Announcement

Collapse
No announcement yet.

ISDN backup interface

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • ISDN backup interface

    Hi All,

    I currently have a cisco 1800 router configured with a serial interface, i've configured a isdn backup. When I shut down the serial interface the isdn dials up connects and I can ping from the router but not out from PC's on the LAN.

    Below is my configuration, i'd be grateful for any help.

    Thanks in advance.

    Daniel

    version 12.4
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname router
    !
    boot-start-marker
    boot-end-marker
    !
    logging buffered 52000 debugging
    !
    no aaa new-model
    !
    resource policy
    !
    mmi polling-interval 60
    no mmi auto-configure
    no mmi pvc
    mmi snmp-timeout 180
    ip subnet-zero
    ip cef
    !
    !
    !
    !
    no ip domain lookup
    ip domain name domain.co.uk
    ip name-server 212.42.162.1
    ip inspect name firewall tcp
    ip inspect name firewall udp
    ip inspect name firewall rtsp
    ip inspect name firewall h323
    ip inspect name firewall netshow
    ip inspect name firewall ftp
    ip inspect name firewall sqlnet
    !
    isdn switch-type basic-net3
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    crypto pki trustpoint TP-self-signed-994770686
    enrollment selfsigned
    subject-name cn=IOS-Self-Signed-Certificate-994770686
    revocation-check none
    rsakeypair TP-self-signed-994770686
    !
    !
    crypto pki certificate chain TP-self-signed-994770686
    certificate self-signed 01
    30820262 308201CB A0030201 02020101 300D0609 2A864886 F70D0101 04050030
    30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
    69666963 6174652D 39393437 37303638 36301E17 0D303830 35323731 30353235
    385A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
    532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3939 34373730
    36383630 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
    AE0EDA7F C989F113 88D6F06C 91DBE7D0 4C0BA058 2143BF32 4189D697 8DB14EFF
    BF0CA10D DFDC90CC 43821277 2D2D8083 BE18D1ED 96398F16 447D4DC1 EF0B7AF2
    A0BDFEAC B0C1682A 6EEFB7DE 1FB0EAF7 046D3044 B668A090 50D56DB6 3FF869EF
    8E20A1E3 636778E9 C8535BAD 90F795FA 7C24592E AA322AC8 2176892B E050053B
    02030100 01A3818B 30818830 0F060355 1D130101 FF040530 030101FF 30350603
    551D1104 2E302C82 2A524C43 2D426972 6D696E67 68616D2E 72656675 6765652D
    6C656761 6C2D6365 6E747265 2E6F7267 2E756B30 1F060355 1D230418 30168014
    9709B57B 40607119 2F677312 B4AF9561 92C1BA2A 301D0603 551D0E04 16041497
    09B57B40 6071192F 677312B4 AF956192 C1BA2A30 0D06092A 864886F7 0D010104
    05000381 81001118 AEB33CBE 3FFCCB59 463F6CCA 8CD5F948 7D4D5B14 61FE9BC8
    9D41A3C8 22CA7EBE 47692B5C CBB92026 585A994D 98C59CE2 FD1C77B5 94BF7C42
    BD949B4E B9D2FEC3 6A136E7C 1C286EEA D9C318B3 B82409D7 39448A8C 8255B48F
    6322C381 28C92DF6 3BC27B5C 46D71592 276E5DD4 234B3AFD BB074091 29D86CAF
    A967F45F A0E3
    quit
    username xxxxx privilege 15 password 7 0956410E1E1C47474E
    username xxxxx privilege 15 password 7 111B1506464058
    username xxxxx privilege 15 secret 5 $1$r6Yo$y3J5oifJIf0YRWkoyKTRa/
    !
    !
    !
    crypto isakmp policy 1
    encr aes
    authentication pre-share
    group 2
    lifetime 600
    crypto isakmp key xxxxx address x.x.x.x
    crypto isakmp key xxxxx address x.x.x.x
    crypto isakmp keepalive 180
    !
    crypto ipsec security-association lifetime seconds 86400
    !
    crypto ipsec transform-set vpn1 esp-aes esp-sha-hmac
    crypto ipsec transform-set vpn2 esp-3des esp-sha-hmac
    !
    crypto map backup 30 ipsec-isakmp
    description backup VPN to London over ISDN
    set peer 195.224.149.114
    set transform-set vpn1
    match address 102
    !
    crypto map vpn 10 ipsec-isakmp
    set peer x.x.x.x
    set transform-set vpn1
    match address 102
    !
    !
    !
    !
    interface FastEthernet0/0
    description Internal Network
    ip address 10.0.26.1 255.255.255.0
    ip nat inside
    ip inspect firewall in
    ip virtual-reassembly
    ip tcp adjust-mss 1452
    duplex auto
    speed auto
    !
    interface FastEthernet0/1
    no ip address
    shutdown
    duplex auto
    speed auto
    !
    interface Serial0/0/0
    description WAN
    ip address x.x.x.x 255.255.255.252
    ip nat outside
    ip virtual-reassembly
    encapsulation ppp
    shutdown
    crypto map vpn
    !
    interface BRI0/1/0
    description Network-I ISDN Line
    no ip address
    ip nat outside
    no ip virtual-reassembly
    encapsulation ppp
    dialer rotary-group 1
    isdn switch-type basic-net3
    isdn point-to-point-setup
    no cdp enable
    !
    interface Dialer1
    description Backup ISDN connection to web
    ip address negotiated
    ip nat outside
    ip virtual-reassembly
    encapsulation ppp
    no ip split-horizon
    dialer in-band
    dialer string 08456653000
    dialer-group 1
    no cdp enable
    ppp chap hostname xxxxx
    ppp chap password 0 xxxxx
    ppp pap sent-username xxxxx password 0 xxxxx
    crypto map backup
    !
    no ip classless
    ip route 0.0.0.0 0.0.0.0 x.x.x.x
    ip route 0.0.0.0 0.0.0.0 Dialer1 200
    !
    !
    ip http server
    ip http access-class 10
    ip http authentication local
    ip http secure-server
    ip http timeout-policy idle 60 life 86400 requests 10000
    ip nat inside source list 110 interface Serial0/0/0 overload
    ip nat inside source list 115 interface Dialer1 overload
    !
    access-list 10 permit 10.0.0.0 0.255.255.255
    access-list 23 permit 10.0.1.207
    access-list 23 permit 10.0.26.0 0.0.0.255
    access-list 101 permit ip 10.0.26.0 0.0.0.255 10.0.1.0 0.0.0.255
    access-list 102 permit ip 10.0.26.0 0.0.0.255 10.0.0.0 0.255.255.255
    access-list 110 deny ip 10.0.26.0 0.0.0.255 10.0.0.0 0.255.255.255
    access-list 110 permit ip 10.0.26.0 0.0.0.255 any
    access-list 115 deny ip 10.0.26.0 0.0.0.255 10.0.0.0 0.255.255.255
    access-list 115 permit ip 10.0.26.0 0.0.0.255 any
    dialer-list 1 protocol ip permit
    snmp-server community xxxxx RO
    no cdp run
    !
    !
    !
    !
    control-plane
    !
    !
    !
    !
    !
    !
    !
    !
    banner login ^CCCCCCC
    No unauthorised access allowed
    ^C
    !
    line con 0
    line aux 0
    line vty 0 4
    access-class 23 in
    privilege level 15
    login local
    transport input telnet ssh
    line vty 5 15
    access-class 23 in
    privilege level 15
    login local
    transport input telnet ssh
    !
    end
    Attached Files
Working...
X