10-15-2002 07:21 PM - edited 07-04-2021 11:27 PM
Hi,
I am running a mobileip configuration involving HUT dynamics Mobile Agents.
I am currently trying to move this configuration on a Cisco 2600 (cf running conf below).
My plan is to end up with a single, two interfaces, box running collocated HA and FA.
My main MobileIP MN is a Wintel Birdstep client.
I tested the following configurations:
Dynamics FA - Cisco HA - working
Cisco FA - Dynamics HA - working but for the first point listed below
Cisco FA - Cisco HA (collocated) - registration fails, see point 2 below
In this process, I am facing, at least two problems:
1) FA: My MN is configured to require Reverse Tunneling, but the cisco FA deny the resquest:
Reply Code: Reg Deny - Requested Reverse Tunnel unavailable (74) - Then MN reregister without requiring reverse tunneling and the registration succeeds
2) HA: when connectivity involve collocated cisco FA and HA, registration failed with:
Reply Code: Reg Deny - Unspecified (128)
Any idea on what is going on?
Did I miss something in my configuration or am I demanding to much to the box?
Thx
Pierre
sh version
Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-IK9S-M), Version 12.2(11)T, RELEASE SOFTWARE (f)TAC Support: http://www.cisco.com/tac
Copyright (c) 1986-2002 by cisco Systems, Inc.
Compiled Thu 01-Aug-02 12:33 by ccai
Image text-base: 0x8000809C, data-base: 0x817DAA08
ROM: System Bootstrap, Version 12.1(3r)T2, RELEASE SOFTWARE (fc1)
Stan uptime is 4 days, 7 hours, 13 minutes
System returned to ROM by power-on
System restarted at 16:00:02 Pacific Sun Feb 28 1993
System image file is "flash:c2600-ik9s-mz.122-11.T.bin"
cisco 2621 (MPC860) processor (revision 0x200) with 60416K/5120K bytes of memor.Processor board ID JAD05020DTA (2389385381)
M860 processor: part number 0, mask 49
Bridging software.
X.25 software, Version 3.0.0.
2 FastEthernet/IEEE 802.3 interface(s)
1 Serial network interface(s)
32K bytes of non-volatile configuration memory.
16384K bytes of processor board System flash (Read/Write)
Configuration register is 0x2102
sh run:
Using 2670 out of 29688 bytes
!
! Last configuration change at 20:33:40 Pacific Sat Mar 27 1993
! NVRAM config last updated at 20:38:32 Pacific Sat Mar 27 1993
!
version 12.2
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname xxx
!
logging buffered 4096 debugging
enable secret x xxxxxxxxxxxxxxxx
!
username maxx password x xxxxxxxxxxxxxxxxxx
clock timezone Pacific -8
clock summer-time PDT recurring
ip subnet-zero
!
voice call carrier capacity active
!
mta receive maximum-recipients 0
!
!
interface FastEthernet0/0
ip address 192.168.55.20 255.255.255.0
duplex auto
speed auto
!
interface Serial0/0
no ip address
load-interval 30
shutdown
no fair-queue
service-module t1 timeslots 1-24
!
interface FastEthernet0/1
ip address 192.168.2.30 255.255.255.0
ip irdp
ip irdp maxadvertinterval 10
ip irdp minadvertinterval 7
ip irdp holdtime 30
ip mobile foreign-service
ip mobile registration-lifetime 3600
duplex auto
speed auto
!
router mobile
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.55.x
no ip http server
ip mobile home-agent
ip mobile host 192.168.55.150 192.168.55.160 interface FastEthernet0/0
ip mobile foreign-agent care-of FastEthernet0/0
ip mobile secure host 192.168.55.150 192.168.55.160 spi 1000 key hex 12345678123456781234567812345678
!
!
logging trap warnings
access-list 101 deny ospf any any
access-list 101 permit ip any any
!
call rsvp-sync
!
mgcp profile default
!
dial-peer cor custom
!
banner motd ^C
This system is for the use of authorized users only.
Individuals using this computer system without authority,
or in excess of their authority, are subject to having all
of their activities on this system monitored and recorded
by system personnel.
In the course of monitoring individuals improperly using
this system, or in the course of system maintenance, the
activities of authorized users may also be monitored.
Anyone using this system expressly consents to such
monitoring and is advised that if such monitoring reveals
possible evidence of criminal activity, system personnel
may provide the evidence of such monitoring to law
enforcement officials.
^C
!
line con 0
password x xxxxxxxxxx
login
line aux 0
password x xxxxxxxxxx
login
modem Dialin
modem autoconfigure type usr_courier
transport input all
speed 300
line vty 0 4
password x xxxxxxxxxxxx
login
line vty 5 15
login
!
ntp clock-period 17180532
ntp master 2
ntp server xxxxxxxxx prefer
!
end
10-15-2002 07:44 PM
Hi Pierre.
1) FA: My MN is configured to require Reverse Tunneling, but the cisco FA deny the resquest:
Reply Code: Reg Deny - Requested Reverse Tunnel unavailable (74) - Then MN reregister without requiring reverse tunneling and the registration succeeds
You need to enable reverse tunneling on the interface.
interface FastEthernet0/1
ip mobile foreign-service reverse-tunnel
2) HA: when connectivity involve collocated cisco FA and HA, registration failed with:
Reply Code: Reg Deny - Unspecified (128)
Any idea on what is going on?
Please turn on debugging and provide the output to us.
debug ip mobile
Thanks.
Kent
10-17-2002 09:33 AM
Hi Kent,
thanks for your quick answer,
Question:
in which IOS release does the reverse tunnel feature appears?
I am running 12.2(11)T and I am only proposed with 3 options to the command
ip mobile foreign-service
home-access
limit
registration-required
Thx again
Pierre
10-17-2002 07:44 PM
Reverse tunnel feature will appear in 12.2(13)T, which should be
released soon.
Kent
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide