.255.255.252
no ip directed-broadcast
!
interface Loopback42
ip address 135.5.51.129 255.255.255.128
no ip directed-broadcast
!
interface Loopback43
ip address 135.5.23.17 255.255.255.240
no ip directed-broadcast
!
interface Ethernet0/0
ip address 135.5.56.5 255.255.255.0
no ip directed-broadcast
ipx network 56
bridge-group 1
!
interface Serial0/0
bandwidth 64
ip address 135.5.51.5 255.255.255.128
no ip directed-broadcast
encapsulation frame-relay
ip ospf message-digest-key 1 md5 secure
ip ospf priority 200
no ip mroute-cache
ipx network 51
no ipx split-horizon eigrp 51
frame-relay map bridge 502 broadcast
frame-relay map ip 135.5.51.2 502 broadcast
frame-relay map ip 135.5.51.3 503 broadcast
frame-relay map ip 135.5.51.5 502 broadcast
frame-relay map ipx 51.0000.0002.0002 502 broadcast
frame-relay map ipx 51.0000.0003.0003 503 broadcast
frame-relay map ipx 51.0000.0005.0005 502 broadcast
no frame-relay inverse-arp
bridge-group 1
!
interface TokenRing0/0
mac-address 0000.3098.9c93
ip address 135.5.50.5 255.255.255.0
no ip directed-broadcast
ipx network 50
ring-speed 16
dspu enable-pu lsap 4
dspu start PU1
!
interface BRI0/0
no ip address
no ip directed-broadcast
encapsulation ppp
dialer rotary-group 1
isdn switch-type basic-ni
isdn spid1 0835866201 8358662
isdn spid2 0835866401 8358664
no cdp enable
!
interface Serial0/1
bandwidth 64
ip address 135.5.45.5 255.255.255.0
no ip directed-broadcast
encapsulation frame-relay
ip split-horizon
ipx network 45
clockrate 64000
frame-relay map ipx 45.0000.0004.0004 504 broadcast
frame-relay map ipx 45.0000.0005.0005 504 broadcast
frame-relay map ip 135.5.45.4 504 broadcast
frame-relay map ip 135.5.45.5 504 broadcast
no frame-relay inverse-arp
!
interface Dialer1
ip address 135.5.15.1 255.255.255.252
no ip directed-broadcast
encapsulation ppp
dialer in-band
dialer idle-timeout 30
dialer map ipx 15.0000.0003.0003 name R3 broadcast 18008358661
dialer map ipx 15.0000.0003.0003 name R3 broadcast 18008358663
dialer map ip 135.5.15.1 name R3 broadcast 18008358661
dialer map ip 135.5.15.1 name R3 broadcast 18008358663
dialer map ip 135.5.15.2 name R3 broadcast 18008358661
dialer map ip 135.5.15.2 name R3 broadcast 18008358663
dialer map ipx 15.0000.0005.0005 name R3 broadcast 18008358663
dialer map ipx 15.0000.0005.0005 name R3 broadcast 18008358661
dialer-group 1
ipx network 15
no ipx route-cache
ipx watchdog-spoof
ipx spx-spoof
no cdp enable
ppp callback request
ppp authentication chap
ppp multilink
!
router ospf 1
area 0 authentication
area 51 authentication message-digest
area 51 range 135.5.15.0 255.255.255.0
area 51 range 135.5.51.0 255.255.255.0
area 51 virtual-link 135.3.3.3 authentication-key 1 cisco
area 51 virtual-link 135.2.2.2 authentication-key 1 cisco
summary-address 135.5.15.0 255.255.255.0
summary-address 135.5.51.0 255.255.255.0
summary-address 135.5.23.0 255.255.255.0
redistribute connected metric 2000 subnets route-map con2ospf
redistribute static metric 5000 metric-type 1 subnets
redistribute igrp 10 metric 2000 subnets tag 10
passive-interface BRI0/0
passive-interface Dialer1
network 135.5.5.0 0.0.0.255 area 51
network 135.5.15.0 0.0.0.3 area 51
network 135.5.51.0 0.0.0.15 area 51
network 135.5.56.0 0.0.0.255 area 56
neighbor 135.5.51.2 priority 202
neighbor 135.5.51.3 priority 201
default-information originate
!
router igrp 10
redistribute ospf 1 metric 64 20000 255 1 1500 match internal external 1 exter
nal 2
passive-interface Ethernet0/0
passive-interface Serial0/0
passive-interface BRI0/0
network 135.5.0.0
network 150.100.0.0
!
router bgp 5
no synchronization
bgp bestpath as-path ignore
neighbor 135.1.1.1 remote-as 5
neighbor 135.1.1.1 update-source Loopback0
neighbor 135.1.1.1 route-reflector-client
neighbor 135.1.1.1 next-hop-self
neighbor 135.1.1.1 send-community
neighbor 135.3.3.3 remote-as 5
neighbor 135.3.3.3 update-source Loopback0
neighbor 135.3.3.3 route-reflector-client
neighbor 135.3.3.3 next-hop-self
neighbor 135.3.3.3 send-community
neighbor 135.4.4.4 remote-as 5
neighbor 135.4.4.4 update-source Loopback0
neighbor 135.4.4.4 route-reflector-client
neighbor 135.4.4.4 next-hop-self
neighbor 135.4.4.4 send-community
neighbor 135.6.6.6 remote-as 5
neighbor 135.6.6.6 update-source Loopback0
neighbor 135.6.6.6 route-reflector-client
neighbor 135.6.6.6 next-hop-self
neighbor 135.6.6.6 send-community
maximum-paths 2
no auto-summary
!
ip classless
!
!
ip prefix-list connected seq 5 permit 135.5.51.128/25
ip prefix-list connected seq 10 permit 135.5.15.4/30
ip prefix-list connected seq 15 permit 135.5.23.16/28
ip prefix-list connected seq 20 permit 135.5.45.0/24
ip prefix-list connected seq 25 permit 135.5.50.0/24
access-list 53 permit 135.3.3.3
access-list 100 deny igrp any any
access-list 100 deny ip host 255.255.255.255 any
access-list 100 deny ospf any any
access-list 100 permit ip any any
access-list 900 deny rip any all any all
access-list 900 deny sap any all any all
access-list 900 deny any any all any 957
access-list 900 deny any any 957 any all
access-list 900 permit any any all any all
access-list 200 permit 0x0000 0x0D0D
access-list 700 permit 0000.3000.0000 0000.00ff.ffff
dialer-list 1 protocol ip list 100
dialer-list 1 protocol ipx list 900
busy-message R3 ^CScrew You Buddy!^C
route-map con2ospf permit 10
match ip address prefix-list connected
!
!
!
!
ipx router eigrp 45
redistribute eigrp 51
network 45
!
!
ipx router eigrp 51
redistribute eigrp 45
network 51
!
!
ipx router rip
no network 51
no network 45
!
!
!
bridge 1 protocol ieee
alias subinterface ni no frame inv
alias subinterface fi frame map ip
alias subinterface fx frame map ipx
alias interface ni no frame inv
alias interface fi frame map ip
alias interface fx frame map ipx
alias interface di dialer map ip
alias interface dx dialer map ipx
alias configure rr router rip
alias configure ri router igrp
alias configure ro router ospf
alias configure re router eigrp
alias configure rb router bgp
alias configure rs router isis
alias configure xr ipx router rip
alias configure xe ipx router eigrp
alias configure xn ipx router nlsp
alias exec ct config t
alias exec sr show run
alias exec si show ip route
alias exec ci clear ip route *
alias exec sx show ipx route
alias exec cx clear ipx route *
alias exec sb show ip bgp
alias exec cb clear ip bgp *
alias exec sbn show ip bgp neighbor
alias exec sfm show frame map
alias exec son show ip ospf neighbor
!
line con 0
exec-timeout 0 0
transport input none
line aux 0
line vty 0 4
access-class 53 in
password cisco
!
end
R5#
R3#sr
Building configuration...
Current configuration : 4872 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R3
!
!
username R5 password 0 dial
ip subnet-zero
ip telnet source-interface Loopback0
no ip domain-lookup
ip host R5 135.5.5.5
ip dhcp excluded-address 135.5.23.1 135.5.23.10
!
ip dhcp pool vlan1
network 135.5.23.0 255.255.255.240
dns-server 135.5.23.1
domain-name vlan1
!
ip ssh time-out 120
ip ssh authentication-retries 3
ipx routing 0000.0003.0003
isdn switch-type basic-ni
!
!
!
!
interface Loopback0
ip address 135.3.3.3 255.255.255.0
ip ospf authentication-key 1 cisco
ip ospf network point-to-point
!
interface Ethernet0
ip address 135.5.23.3 255.255.255.240
ip ospf authentication-key 1 cisco
ipx network 32 encapsulation SNAP
ipx network 23 encapsulation SAP secondary
!
interface Serial0
bandwidth 64
ip address 135.5.51.3 255.255.255.128
encapsulation frame-relay
ip split-horizon
ip ospf message-digest-key 1 md5 secure
ip ospf priority 201
ipx network 51
frame-relay map ip 135.5.51.2 305 broadcast
frame-relay map ip 135.5.51.3 305 broadcast
frame-relay map ip 135.5.51.5 305 broadcast
frame-relay map ipx 51.0000.0002.0002 305 broadcast
frame-relay map ipx 51.0000.0003.0003 305 broadcast
frame-relay map ipx 51.0000.0005.0005 305 broadcast
no frame-relay inverse-arp
!
interface BRI0
no ip address
encapsulation ppp
dialer rotary-group 1
isdn switch-type basic-ni
isdn spid1 0835866101 8358661
isdn spid2 0835866301 8358663
no cdp enable
ppp authentication chap
ppp multilink
!
interface Dialer1
ip address 135.5.15.2 255.255.255.252
encapsulation ppp
dialer in-band
dialer callback-secure
dialer idle-timeout 30
dialer map ipx 15.0000.0003.0003 name R5 class callback broadcast 18008358662
dialer map ipx 15.0000.0003.0003 name R5 class callback broadcast 18008358664
dialer map ip 135.5.15.1 name R5 class callback broadcast 18008358662
dialer map ip 135.5.15.1 name R5 class callback broadcast 18008358664
dialer map ip 135.5.15.2 name R5 class callback broadcast 18008358662
dialer map ip 135.5.15.2 name R5 class callback broadcast 18008358664
dialer map ipx 15.0000.0005.0005 name R5 class callback broadcast 18008358664
dialer map ipx 15.0000.0005.0005 name R5 class callback broadcast 18008358662
dialer-group 1
ipx network 15
no ipx route-cache
ipx watchdog-spoof
ipx spx-spoof
no cdp enable
ppp callback accept
ppp authentication chap
ppp multilink
!
router ospf 1
log-adjacency-changes
area 0 authentication
area 0 range 135.5.23.0 255.255.255.0
area 15 range 135.5.15.0 255.255.255.0
area 51 authentication message-digest
area 51 range 135.5.51.0 255.255.255.0
area 51 virtual-link 135.5.51.129 authentication-key 1 cisco
redistribute static metric 5000 metric-type 1 subnets
passive-interface BRI0
passive-interface Dialer1
network 135.3.3.0 0.0.0.255 area 0
network 135.5.15.0 0.0.0.3 area 51
network 135.5.23.0 0.0.0.15 area 0
network 135.5.51.0 0.0.0.127 area 51
default-information originate
!
router bgp 5
no synchronization
bgp log-neighbor-changes
neighbor 135.5.5.5 remote-as 5
neighbor 135.5.5.5 update-source Loopback0
no auto-summary
!
ip classless
no ip http server
ip pim bidir-enable
!
!
map-class frame-relay shape
!
map-class dialer callback
dialer callback-server username
access-list 53 permit 135.5.5.5
access-list 100 deny igrp any any
access-list 100 deny ip host 255.255.255.255 any
access-list 100 deny ospf any any
access-list 100 permit ip any any
access-list 900 deny rip any all any all
access-list 900 deny sap any all any all
access-list 900 deny any any all any 457
access-list 900 deny any any 457 any all
access-list 900 permit any any all any all
dialer-list 1 protocol ip list 100
dialer-list 1 protocol ipx list 900
!
!
ipx router eigrp 51
network 51
!
!
ipx router rip
no network 51
!
!
!
banner motd ^CWelcome to R3 you jackass!^C
alias subinterface ni no frame inv
alias subinterface fi frame map ip
alias subinterface fx frame map ipx
alias interface ni no frame inv
alias interface fi frame map ip
alias interface fx frame map ipx
alias interface di dialer map ip
alias interface dx dialer map ipx
alias configure rr router rip
alias configure ri router igrp
alias configure ro router ospf
alias configure re router eigrp
alias configure rb router bgp
alias configure rs router isis
alias configure xr ipx router rip
alias configure xe ipx router eigrp
alias configure xn ipx router nlsp
alias exec ct config t
alias exec sr show run
alias exec si show ip route
alias exec ci clear ip route *
alias exec sx show ipx route
alias exec cx clear ipx route *
alias exec sb show ip bgp
alias exec cb clear ip bgp *
alias exec sbn show ip bgp neighbor
alias exec sfm show frame map
alias exec son show ip ospf neighbor
!
line con 0
exec-timeout 0 0
line vty 0 4
access-class 53 in
no login
!
end
R3#
R5#ping 135.5.15.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 135.5.15.2, timeout is 2 seconds:
19:47:26: BR0/0 DDR: rotor dialout [priority]
19:47:26: BR0/0 DDR: Dialing cause ip (s=135.5.15.1, d=135.5.15.2)
19:47:26: BR0/0 DDR: Attempting to dial 18008358661
19:47:26: %LINK-3-UPDOWN: Interface BRI0/0:1, changed state to up
19:47:26: %ISDN-6-CONNECT: Interface BRI0/0:1 is now connected to 18008358661
19:47:26: BR0/0:1 PPP: Treating connection as a callout
19:47:26: BR0/0:1 PPP: Phase is AUTHENTICATING, by both
19:47:26: BR0/0:1 CHAP: O CHALLENGE id 43 len 23 from "R5"
19:47:27: BR0/0:1 CHAP: I CHALLENGE id 4 len 23 from "R3"
19:47:27: BR0/0:1 CHAP: O RESPONSE id 4 len 23 from "R5"
19:47:27: BR0/0:1 CHAP: I SUCCESS id 4 len 4
19:47:27: BR0/0:1 CHAP: I RESPONSE id 43 len 23 from "R3"
19:47:27: BR0/0:1 CHAP: O SUCCESS id 43 len 4
19:47:27: BR0/0:1 DDR: Callback negotiated - waiting for server disconnect
19:47:.27: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up
19:47:27: Vi1 PPP: Treating connection as a callout
19:47:27: Vi1 DDR: Callback negotiated - waiting for server disconnect
19:47:28: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0/0:1, changed sta
te to up
19:47:28: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, chan
ged state to up
19:47:28: %ISDN-6-DISCONNECT: Interface BRI0/0:1 disconnected from 18008358661
R3, call lasted 2 se
conds
19:47:28: %LINK-3-UPDOWN: Interface BRI0/0:1, changed state to down
19:47:28: DDR: Callback client for R3 18008358661 created
19:47:28: BR0/0:1 DDR: disconnecting call
19:47:28: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to down.
19:47:29: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0/0:1, changed sta
te to down
19:47:29: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, chan
ged state to down...
Success rate is 0 percent (0/5)
R5#ping 135.5.15.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 135.5.15.2, timeout is 2 seconds:
..
19:47:42: %LINK-3-UPDOWN: Interface BRI0/0:1, changed state to up
19:47:42: %ISDN-6-CONNECT: Interface BRI0/0:1 is now connected to 8358661 .!!
Success rate is 40 percent (2/5), round-trip min/avg/max = 36/36/36 ms
R5#
19:47:42: BR0/0:1 PPP: Treating connection as a callin
19:47:42: BR0/0:1 PPP: Phase is AUTHENTICATING, by both
19:47:42: BR0/0:1 CHAP: O CHALLENGE id 44 len 23 from "R5"
19:47:42: BR0/0:1 CHAP: I CHALLENGE id 5 len 23 from "R3"
19:47:42: BR0/0:1 CHAP: Waiting for peer to authenticate first
19:47:43: BR0/0:1 CHAP: I RESPONSE id 44 len 23 from "R3"
19:47:43: BR0/0:1 CHAP: O SUCCESS id 44 len 4
19:47:43: BR0/0:1 CHAP: Processing saved Challenge, id 5
19:47:43: BR0/0:1 CHAP: O RESPONSE id 5 len 23 from "R5"
19:47:43: BR0/0:1 CHAP: I SUCCESS id 5 len 4
19:47:43: BR0/0:1 DDR: No callback negotiated
19:47:43: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up
19:47:43: Vi1 PPP: Treating connection as a callin
19:47:43: Vi1 DDR: No callback negotiated
19:47:43: Vi1 DDR: dialer protocol up
19:47:43: Vi1 DDR: Callback received from R3 18008358661
19:47:43: DDR: Freeing callback to R3 18008358661
19:47:43: Vi1 DDR: dialer protocol up
R5#
19:47:44: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0/0:1, changed sta
te to up
19:47:44: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, chan
ged state to up
R5#
19:47:48: %ISDN-6-CONNECT: Interface BRI0/0:1 is now connected to 18008358661 R
3
R5#ping 135.5.15.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 135.5.15.2, timeout is 2 seconds:
19:49:03: BR0/0 D
2509AS#3
[Resuming connection 3 to r3 ... ]
00:08:08: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up
00:08:08: BR0:1 PPP: Treating connection as a callin
00:08:08: BR0:1 CHAP: O CHALLENGE id 6 len 23 from "R3"
00:08:08: BR0:1 CHAP: I CHALLENGE id 45 len 23 from "R5"
00:08:08: BR0:1 CHAP: Waiting for peer to authenticate first
00:08:08: BR0:1 CHAP: I RESPONSE id 6 len 23 from "R5"
00:08:08: BR0:1 CHAP: O SUCCESS id 6 len 4
00:08:08: BR0:1 CHAP: Processing saved Challenge, id 45
00:08:08: BR0:1 CHAP: O RESPONSE id 45 len 23 from "R3"
00:08:08: BR0:1 CHAP: I SUCCESS id 45 len 4
00:08:08: BR0:1 DDR: PPP callback Callback server starting to R5 18008358662
00:08:08: BR0:1 DDR: disconnecting call
00:08:08: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 18008358662 R5
00:08:08: %LINK-3-UPDOWN: Interface BRI0:1, changed state to down
R3#
00:08:08: BR0:1 DDR: disconnecting call
R3#
00:08:23: DDR: Callback timer expired
00:08:23: Di1 DDR: beginning callback to R5 18008358662
00:08:23: BR0 DDR: rotor dialout [priority]
00:08:23: BR0 DDR: Attempting to dial 18008358662
00:08:24: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up
00:08:24: DDR: Freeing callback to R5 18008358662
00:08:24: BR0:1 PPP: Treating connection as a callout
00:08:24: BR0:1 CHAP: O CHALLENGE id 7 len 23 from "R3"
00:08:24: BR0:1 CHAP: I CHALLENGE id 46 len 23 from "R5"
00:08:24: BR0:1 CHAP: O RESPONSE id 46 len 23 from "R3"
00:08:24: BR0:1 CHAP: I SUCCESS id 46 len 4
00:08:24: BR0:1 CHAP: I RESPONSE id 7 len 23 from "R5"
00:08:24: BR0:1 CHAP: O SUCCESS id 7 len 4
00:08:24: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up
00:08:24: Vi1 DDR: Dialer statechange to up
00:08:24: Vi1 DDR: Dialer call has been placed
00:08:24: Vi1 PPP: Treating connection as a callout
00:08:24: Vi1 DDR: dialer protocol up
00:08:24: Vi1 DDR: dialer protocol up
00:08:25: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed state
to up
00:08:25: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, chan
ged state to up
R3#ping 13
00:08:30: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 18008358662 R55
.5.15.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 135.5.15.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 36/36/40 ms
R3#ping 135.5.15.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 135.5.15.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 36/36/36 ms
R3#undebug all
All possible debugging has been turned off
R3#
Dan
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:58:06 GMT-3