Announcement

Collapse
No announcement yet.

Cisco T1-How is this config working?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Cisco T1-How is this config working?

    I have completed some Cisco networking acadamey courses in CCNA, CCNP ISCW and BCMSN. I am now dangerous and wanted to help a buddy in sys admin to change over their very small branch offices from T1 to site-to-site vpns. Well, he's not ready for that yet, but he let me check out the configs to start planning. As soon as I looked at the main office config, I had questions.

    The internet facing Cisco router 2811 has no public ip configured and no nat config. The default route points to the inside ethernet interface to a Sonicwall. He told me that he is doing Nat from that box, but I have not confirmed that. I guess the default route is for the T1 routes from the branches to route through the Sonicwall. So my question was how does the packets leave the Sonicwall and get to the internet without a default route or a public ip address to leave from the internet router? I have posted a sanitized config below, only thing missing is admin passwords...also the route map statement looks useless and I am thinking about deleting that from the config if I do the work for my friend.

    Current configuration : 2163 bytes
    !
    version 12.3
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    !
    !
    !
    controller T1 0/1/0
    framing esf
    fdl att
    clock source internal
    linecode b8zs
    channel-group 0 timeslots 1-24 speed 64
    !
    controller T1 0/1/1
    framing esf
    linecode b8zs
    channel-group 0 timeslots 1-24 speed 64
    !
    controller T1 0/3/0
    framing esf
    linecode b8zs
    channel-group 0 timeslots 1-24 speed 64
    !
    controller T1 0/3/1
    framing esf
    linecode b8zs
    channel-group 0 timeslots 1-24 speed 64
    !
    !
    interface FastEthernet0/0
    description internet
    no ip address
    shutdown
    duplex auto
    speed auto
    !
    interface FastEthernet0/1
    description INSIDE TO LAN
    ip address 10.1.0.4 255.0.0.0
    duplex auto
    speed auto
    !
    interface Serial0/0/0
    no ip address
    shutdown
    !
    interface Serial0/1/0:0
    description A Branch Office
    ip address 192.1.1.1 255.255.255.0
    !
    interface Serial0/1/1:0
    description B Branch office
    ip address 192.2.1.1 255.255.255.0
    !
    interface Serial0/3/0:0
    description C Branch office
    ip address 192.3.1.1 255.255.255.0
    !
    interface Serial0/3/1:0
    no ip address
    shutdown
    !
    ip classless
    ip route 0.0.0.0 0.0.0.0 10.1.0.1 (TO SONICWALL)
    ip route 192.168.200.0 255.255.255.0 192.1.1.2
    ip route 192.168.201.0 255.255.255.0 192.2.1.2
    ip route 192.168.202.0 255.255.255.0 192.3.1.2
    !
    route-map B Branch office permit 10
    set ip next-hop 10.1.0.1

  • #2
    Re: Cisco T1-How is this config working?

    Yeah the route map is doing nothing as its not being applied anywhere. Also it looks like he isnt using the fa0/0 interface as it is shutdown. There is a default route to the sonica wall which is on the same network as the inside interface fa0/1. So it looks to me that all internet based traffic uses the default route to the sonicwall, gets natted there and out to the internet. I dont see the sonic wall configuration but I would assume it also has a default route to the ISP gateway. Remember longest match routing always wins so if traffic was destined for the internet it would only match the default route all other remote subnets have a more specific match and would use that route.

    ip route 0.0.0.0 0.0.0.0 10.1.0.1 (TO SONICWALL)
    ip route 192.168.200.0 255.255.255.0 192.1.1.2
    ip route 192.168.201.0 255.255.255.0 192.2.1.2
    ip route 192.168.202.0 255.255.255.0 192.3.1.2
    !
    CCNA, CCNA-Security, CCNP
    CCIE Security (In Progress)

    Comment

    Working...
    X