I'm guessing I will have to flash IOS with the IP Plus image. These routers are probably way past their warranty so I don't think I will be able to download any IOS upgrades.

Where in the sh ver do you see the IP only information?

c1700-y-mz.121-3"

The y means IP only for 1700s

If it was sy then that would become IP Plus.

HTH

That explains the CEF issue. CEF did not become available on the 1720 until 12.3(6). The first ip only image is:

c1700-ipbase-mz.12.3-6

You can look through features such as this (if you have a valid support contract) at:

http://www.cisco.com/kobayashi/support/tac/tools.shtml

.

That said, multilink ppp is available is your image. and probably the simplest way to go.

See the following for an example. The example uses a pair of cross connected routers, and shows authentication, but you can use your 2 T1s instead and probably don't need authentication since they are not dial-up.:

http://www.cisco.com/en/US/tech/tk713/tk628/technologies_configuration_example09186a00800a5efa.shtml

That would make sense to me. On each end, bind the serial interfaces to a dialer, and bridge the dialer.

I'm trying to think what the downsides would be, the only one being some fragmentation issues, but that should be handled with MLPPP reasonably well.

I am sure that would be the simplest.

-colin.

I cannot ping either side of the multilink interfaces. Am I missing something in the config?

Below is the running config for the corporate side router:

Current configuration:

!

version 12.1

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Corporate_PTP_Router

!

enable password xxxxx

!

!

!

!

!

memory-size iomem 25

ip subnet-zero

no ip routing

!

!

!

!

interface Multilink1

ip address 192.168.1.24 255.255.255.0

no cdp enable

ppp multilink

no ppp multilink fragmentation

multilink-group 1

!

interface Serial0

ip address 192.168.1.20 255.255.255.0

no ip route-cache

service-module t1 clock source internal

bridge-group 1

!

interface Serial1

no ip address

encapsulation ppp

no fair-queue

service-module t1 clock source internal

ppp multilink

multilink-group 1

!

interface FastEthernet0

ip address 192.168.1.20 255.255.255.0

no ip route-cache

speed auto

bridge-group 1

!

ip classless

no ip http server

!

bridge 1 protocol ieee

!

line con 0

transport input none

line aux 0

line vty 0 4

password xxxx

login

!

end

Below is the running config for the warehouse side router:

Current configuration:

!

version 12.1

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Warehouse_PTP_Router

!

enable password xxxx

!

!

!

!

!

memory-size iomem 25

ip subnet-zero

no ip routing

!

!

!

!

interface Multilink1

ip address 192.168.1.26 255.255.255.0

ppp multilink

no ppp multilink fragmentation

multilink-group 1

!

interface Serial0

ip address 192.168.1.21 255.255.255.0

no ip route-cache

bridge-group 1

!

interface Serial1

no ip address

encapsulation ppp

no ip route-cache

no fair-queue

ppp multilink

multilink-group 1

!

interface FastEthernet0

ip address 192.168.1.21 255.255.255.0

no ip route-cache

speed auto

bridge-group 1

!

ip classless

no ip http server

!

bridge 1 protocol ieee

!

line con 0

transport input none

line aux 0

line vty 0 4

password xxxx

login

!

end

Almost there...

You need to change a few things. And the IP addresses you use, are really up to you. But I'm hoping the steps here will give you some idea.

One Caveat, doing these things WILL break your current connectivity, including connectivity to the routers! So proceed at your own risk...

First, place the multilink interfaces in their own subnet for example 192.168.254.0/24 with .1 for HQ and .2 for Warehouse.

Next, and remember, this will break your connectivity, Next, enable 'ip routing' (instead of your current 'no ip routing') on both sides. I would do Warehouse first, then HQ. This way you can make the without locking yourself out entirely...

From HQ router (and you MUST do this from the HQ router), once the Multilink interface comes up, telnet to the Warehouse multilink address and assign a new subnet/address to the warehouse fastethernet, ie 192.168.2.1 /24.

Next place a static/default route on Warehouse:

ip route 0.0.0.0 0.0.0.0 192.168.254.1

Next, place a static route on HQ so it knows what subnets are at the Warehouse:

ip route 192.168.2.0 255.255.255.0 192.168.254.2

At this point, you will be bridging all non-routable traffic on Serial0, and routing IP on Serial 1.

After all that is working, you can remove all bridging references and add the ppp and mulitlink group commands to Serial 0. At this point, you're bundled.

Obviously, you will need to update warehouse computers with the new subnet addressing, including 192.168.2.x, subnet mask of 255.255.255.0 and default gateway of 192.168.2.1.

During my testing the other day I enabled IP routing which caused the routers to sporadically lose connectivity. Is this normal? Even though all IPs on the routers are within the same subnet? Should I be thinking about upgrading the IOS anyways or is this behavior normal?

Until you get all these changes made, and fully convert to a routed approach, including new subnets, no bridging, etc., things will be unstable.

If it were me, I'd convert before introducing any new surprises.

You can search the Bug Toolkit for any known issues related to your current or new IOS.

http://www.cisco.com/cgi-bin/Support/Bugtool/home.pl

Right now the warehouse PCs access the internet throught the corporate firewall. Will changing the IP scheme on the warehouse require additional ip routes?

The HQ router will need a default route to the corporate firewall, in addition to the route to the warehouse subnet I mentioned before.

The Warehouse router will just need its default route to the HQ router multilink IP.

PCs in the warehouse will need to use the Warehouse Fastethernet IP for their default gateway.

And finally, the corporate firewall will need a route to the Warehouse subnet via the HQ Fastethernet IP.

How did it go with your migration?

Everything went smooth. The only thing is the warehouse users still complain about slowness when running one application over the connection (nothing makes them happy). So I guess they will still have to use citrix for that application. Other than that I've been testing the speed I can see a definite improvment. There is only one thing that isn't working. We sometimes use dameware to connect to the warehouse workstations but after the new configuration we lost connection through dameware, even though when can connect via RDP & Citrix. Dameware uses port 6129. Would the router be blocking this port?

Thanks again to everyone for all the input it helped a lot!!

Are there any access-lists of any sort on this router ? Is this application using TCP ?