cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2778
Views
10
Helpful
18
Replies

ISR 4321 ISDN connectivity issue

cipherhere
Level 1
Level 1

Hi,

 

We had a cut over to migrate from Cisco 2901 to ISR 4321 but it was unsuccessful, the primary usage of the device is for ISDN  connectivity and we just use it for data communication(No voice).

 

Chassis: ISR4321/K9

Module : : NIM-4BRI-S/T

Version:  16.08.01

 

During the migration, ISDN physical interfaces came up but traffic is not getting through, we verified it by sending some interesting traffic through it. When we switch the connections to 2901 then it starts working.

 

Working with Cisco TAC from a long time but it's not going anywhere and I am kind of blocked.

Not able to isolate whether the issue is with ISR 4321(config issue) or with the provider but since connectivity is fine with the 2901 I am assuming it may be an issue with ISR 4321 but don't have any data.

Not seeing anything on ISDN debugs on the box.

Does anyone have first hand experience migrating from 2901to ISR 4321?

Appreciate any help here.

 

Configs:

=====

 

interface GigabitEthernet0/0/1
description "towards internal network"
ip address <>
ip nat inside
standby 10 ip <>
standby 10 timers 2 6
standby 10 priority 200
standby 10 preempt
negotiation auto
!

interface Dialer1
ip address negotiated
ip nat outside
encapsulation ppp
dialer in-band
dialer idle-timeout 30
dialer map ip <> class dial1<>
dialer-group 1
no cdp enable
ppp authentication chap callin
ppp chap hostname <>
ppp chap password 7 <>
ip virtual-reassembly
!
interface Dialer2
ip address negotiated
ip nat outside
encapsulation ppp
dialer in-band
dialer idle-timeout 30
dialer map ip <> name sq-2 class dial1<>
dialer-group 2
no cdp enable
ppp callback request
ppp ipcp address accept
ip virtual-reassembly
!
interface Dialer3
ip address negotiated
encapsulation ppp
dialer in-band
dialer map ip <> class dial3 <>
dialer map ip <> class dial3 <>
dialer-group 3
no cdp enable
ppp authentication chap callin
ppp chap hostname <>
ppp chap password 7 <>
ip virtual-reassembly
!

interface BRI0/2/0:0

ip address negotiated
ip nat outside
encapsulation ppp
dialer rotary-group 1
dialer-group 1
no cdp enable
isdn switch-type ntt
isdn point-to-point-setup
ppp ipcp address accept
ip virtual-reassembly
!
interface BRI0/2/1:0

ip address negotiated
ip nat outside
encapsulation ppp
dialer rotary-group 2
dialer-group 2
no cdp enable
isdn switch-type ntt
isdn point-to-point-setup
ppp ipcp address accept
ip virtual-reassembly
!
interface BRI0/2/2:0

ip address negotiated
ip nat outside
encapsulation ppp
dialer rotary-group 2
dialer-group 2
no cdp enable
isdn switch-type ntt
isdn point-to-point-setup
ppp ipcp address accept
ip virtual-reassembly
!

mr01.nrt1#show isdn status
Global ISDN Switchtype = ntt
ISDN BRI0/2/0:0 interface
dsl 4, interface ISDN Switchtype = ntt
Layer 1 Status:
ACTIVE
Layer 2 Status:
TEI = 73, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED
Layer 3 Status:
0 Active Layer 3 Call(s)
Active dsl 4 CCBs = 0
The Free Channel Mask: 0x80000003
ISDN BRI0/2/1:0 interface
dsl 5, interface ISDN Switchtype = ntt
Layer 1 Status:
ACTIVE
Layer 2 Status:
TEI = 71, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED
Layer 3 Status:
0 Active Layer 3 Call(s)
Active dsl 5 CCBs = 0
The Free Channel Mask: 0x80000003
ISDN BRI0/2/2:0 interface
dsl 6, interface ISDN Switchtype = ntt
Layer 1 Status:
ACTIVE
Layer 2 Status:
TEI = 71, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED
Layer 3 Status:
0 Active Layer 3 Call(s)
Active dsl 6 CCBs = 0
The Free Channel Mask: 0x80000003
ISDN BRI0/2/3:0 interface
dsl 7, interface ISDN Switchtype = ntt
Layer 1 Status:
SHUTDOWN
Layer 2 Status:
Layer 2 NOT Activated
Layer 3 Status:
0 Active Layer 3 Call(s)
Active dsl 7 CCBs = 0
The Free Channel Mask: 0x00000000
Total Allocated ISDN CCBs = 0

 

NOTE: Same configuration works on 2901. DIdn't paste the entire config and masked some data.

 

18 Replies 18

Hello,

 

just to be sure, ISDN switch type NTT means Japan, that is where you are located ?

Yes, devices are deployed in Japan.

Hello,

 

can you try the commands marked in bold:

 

Current configuration : 8419 bytes
!
! Last configuration change at 16:16:05 JST Thu May 28 2020 by root
! NVRAM config last updated at 16:16:10 JST Thu May 28 2020 by root
!
version 16.8
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
no service dhcp
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
!
hostname <removed>
!
boot-start-marker
boot-end-marker
!
!
vrf definition Mgmt-intf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
logging buffered 51200 warnings
enable secret 5 <removed>
!
no aaa new-model
clock timezone JST 9 0
clock calendar-valid
no ip source-route
!
no ip domain lookup
ip domain name yourdomain.com
ip address-pool local
!
subscriber templating
!
multilink bundle-name authenticated
!
isdn switch-type ntt
!
crypto pki trustpoint TP-self-signed-2100035517
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2100035517
revocation-check none
rsakeypair TP-self-signed-2100035517
!
crypto pki certificate chain TP-self-signed-2100035517
!
license udi pid ISR4321/K9 sn FDO2347004C
no license smart enable
hw-module subslot 0/1 shutdown unpowered
!
object-group network admin-zones
description All admin zones
10.1.7.0 255.255.255.0
10.1.71.0 255.255.255.0
10.1.130.0 255.255.255.0
10.4.12.0 255.255.254.0
10.4.76.0 255.255.254.0
10.24.7.0 255.255.255.0
10.26.12.0 255.255.254.0
10.128.7.0 255.255.255.0
!
object-group network peer-interfaces
host 10.128.255.20
host 10.128.255.6
host 10.128.255.71
!
diagnostic bootup level minimal
!
spanning-tree extend system-id
!
redundancy
mode none
!
interface Loopback0
ip address 10.128.255.19 255.255.255.255
!
interface GigabitEthernet0/0/0
description neighbor:gi-0/0/0
ip address 10.128.255.70 255.255.255.254
media-type rj45
negotiation auto
!
interface GigabitEthernet0/0/1
description layer2_switch-ge-0-0-10
ip address 10.128.255.9 255.255.255.240
ip nat inside
standby 10 ip 10.128.255.7
standby 10 timers 2 6
standby 10 priority 110
standby 10 preempt
negotiation auto
!
interface GigabitEthernet0
vrf forwarding Mgmt-intf
no ip address
shutdown
negotiation auto
!
interface BRI0/2/0:0
description Provider1
ip address negotiated
ip nat outside
encapsulation ppp
dialer rotary-group 1
dialer-group 1
--> dialer pool-member 1
no cdp enable
isdn switch-type ntt
isdn point-to-point-setup
ppp ipcp address accept
ip virtual-reassembly
!
interface BRI0/2/1:0
description Provider2
ip address negotiated
ip nat outside
encapsulation ppp
dialer rotary-group 2
dialer-group 2
--> dialer pool-member 2
no cdp enable
isdn switch-type ntt
isdn point-to-point-setup
ppp ipcp address accept
ip virtual-reassembly
!
interface BRI0/2/2:0
description provider3
ip address negotiated
ip nat outside
encapsulation ppp
dialer rotary-group 2
dialer-group 2
--> dialer pool-member 3
no cdp enable
isdn switch-type ntt
isdn point-to-point-setup
ppp ipcp address accept
ip virtual-reassembly
!
interface BRI0/2/3:0
no ip address
encapsulation hdlc
shutdown
isdn switch-type ntt
isdn point-to-point-setup
!
interface Dialer1
ip address negotiated
ip nat outside
encapsulation ppp
dialer in-band
dialer idle-timeout 30
dialer map ip 10.0.12.201 class dial1 <removed>
--> dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap callin
ppp chap hostname <removed>
ppp chap password 7 <removed>
ip virtual-reassembly
!
interface Dialer2
ip address negotiated
ip nat outside
encapsulation ppp
dialer in-band
dialer idle-timeout 30
dialer map ip 10.0.8.1 name sq-2 class dial1 <removed>
--> dialer pool 2
dialer-group 2
no cdp enable
ppp callback request
ppp ipcp address accept
ip virtual-reassembly
!
interface Dialer3
ip address negotiated
encapsulation ppp
dialer in-band
dialer map ip 192.51.47.223 class dial3 <removed>
dialer map ip 192.51.47.1 class dial3 <removed>
--> dialer pool 3
dialer-group 3
no cdp enable
ppp authentication chap callin
ppp chap hostname <removed>
ppp chap password 7 <removed>
ip virtual-reassembly
!
ip nat inside source list to_provider1 interface Dialer1 overload
ip nat inside source list to_provider2 interface Dialer2 overload
ip forward-protocol nd
no ip http server
ip http authentication local
no ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip tftp source-interface GigabitEthernet0
ip route 0.0.0.0 0.0.0.0 10.128.255.1
ip route 10.0.8.1 255.255.255.255 Dialer2
ip route 10.0.12.201 255.255.255.255 Dialer1
ip route 192.51.47.0 255.255.255.0 Dialer3
!
ip ssh version 2
!
ip scp server enable
!
ip access-list extended sshprotect
permit tcp object-group admin-zones any
permit tcp object-group peer-interfaces any
ip access-list extended to_provider1
permit ip host 10.128.1.8 host 10.0.12.201
permit ip host 10.128.1.12 host 10.0.12.201
permit ip host 10.128.1.20 host 10.0.12.201
permit ip host 10.128.1.26 host 10.0.12.201
permit ip host 10.128.1.11 host 10.0.12.201
permit ip host 10.128.1.35 host 10.0.12.201
permit ip host 10.128.1.36 host 10.0.12.201
ip access-list extended to_provider2
permit ip host 10.128.1.8 host 10.0.8.1
permit ip host 10.128.1.12 host 10.0.8.1
permit ip host 10.128.1.20 host 10.0.8.1
permit ip host 10.128.1.26 host 10.0.8.1
permit ip host 10.128.1.11 host 10.0.8.1
permit ip host 10.128.1.35 host 10.0.8.1
permit ip host 10.128.1.36 host 10.0.8.1
!
map-class dialer dial1
dialer callback-server username
!
map-class dialer dial2
dialer callback-server dial-string
!
map-class dialer dial3
dialer callback-server username
logging facility local4
access-list 101 permit icmp any any
access-list 101 permit tcp any any
access-list 102 permit icmp any any
access-list 102 permit tcp any any
access-list 103 permit icmp any any
access-list 103 permit tcp any any
dialer-list 1 protocol ip list 101
dialer-list 2 protocol ip list 102
dialer-list 3 protocol ip list 103
!
control-plane
!
privilege exec level 0 show inventory raw
privilege exec level 0 show inventory
privilege exec level 0 show running-config view full
privilege exec level 0 show running-config view
privilege exec level 0 show running-config
privilege exec level 0 show
!
line con 0
exec-timeout 15 0
login local
transport input none
stopbits 1
line aux 0
exec-timeout 0 1
no exec
transport output none
stopbits 1
line vty 0 4
exec-timeout 60 0
privilege level 15
logging synchronous
login local
transport preferred ssh
transport input ssh
transport output telnet ssh
escape-character 3
line vty 5 15
access-class sshprotect in
exec-timeout 60 0
privilege level 15
logging synchronous
login local
transport preferred ssh
transport input ssh
transport output telnet ssh
escape-character 3
!
wsma agent exec
!
wsma agent config
!
wsma agent filesys
!
wsma agent notify
!
!
end

It is throwing an error.

 

(config-if)#dialer pool-member 1
%Remove Legacy DDR Configuration first

 

Do I have to remove any configuration?

Review Cisco Networking for a $25 gift card