Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
310
Views
0
Helpful
1
Replies

ISDN backup using dialers problem

katerina.dardoufa
Level 4
Level 4

‎02-23-2011 12:17 AM - edited ‎03-06-2019 03:42 PM

Hello,

up to now we were using ISDN lines to backup our componies branches and everything was working fine. Bellow I attach a sample config of the working situation:

Central site

(PRI)

controller E1 3/0
framing NO-CRC4
pri-group timeslots 1-31

interface Serial3/0:15
no ip address
encapsulation ppp
dialer pool-member 1
dialer pool-member 2
isdn switch-type primary-net5

(sample dialer int)

interface Dialer371
ip address 192.168.16.134 255.255.255.252
encapsulation ppp
ip ospf database-filter all out
dialer pool 1
dialer idle-timeout 0
dialer caller 2102855240
no cdp enable
************************************************

Remote site (branch)

interface BRI0/1/0
bandwidth 64
ip address 192.168.16.133 255.255.255.252
encapsulation ppp
dialer map ip 192.168.16.134 broadcast 2106799800
dialer-group 2
isdn switch-type basic-net3
isdn point-to-point-setup
isdn calling-number 2102855240
no cdp enable
ppp multilink

access-list 101 deny   ospf any any
access-list 101 deny   udp any any eq snmp
access-list 101 deny   udp any any eq snmptrap
access-list 101 deny   udp any any eq ntp
access-list 101 deny   ip 192.168.91.0 0.0.0.255 10.130.128.0 0.0.0.255
access-list 101 deny   ip 192.168.91.0 0.0.0.255 10.150.128.0 0.0.0.255
access-list 101 permit ip 192.168.91.0 0.0.0.255 10.0.0.0 0.255.255.255
access-list 101 permit ip 192.168.91.0 0.0.0.255 192.168.0.0 0.0.255.255
access-list 101 permit ip 192.168.91.0 0.0.0.255 172.16.0.0 0.15.255.255
access-list 101 permit ip host 192.168.1.91 host 192.168.1.1
access-list 101 permit ip host 192.168.1.91 host 192.168.1.2
dialer-list 2 protocol ip list 101

**********************************************************************************************

**********************************************************************************************

What I want to try to accomplish is to use the ISDN line for both backup and out-of-band management (call the branch from the central site). It seems that I don't have a problem with the out-of -band management config (sample shown bellow - I can ping between the two endpoints)

(Central site config)

interface Dialer1371
ip address 10.123.123.1 255.255.255.252
encapsulation ppp
dialer pool 2
dialer string 2261089808
dialer caller 2102855240
dialer-group 3

access-list 100 deny   ospf any any
access-list 100 deny   udp any any eq snmp
access-list 100 deny   udp any any eq snmptrap
access-list 100 deny   udp any any eq ntp
access-list 100 permit ip 10.123.123.0 0.0.0.255 10.123.123.0 0.0.0.255
dialer-list 3 protocol ip list 100

********* remote site config for out-of-band management **************

interface BRI0/1/0
bandwidth 64
no ip address
encapsulation ppp
dialer pool-member 1
dialer pool-member 2
isdn switch-type basic-net3
isdn point-to-point-setup
ppp multilink

interface Dialer2
bandwidth 64
ip address 10.123.123.2 255.255.255.252
encapsulation ppp
dialer pool 2
dialer caller 2106799800
no cdp enable

****************************************************

The problem arises with the ISDN backup config. Bellow I have attached the corresponding config as well as the "debug ppp negotiation" output"

Central site  (same as original config)

(PRI)

controller E1 3/0
  framing NO-CRC4
  pri-group timeslots 1-31

interface Serial3/0:15
  no ip address
  encapsulation ppp
  dialer pool-member 1
  dialer pool-member 2
  isdn switch-type primary-net5

interface Dialer371

ip address 192.168.16.134 255.255.255.252

encapsulation ppp

ip ospf database-filter all out

dialer pool 1

dialer idle-timeout 0

dialer caller 2102855240

no cdp enable

*****************************************************

Branch config

interface BRI0/1/0
bandwidth 64
no ip address
encapsulation ppp
dialer pool-member 1
dialer pool-member 2
isdn switch-type basic-net3
isdn point-to-point-setup
no cdp enable
ppp multilink
!        
interface Dialer1
ip address 192.168.16.133 255.255.255.252
encapsulation ppp
dialer pool 1
dialer string 2106799800
dialer caller 2102855240
dialer-group 2
no cdp enable

access-list 101 deny   ospf any any
access-list 101 deny   udp any any eq snmp
access-list 101 deny   udp any any eq snmptrap
access-list 101 deny   udp any any eq ntp
access-list 101 deny   ip 192.168.91.0 0.0.0.255 10.130.128.0 0.0.0.255
access-list 101 deny   ip 192.168.91.0 0.0.0.255 10.150.128.0 0.0.0.255
access-list 101 permit ip 192.168.91.0 0.0.0.255 10.0.0.0 0.255.255.255
access-list 101 permit ip 192.168.91.0 0.0.0.255 192.168.0.0 0.0.255.255
access-list 101 permit ip 192.168.91.0 0.0.0.255 172.16.0.0 0.15.255.255
access-list 101 permit ip host 192.168.1.91 host 192.168.1.1
access-list 101 permit ip host 192.168.1.91 host 192.168.1.2
dialer-list 2 protocol ip list 101

Debug ppp negotiation (on branch side)

TELONIO-ATH-371#isdn test call int bri0/1/0 2106799800
TELONIO-ATH-371#
Feb 23 10:06:55 EET: %LINK-3-UPDOWN: Interface BRI0/1/0:1, changed state to up
Feb 23 10:06:55 EET: %ISDN-6-CONNECT: Interface BRI0/1/0:1 is now connected to 2106799800 N/A
Feb 23 10:06:55 EET: BR0/1/0:1 PPP: Using dialer call direction
Feb 23 10:06:55 EET: BR0/1/0:1 PPP: Treating connection as a callout
Feb 23 10:06:55 EET: BR0/1/0:1 PPP: Session handle[A800000F] Session id[9]
Feb 23 10:06:55 EET: BR0/1/0:1 PPP: Phase is ESTABLISHING, Active Open
Feb 23 10:06:55 EET: BR0/1/0:1 PPP: No remote authentication for call-out
Feb 23 10:06:55 EET: BR0/1/0:1 LCP: O CONFREQ [Closed] id 17 len 32
Feb 23 10:06:55 EET: BR0/1/0:1 LCP:    MagicNumber 0x92919AD8 (0x050692919AD8)
Feb 23 10:06:55 EET: BR0/1/0:1 LCP:    MRRU 1524 (0x110405F4)
Feb 23 10:06:55 EET: BR0/1/0:1 LCP:    EndpointDisc 1 TELONIO-ATH-371
Feb 23 10:06:55 EET: BR0/1/0:1 LCP:     (0x13120154454C4F4E494F2D4154482D33)
Feb 23 10:06:55 EET: BR0/1/0:1 LCP:     (0x3731)
Feb 23 10:06:55 EET: BR0/1/0:1 LCP: I CONFREQ [REQsent] id 171 len 10
Feb 23 10:06:55 EET: BR0/1/0:1 LCP:    MagicNumber 0x5B9A7D2E (0x05065B9A7D2E)
Feb 23 10:06:55 EET: BR0/1/0:1 LCP: O CONFACK [REQsent] id 171 len 10
Feb 23 10:06:55 EET: BR0/1/0:1 LCP:    MagicNumber 0x5B9A7D2E (0x05065B9A7D2E)
Feb 23 10:06:55 EET: BR0/1/0:1 LCP: I CONFREJ [ACKsent] id 17 len 8
Feb 23 10:06:55 EET: BR0/1/0:1 LCP:    MRRU 1524 (0x110405F4)
Feb 23 10:06:55 EET: BR0/1/0:1 LCP: O CONFREQ [ACKsent] id 18 len 28
Feb 23 10:06:55 EET: BR0/1/0:1 LCP:    MagicNumber 0x92919AD8 (0x050692919AD8)
Feb 23 10:06:55 EET: BR0/1/0:1 LCP:    EndpointDisc 1 TELONIO-ATH-371
Feb 23 10:06:55 EET: BR0/1/0:1 LCP:     (0x13120154454C4F4E494F2D4154482D33)
Feb 23 10:06:55 EET: BR0/1/0:1 LCP:     (0x3731)
Feb 23 10:06:55 EET: BR0/1/0:1 LCP: I CONFACK [ACKsent] id 18 len 28
Feb 23 10:06:55 EET: BR0/1/0:1 LCP:    MagicNumber 0x92919AD8 (0x050692919AD8)
Feb 23 10:06:55 EET: BR0/1/0:1 LCP:    EndpointDisc 1 TELONIO-ATH-371
Feb 23 10:06:55 EET: BR0/1/0:1 LCP:     (0x13120154454C4F4E494F2D4154482D33)
Feb 23 10:06:55 EET: BR0/1/0:1 LCP:     (0x3731)
Feb 23 10:06:55 EET: BR0/1/0:1 LCP: State is Open
Feb 23 10:06:55 EET: BR0/1/0:1 PPP: Phase is FORWARDING, Attempting Forward
Feb 23 10:06:55 EET: BR0/1/0:1 PPP: Phase is ESTABLISHING, Finish LCP
Feb 23 10:06:55 EET: BR0/1/0:1 PPP: Phase is UP
Feb 23 10:06:55 EET: BR0/1/0:1 PPP: Process pending ncp packets
Feb 23 10:06:55 EET: BR0/1/0:1 IPCP: I CONFREQ [Not negotiated] id 1 len 10
Feb 23 10:06:55 EET: BR0/1/0:1 IPCP:    Address 192.168.16.134 (0x0306C0A81086)
Feb 23 10:06:55 EET: BR0/1/0:1 LCP: O PROTREJ [Open] id 19 len 16 protocol IPCP (0x80210101000A0306C0A81086)
Feb 23 10:06:56 EET: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0/1/0:1, changed state to up

IPCP never transitions to [OPEN] and the route to 192.168.16.133/32 is never inserted.

Any suggestions would be highly appreciated.

Thanks in advance,

Katerina

Labels:
0 Helpful
1 Reply 1

katerina.dardoufa
Level 4
Level 4

‎02-25-2011 04:06 AM

Ok, I got it working! It seems that the problem was something really minor For some reason somebody had removed the floating static "ip route 0.0.0.0 0.0.0.0 192.168.16.134 250" from the config!!!!

The working config for both isdn backup and out-of-band management is:

Remote branch

interface BRI0/1/0
bandwidth 64
no ip address
encapsulation ppp
dialer pool-member 2
dialer pool-member 1
isdn switch-type basic-net3
isdn point-to-point-setup
no cdp enable
ppp multilink

interface Dialer1

description ISDN-backup
ip address 192.168.16.133 255.255.255.252
encapsulation ppp
dialer pool 1
dialer string 2106799800
dialer caller 2102855240
dialer-group 2
no peer default ip address
fair-queue
no cdp enable
!        
interface Dialer2

description OUT-OF-BAND MANAGEMENT

ip address 10.123.123.6 255.255.255.252
encapsulation ppp
dialer pool 2
dialer caller 2106799800
no cdp enable

ip route 0.0.0.0 0.0.0.0 192.168.16.134 250

access-list 101 deny   ospf any any
access-list 101 deny   udp any any eq snmp
access-list 101 deny   udp any any eq snmptrap
access-list 101 deny   udp any any eq ntp
access-list 101 deny   ip 192.168.91.0 0.0.0.255 10.130.128.0 0.0.0.255
access-list 101 deny   ip 192.168.91.0 0.0.0.255 10.150.128.0 0.0.0.255
access-list 101 permit ip 192.168.91.0 0.0.0.255 10.0.0.0 0.255.255.255
access-list 101 permit ip 192.168.91.0 0.0.0.255 192.168.0.0 0.0.255.255
access-list 101 permit ip 192.168.91.0 0.0.0.255 172.16.0.0 0.15.255.255
access-list 101 permit ip host 192.168.1.91 host 192.168.1.1
access-list 101 permit ip host 192.168.1.91 host 192.168.1.2
access-list 101 permit ip host 192.168.16.133 host 192.168.16.134   //this line is only for testing purposes

dialer-list 2 protocol ip list 101

Main Site

interface Dialer371
description xxxxx
ip address 192.168.16.134 255.255.255.252
encapsulation ppp
ip ospf database-filter all out
dialer pool 1
dialer idle-timeout 0
dialer caller 2102855240

fair-queue
no cdp enable

interface Dialer1371
description OUT-OF-BAND
ip address 10.123.123.5 255.255.255.252
encapsulation ppp
dialer pool 2
dialer string 2102855240
dialer caller 2106799800
dialer-group 3

access-list 100 deny   ospf any any
access-list 100 deny   udp any any eq snmp
access-list 100 deny   udp any any eq snmptrap
access-list 100 deny   udp any any eq ntp
access-list 100 permit ip 10.123.123.0 0.0.0.255 10.123.123.0 0.0.0.255
dialer-list 3 protocol ip list 100

*********************************************************************************************************************


Before I found the correct solution to the problem (missing route), I experimented with a lot of configurations and this was the most interesting (it helped me overcome the IPCP problem. In conjunction with the last entry in access-list 101 I finally managed to install the 192.168.16.134/32 route and that helped me see that the floating static was missing, because when i turned the traffic through ISDN I couldn't ping anything)!

Remote branch

interface BRI0/1/0
bandwidth 64
no ip address
encapsulation ppp
dialer pool-member 2
dialer pool-member 1
isdn switch-type basic-net3
isdn point-to-point-setup
no cdp enable
ppp multilink

interface Dialer1
ip address 192.168.16.133 255.255.255.252
encapsulation ppp
dialer pool 1
dialer string 2106799800
dialer caller 2102855240
dialer-group 2
peer default ip address 192.168.16.134
fair-queue
no cdp enable
!
interface Dialer2
ip address 10.123.123.6 255.255.255.252
encapsulation ppp
dialer pool 2
dialer caller 2106799800
no cdp enable
!

access-list 101 deny   ospf any any
access-list 101 deny   udp any any eq snmp
access-list 101 deny   udp any any eq snmptrap
access-list 101 deny   udp any any eq ntp
access-list 101 deny   ip 192.168.91.0 0.0.0.255 10.130.128.0 0.0.0.255
access-list 101 deny   ip 192.168.91.0 0.0.0.255 10.150.128.0 0.0.0.255
access-list 101 permit ip 192.168.91.0 0.0.0.255 10.0.0.0 0.255.255.255
access-list 101 permit ip 192.168.91.0 0.0.0.255 192.168.0.0 0.0.255.255
access-list 101 permit ip 192.168.91.0 0.0.0.255 172.16.0.0 0.15.255.255
access-list 101 permit ip host 192.168.1.91 host 192.168.1.1
access-list 101 permit ip host 192.168.1.91 host 192.168.1.2
access-list 101 permit ip host 192.168.16.133 host 192.168.16.134
dialer-list 2 protocol ip list 101

Main site:

interface Dialer371
description TELONIO ATHINON (LIMATA)
ip address negotiated
encapsulation ppp
ip ospf database-filter all out
dialer pool 1
dialer idle-timeout 0
dialer caller 2102855240
no peer default ip address
fair-queue
no cdp enable
ppp ipcp mask request

interface Dialer1371
description OUT-OF-BAND TELWNEIO-ATH
ip address 10.123.123.5 255.255.255.252
encapsulation ppp
dialer pool 2
dialer string 2102855240
dialer caller 2106799800
dialer-group 3

access-list 100 deny   ospf any any
access-list 100 deny   udp any any eq snmp
access-list 100 deny   udp any any eq snmptrap
access-list 100 deny   udp any any eq ntp
access-list 100 permit ip 10.123.123.0 0.0.0.255 10.123.123.0 0.0.0.255
dialer-list 3 protocol ip list 100

Hope this helps anybody experiencing similar problems!

Katerina

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card