Announcement

Collapse
No announcement yet.

Cisco 1700 configuration/setup issues.

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Cisco 1700 configuration/setup issues.

    I'm new to the configuration of the cisco routers and we have two of them in my current environment. These two routers are setup to connect two different buildings via point-to-point T1. The remote site can connect to local resources and and most resources at the main site but cannot connect to anything at our 3rd site which is connected via vpn across the internet. I know there is a routing table issue with these routers but I don't know enough about programming them to just dive in. I'll try to layout the scenario below and hopefully it makes sense. I can also post up info from the routers as needed like "show ver" & "show config".

    Please also keep in mind that I walked into this mess and would really like to clean things up. I want to learn how to do this right and would appreciate any tips on how to accomplish it.

    Building A (our main site)
    IP space of 10.1.x.x, has dhcp, dns, wins, AD, phone switch, etc.
    Point to point T1 connection through Cisco 1700 to Building B
    VPN connection to building C and trusted domain.
    Users in building A can connect to resources in Building B and C with no problem.

    Building B
    IP space of 192.168.20.x, all static IP's, VOIP phones, 10+ workstations.
    Point to point T1 connection to Building A through Cisco 1700
    Unable to ping anything in Building A when logged into the cisco via telnet.
    Users can connect to resources in Building A with no problems.
    Users cannot connect to any resources in Building C at all.

    Building C
    IP space of 192.168.200.x, DHCP, DNS, Wins, AD, etc. (this was a separate company alltogether)
    VPN Connection to Building A, direct connection to internet.
    Users can connect to resources in Building A with no problems.
    Users cannot connect to resources in Building B at all even though the names and IP's resolve fine.

    As you can see I have a mess to deal with. Let me know what you would like to see from the routers and I'll post it up.

  • #2
    Re: Cisco 1700 configuration/setup issues.

    First think will be to post your running configs from all three.

    plus show ip route

    Comment


    • #3
      Re: Cisco 1700 configuration/setup issues.

      We only have two of these routers. The connection between building A & C is via a VPN across the itnernet and doesn't see to have a problem. Below is the configs and routes as output by the routers.

      Building A going to Building B

      Plant_one#show running-config
      Building configuration...

      Current configuration : 1218 bytes
      !
      version 12.2
      service timestamps debug uptime
      service timestamps log uptime
      no service password-encryption
      !
      hostname Plant_one
      !
      enable password ******
      !
      ip subnet-zero
      !
      !
      class-map match-all Voice-traffic
      description Lake Air Metal Voice traffic
      match access-group 101
      class-map match-all other-traffic
      match access-group 102
      !
      !
      policy-map VoIP
      description Lake Air Voice Policy
      class Voice-traffic
      priority 512
      class other-traffic
      priority 512
      class class-default
      fair-queue
      !
      !
      !
      !
      interface FastEthernet0
      ip address 10.1.40.200 255.255.0.0
      no ip redirects
      no keepalive
      speed auto
      !
      interface Serial0
      ip address 172.16.1.1 255.255.255.252
      no ip redirects
      service-policy output VoIP
      service-module t1 clock source internal
      service-module t1 timeslots 1-24
      !
      ip classless
      ip route 0.0.0.0 0.0.0.0 10.1.40.5
      ip route 192.168.0.0 255.255.0.0 172.16.1.2
      no ip http server
      !
      !
      access-list 101 permit tcp host 10.1.40.201 any
      access-list 101 permit udp host 10.1.40.201 any
      access-list 101 permit ip host 10.1.40.201 any
      access-list 102 permit ip 10.1.0.0 0.0.255.225 192.168.0.0 0.0.255.255
      !
      line con 0
      logging synchronous
      line aux 0
      line vty 0 4
      password *******
      login
      !
      end

      Plant_one#show ip-route route
      Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
      D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
      N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
      E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
      i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
      * - candidate default, U - per-user static route, o - ODR
      P - periodic downloaded static route

      Gateway of last resort is 10.1.40.5 to network 0.0.0.0

      172.16.0.0/30 is subnetted, 1 subnets
      C 172.16.1.0 is directly connected, Serial0
      10.0.0.0/16 is subnetted, 1 subnets
      C 10.1.0.0 is directly connected, FastEthernet0
      S* 0.0.0.0/0 [1/0] via 10.1.40.5
      S 192.168.0.0/16 [1/0] via 172.16.1.2
      Plant_one#

      Building B to Building A
      Plant-two#show running-config
      Building configuration...

      Current configuration : 1461 bytes
      !
      version 12.2
      service timestamps debug uptime
      service timestamps log uptime
      no service password-encryption
      !
      hostname Plant-two
      !
      enable password ********
      !
      ip subnet-zero
      ip host plant1 172.16.1.1
      !
      !
      class-map match-all Other-traffic
      description Qos for www and other traffic
      match access-group 102
      class-map match-all Voice
      description plant 2 Voice traffic
      match access-group 101
      !
      !
      policy-map VoIP
      description Plant 2 Voice policy
      class Voice
      priority 512
      class Other-traffic
      priority 512
      class class-default
      fair-queue
      !
      !
      !
      !
      interface FastEthernet0
      ip address 192.168.20.100 255.255.0.0
      no ip redirects
      no keepalive
      speed auto
      !
      interface Serial0
      ip address 172.16.1.2 255.255.255.252
      no ip redirects
      service-policy output VoIP
      service-module t1 timeslots 1-24
      !
      ip classless
      ip route 0.0.0.0 0.0.0.0 172.16.1.1
      ip route 10.1.0.0 255.255.0.0 172.16.1.1
      no ip http server
      !
      !
      access-list 101 permit tcp 192.168.0.0 0.0.255.255 host 10.1.40.201
      access-list 101 permit udp 192.168.0.0 0.0.255.255 host 10.1.40.201
      access-list 101 permit ip 192.168.0.0 0.0.255.255 host 10.1.40.201
      access-list 102 permit tcp any any eq www
      access-list 102 permit ip any 10.1.0.0 0.0.255.255
      banner motd ^COnly Authorized personnel have access to this router. If you any questions, please contact your Network Administrator.^C
      !
      line con 0
      logging synchronous
      line aux 0
      line vty 0 4
      password ********
      login
      !
      no scheduler allocate
      end

      Plant-two#show ip route
      Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
      D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
      N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
      E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
      i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
      * - candidate default, U - per-user static route, o - ODR
      P - periodic downloaded static route

      Gateway of last resort is 172.16.1.1 to network 0.0.0.0

      172.16.0.0/30 is subnetted, 1 subnets
      C 172.16.1.0 is directly connected, Serial0
      10.0.0.0/16 is subnetted, 1 subnets
      S 10.1.0.0 [1/0] via 172.16.1.1
      S* 0.0.0.0/0 [1/0] via 172.16.1.1
      C 192.168.0.0/16 is directly connected, FastEthernet0

      Comment


      • #4
        Re: Cisco 1700 configuration/setup issues.

        I've been away from this for a while now but haven't received any responses. Does anyone have any ideas on this?

        Comment


        • #5
          Re: Cisco 1700 configuration/setup issues.

          Start with the perimeter first, are there any hardware firewalls or is everything handled by the ios firewall?

          Comment

          Working...
          X