(usr-tc) Routing a subnet to an ISDN dialup customer
OK gang, this is new territory for me, so be gentle. I wish to route a /27 network to an ISDN dialup customer. Currently, this TC has a /24 block assigned to it for dynamic dialup. I will be using a /27 out of a different /24 block. What configuration steps do I need to take on the TC to allow it to assign this block to this dialup customer? Note that I am not running RIP. This customer will ALWAYS hit this particular TC, so there is no need to announce the route. I will manually route the block to the TC. Additionally, if anyone would like to share the appropriate radius attributes to include in this user's profile (I use VOPRadius), I'd appreciate it. TIA, -- Scot - To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
Since you will be routing them a network, not using a routing protocol to announce it, and only have a single TC, just give them a static IP on the TC Lan and let proxy arp do it's thing. TC GW 192.168.1.1 TC IP 192.168.1.2 TC POOL whatever User Static IP 192.168.1.200 (PPP WAN DEVICE IP) User Ethernet IP 192.168.20.1 (LAN DEVICE IP) on GW router : ip route 192.168.20.0 255.255.255.224 192.168.1.200 (so net is 192.168.20.0/27) RADIUS entry : username Auth-Type = System Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Address = 192.168.1.200, Framed-IP-Netmask = 255.255.255.255, Framed-Routing = None, Framed-Compression = Van-Jacobson-TCP-IP, Port-Limit = 2, Idle-Timeout = 1200, Session-Timeout = 28800, Framed-MTU = 1500 Marshall Morgan Internet Doorway, Inc (aka NETDOOR) http://www.netdoor.com 601.969.1434 x28 | 800.952.1570 x28 | 601.969.3629 x28 | Fax 601.969.3838 ----- Original Message ----- From: "Scot Desort" <scot@njaccess.net> To: <usr-tc@lists.xmission.com> Sent: Wednesday, May 09, 2001 12:05 PM Subject: (usr-tc) Routing a subnet to an ISDN dialup customer
OK gang, this is new territory for me, so be gentle.
I wish to route a /27 network to an ISDN dialup customer. Currently, this TC has a /24 block assigned to it for dynamic dialup. I will be using a /27 out of a different /24 block.
What configuration steps do I need to take on the TC to allow it to assign this block to this dialup customer? Note that I am not running RIP. This customer will ALWAYS hit this particular TC, so there is no need to announce the route. I will manually route the block to the TC.
Additionally, if anyone would like to share the appropriate radius attributes to include in this user's profile (I use VOPRadius), I'd appreciate it.
TIA,
-- Scot
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
Using this theory, clients would be able to use any routing protocol enabled on our router, as the Netserver puts them virtually on the lan. or can they only use routing protocols running on the Netserver Am I thinking straight or in need of sleep :) Aaron Marshall Morgan wrote:
Since you will be routing them a network, not using a routing protocol to announce it, and only have a single TC, just give them a static IP on the TC Lan and let proxy arp do it's thing.
TC GW 192.168.1.1 TC IP 192.168.1.2 TC POOL whatever
User Static IP 192.168.1.200 (PPP WAN DEVICE IP) User Ethernet IP 192.168.20.1 (LAN DEVICE IP)
on GW router :
ip route 192.168.20.0 255.255.255.224 192.168.1.200
(so net is 192.168.20.0/27)
RADIUS entry :
username Auth-Type = System Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Address = 192.168.1.200, Framed-IP-Netmask = 255.255.255.255, Framed-Routing = None, Framed-Compression = Van-Jacobson-TCP-IP, Port-Limit = 2, Idle-Timeout = 1200, Session-Timeout = 28800, Framed-MTU = 1500
Marshall Morgan
Internet Doorway, Inc (aka NETDOOR) http://www.netdoor.com
601.969.1434 x28 | 800.952.1570 x28 | 601.969.3629 x28 | Fax 601.969.3838 ----- Original Message ----- From: "Scot Desort" <scot@njaccess.net> To: <usr-tc@lists.xmission.com> Sent: Wednesday, May 09, 2001 12:05 PM Subject: (usr-tc) Routing a subnet to an ISDN dialup customer
OK gang, this is new territory for me, so be gentle.
I wish to route a /27 network to an ISDN dialup customer. Currently, this TC has a /24 block assigned to it for dynamic dialup. I will be using a /27 out of a different /24 block.
What configuration steps do I need to take on the TC to allow it to assign this block to this dialup customer? Note that I am not running RIP. This customer will ALWAYS hit this particular TC, so there is no need to announce the route. I will manually route the block to the TC.
Additionally, if anyone would like to share the appropriate radius attributes to include in this user's profile (I use VOPRadius), I'd appreciate it.
TIA,
-- Scot
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
-- Thanks, Aaron Daniels Network Administrator Dataheart - To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
Netserver? Haven't used those in years - there are filters, smarter protocols available for routers with security (he stated he didn't have RIP running) and the whole netmask/broadcast thing on his static IP. Marshall Morgan Internet Doorway, Inc (aka NETDOOR) http://www.netdoor.com 601.969.1434 x28 | 800.952.1570 x28 | 601.969.3629 x28 | Fax 601.969.3838 ----- Original Message ----- From: "Aaron Daniels" <adaniels@dataheart.net> To: <usr-tc@lists.xmission.com> Sent: Thursday, May 10, 2001 1:53 AM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
Using this theory, clients would be able to use any routing protocol enabled on our router, as the Netserver puts them virtually on the lan. or can they only use routing protocols running on the Netserver
Am I thinking straight or in need of sleep :)
Aaron
Marshall Morgan wrote:
Since you will be routing them a network, not using a routing protocol
to
announce it, and only have a single TC, just give them a static IP on the TC Lan and let proxy arp do it's thing.
TC GW 192.168.1.1 TC IP 192.168.1.2 TC POOL whatever
User Static IP 192.168.1.200 (PPP WAN DEVICE IP) User Ethernet IP 192.168.20.1 (LAN DEVICE IP)
on GW router :
ip route 192.168.20.0 255.255.255.224 192.168.1.200
(so net is 192.168.20.0/27)
RADIUS entry :
username Auth-Type = System Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Address = 192.168.1.200, Framed-IP-Netmask = 255.255.255.255, Framed-Routing = None, Framed-Compression = Van-Jacobson-TCP-IP, Port-Limit = 2, Idle-Timeout = 1200, Session-Timeout = 28800, Framed-MTU = 1500
Marshall Morgan
Internet Doorway, Inc (aka NETDOOR) http://www.netdoor.com
601.969.1434 x28 | 800.952.1570 x28 | 601.969.3629 x28 | Fax 601.969.3838 ----- Original Message ----- From: "Scot Desort" <scot@njaccess.net> To: <usr-tc@lists.xmission.com> Sent: Wednesday, May 09, 2001 12:05 PM Subject: (usr-tc) Routing a subnet to an ISDN dialup customer
OK gang, this is new territory for me, so be gentle.
I wish to route a /27 network to an ISDN dialup customer. Currently, this TC has a /24 block assigned to it for dynamic dialup. I will be using a /27 out of a different /24 block.
What configuration steps do I need to take on the TC to allow it to assign this block to this dialup customer? Note that I am not running RIP. This customer will ALWAYS hit this particular TC, so there is no need to announce the route. I will manually route the block to the TC.
Additionally, if anyone would like to share the appropriate radius attributes to include in this user's profile (I use VOPRadius), I'd appreciate it.
TIA,
-- Scot
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
-- Thanks, Aaron Daniels Network Administrator Dataheart
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
Marshall: In your radius example:
Framed-IP-Address = 192.168.1.200, Framed-IP-Netmask = 255.255.255.255,
Doesn't this assign a single IP, 192.168.1.200 to the dialup user? ----- Original Message ----- From: "Marshall Morgan" <marshall@netdoor.com> To: <usr-tc@lists.xmission.com> Sent: Thursday, May 10, 2001 2:33 AM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
Since you will be routing them a network, not using a routing protocol to announce it, and only have a single TC, just give them a static IP on the TC Lan and let proxy arp do it's thing.
TC GW 192.168.1.1 TC IP 192.168.1.2 TC POOL whatever
User Static IP 192.168.1.200 (PPP WAN DEVICE IP) User Ethernet IP 192.168.20.1 (LAN DEVICE IP)
on GW router :
ip route 192.168.20.0 255.255.255.224 192.168.1.200
(so net is 192.168.20.0/27)
RADIUS entry :
username Auth-Type = System Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Address = 192.168.1.200, Framed-IP-Netmask = 255.255.255.255, Framed-Routing = None, Framed-Compression = Van-Jacobson-TCP-IP, Port-Limit = 2, Idle-Timeout = 1200, Session-Timeout = 28800, Framed-MTU = 1500
Marshall Morgan
Internet Doorway, Inc (aka NETDOOR) http://www.netdoor.com
601.969.1434 x28 | 800.952.1570 x28 | 601.969.3629 x28 | Fax 601.969.3838 ----- Original Message ----- From: "Scot Desort" <scot@njaccess.net> To: <usr-tc@lists.xmission.com> Sent: Wednesday, May 09, 2001 12:05 PM Subject: (usr-tc) Routing a subnet to an ISDN dialup customer
OK gang, this is new territory for me, so be gentle.
I wish to route a /27 network to an ISDN dialup customer. Currently, this TC has a /24 block assigned to it for dynamic dialup. I will be using a /27 out of a different /24 block.
What configuration steps do I need to take on the TC to allow it to assign this block to this dialup customer? Note that I am not running RIP. This customer will ALWAYS hit this particular TC, so there is no need to announce the route. I will manually route the block to the TC.
Additionally, if anyone would like to share the appropriate radius attributes to include in this user's profile (I use VOPRadius), I'd appreciate it.
TIA,
-- Scot
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
In your radius example:
Framed-IP-Address = 192.168.1.200, Framed-IP-Netmask = 255.255.255.255,
Doesn't this assign a single IP, 192.168.1.200 to the dialup user?
Yes. You stated you were going to route them a network via the gateway (or similar). The example I emailed has this in it. Marshall Morgan Internet Doorway, Inc (aka NETDOOR) http://www.netdoor.com 601.969.1434 x28 | 800.952.1570 x28 | 601.969.3629 x28 | Fax 601.969.3838 - To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
OK, so do I need to add a route within the TC so it knows to send 192.168.20.0/27 to 192.168.1.200? ----- Original Message ----- From: "Marshall Morgan" <marshall@netdoor.com> To: <usr-tc@lists.xmission.com> Sent: Thursday, May 10, 2001 4:21 PM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
In your radius example:
Framed-IP-Address = 192.168.1.200, Framed-IP-Netmask = 255.255.255.255,
Doesn't this assign a single IP, 192.168.1.200 to the dialup user?
Yes. You stated you were going to route them a network via the gateway (or similar). The example I emailed has this in it.
Marshall Morgan
Internet Doorway, Inc (aka NETDOOR) http://www.netdoor.com
601.969.1434 x28 | 800.952.1570 x28 | 601.969.3629 x28 | Fax 601.969.3838
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
No. Might want to pick up the following from Amazon. http://www.amazon.com/exec/obidos/ASIN/1565923200/o/qid=989614459/sr=8-1/ref =aps_sr_b_1_1/102-4104910-5894540 Managing Ip Networks With Cisco Routers ISBN: 1565923200 Marshall Morgan Internet Doorway, Inc (aka NETDOOR) http://www.netdoor.com 601.969.1434 x28 | 800.952.1570 x28 | 601.969.3629 x28 | Fax 601.969.3838 ----- Original Message ----- From: "Scot Desort" <scot@njaccess.net> To: <usr-tc@lists.xmission.com> Sent: Friday, May 11, 2001 9:21 AM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
OK, so do I need to add a route within the TC so it knows to send 192.168.20.0/27 to 192.168.1.200?
----- Original Message ----- From: "Marshall Morgan" <marshall@netdoor.com> To: <usr-tc@lists.xmission.com> Sent: Thursday, May 10, 2001 4:21 PM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
In your radius example:
Framed-IP-Address = 192.168.1.200, Framed-IP-Netmask = 255.255.255.255,
Doesn't this assign a single IP, 192.168.1.200 to the dialup user?
Yes. You stated you were going to route them a network via the gateway (or similar). The example I emailed has this in it.
Marshall Morgan
Internet Doorway, Inc (aka NETDOOR) http://www.netdoor.com
601.969.1434 x28 | 800.952.1570 x28 | 601.969.3629 x28 | Fax 601.969.3838
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
We here in Pakistan use E1 PRIs (30 channels per PRI). With TC1000 is it possible to use all 60 lines per chasis? I am using the following configuration Slot 1..........Dual PRI NAC Slot 2-15.........Quad Modems Slot 16.........Netserver PRI NAC Slot 17.........NMC........ In this configuration I can use only 14 modem cards or 56 ports. This wastes 4 ports per chasis. Is there any possible way to use 15th modem card ? Regards, Nauman. - To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
Using Quad modems is not possible... you must use hiperDSP in order to use all ports in PRI links. Regards, Jorge Lozano <jorge@andinet.com> NA and ISSO Andinet On Line <http://www.andinet.com> The only way to predict the future is... to create it! -----Mensaje original----- De: owner-usr-tc@lists.xmission.com [mailto:owner-usr-tc@lists.xmission.com]En nombre de Nauman Malik Enviado el: Sábado, 12 de Mayo de 2001 04:11 a.m. Para: usr-tc@lists.xmission.com Asunto: (usr-tc) E1 PRIs We here in Pakistan use E1 PRIs (30 channels per PRI). With TC1000 is it possible to use all 60 lines per chasis? I am using the following configuration Slot 1..........Dual PRI NAC Slot 2-15.........Quad Modems Slot 16.........Netserver PRI NAC Slot 17.........NMC........ In this configuration I can use only 14 modem cards or 56 ports. This wastes 4 ports per chasis. Is there any possible way to use 15th modem card ? Regards, Nauman. - To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message. - To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
Marshall- I know basic routing on a Cisco, and if I were were using a Cisco in this case, there would be no question. But I stated in my original post that I am new to the TC when it comes to how it handles routing. Reading a Cisco book is not going to help me enter commands at a HARC prompt. We run very basic single user dialup out of our TC, and now have the need to route a small network to a customer. I was hoping to get a little hand-holding from the folks on this list. I appreciate you taking the time to answer my questions. But I honestly don't think a Cisco book is going to help me here. A little more than '"No" might have been a little more helpful to me than the Amazon link. If there is some inherent feature in IP that handles the routing of the network to the dialup customer that I do not understand, I will certainly take the opportunity to read about it and try to comprehend it. Unfortunately, time is of the essence in this situation. Since your example illustrates that no commands need to be entered on the HARC, and that proxy arp will handle everything, I will try your suggestion. Thanks again for the help. -- Scot ----- Original Message ----- From: "Marshall Morgan" <marshall@netdoor.com> To: <usr-tc@lists.xmission.com> Sent: Friday, May 11, 2001 4:57 PM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
No. Might want to pick up the following from Amazon.
http://www.amazon.com/exec/obidos/ASIN/1565923200/o/qid=989614459/sr=8-1/ref
=aps_sr_b_1_1/102-4104910-5894540
Managing Ip Networks With Cisco Routers ISBN: 1565923200
Marshall Morgan
Internet Doorway, Inc (aka NETDOOR) http://www.netdoor.com
601.969.1434 x28 | 800.952.1570 x28 | 601.969.3629 x28 | Fax 601.969.3838 ----- Original Message ----- From: "Scot Desort" <scot@njaccess.net> To: <usr-tc@lists.xmission.com> Sent: Friday, May 11, 2001 9:21 AM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
OK, so do I need to add a route within the TC so it knows to send 192.168.20.0/27 to 192.168.1.200?
----- Original Message ----- From: "Marshall Morgan" <marshall@netdoor.com> To: <usr-tc@lists.xmission.com> Sent: Thursday, May 10, 2001 4:21 PM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
In your radius example:
Framed-IP-Address = 192.168.1.200, Framed-IP-Netmask = 255.255.255.255,
Doesn't this assign a single IP, 192.168.1.200 to the dialup user?
Yes. You stated you were going to route them a network via the gateway (or similar). The example I emailed has this in it.
Marshall Morgan
Internet Doorway, Inc (aka NETDOOR) http://www.netdoor.com
601.969.1434 x28 | 800.952.1570 x28 | 601.969.3629 x28 | Fax 601.969.3838
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
Hey Scott, I'll give you a hand. I've successfully gotten both single static IP's and routed subnets working through the HARC using OSPF. Are you using OSPF? If you are only using the one NAS then this is very simple, if you have multiple NAS's then you will need OSPF (RIPv2 would work, but I haven't touched it). For me getting the TCH to do what I wanted was a major PITA, mostly because 3com support was useless, and the documentation was very light in examples. So I fussed and fiddled, and gave up for a year, then dove back in and viola it started working! ;) Why don't you send me your problem via email (sorry I don't have your original post) and I will give you the run down on what I have done here, it may not exactly apply but I believe it will help you none the less. I'll give you what I have now and you can draw from that... 4) Lucent PM3 1) Lucent PM2 1) TotalControl 1) Cisco 3640 (DR for OSPF) All sit on the same Ethernet segment, 199.217.72.0/24 The Lucent NAS uses 209.102.67.0 for their IP pools, the TCH is 207.149.168.0 I use OSPF/VLSM to divy up the IP pools among the PM3's, the TCH just gets the whole class c since it has a much higher port density, the dialup modem pools are announced via OSPF, why? Because static IP customers (single or subnet) will hit different NAS's and the hardware needs to know where to send the packets, static routes don't cut it in this situation. We assign the static IP (single or subnet) via Radius, so you have to create an entry in your radius users file (this can vary depending on your Radius software) and for the TCH we have to add a "send policy" (this really had me stumped for a long time!) the PM3's just dealt with it. If you just have one NAS, then you can use static routing and be done with it, you will have to create a route in your router (which connects you to the Internet) and one in your NAS, and then create the Radius entry and your pretty much done. Here is a Livingston 2.0.1 Radius entry for a single static IP customer: joeuser Password = "its-a-secret-man!", User-Service-Type = Framed-User, Framed-Protocol = PPP, Framed-Address = 209.102.67.1, Framed-Netmask = 255.255.255.240, Framed-Routing = None, Framed-Compression = Van-Jacobsen-TCP-IP, Framed-MTU = 1500, Session-Timeout = 28800 Here is an entry for a static subnet: joeuser2 Password = "its-another-secret!", User-Service-Type = Framed-User, Framed-Protocol = PPP, Framed-Address = 209.102.66.9, Framed-Route = "209.102.66.8/29 209.102.66.9 1", Framed-Routing = None, Framed-Compression = Van-Jacobsen-TCP-IP, Framed-MTU = 1500 So there you go, if you ARE running OSPF let me know and I'll go into a little more detail on that end of things. Disclaimer, I'm not an expert! I look up to guys like Mike Andrews and Jeff Mcadams, they have a LOT more experience with the 3com gear than I, but I did manage to figure it out over time, by reading examples and blowing up a few things along the way (well not that bad)... :-) - To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
Please a litle question... I use the netserer 16 anolog.. and wotk fine with radius. ( iam using icradiun now ).. but netserver box not send for radius the "Acct-Input-Octets and Acct-Input-Octets" RADIUS in a accounting request packet... In this box is possible activate this?? I want do a traffic monitor for my users.. Any help, thaks.. - To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
please if you have this answer post it to the list. albert.
-----Original Message----- From: owner-usr-tc@lists.xmission.com [mailto:owner-usr-tc@lists.xmission.com]On Behalf Of LIST Sent: Sunday, May 13, 2001 3:27 PM To: usr-tc@lists.xmission.com Subject: (usr-tc) USR Netserver 16 analog.. radius...Acct-Input-Octets and
Please a litle question... I use the netserer 16 anolog.. and wotk fine with radius. ( iam using icradiun now ).. but netserver box not send for radius the "Acct-Input-Octets and Acct-Input-Octets" RADIUS in a accounting request packet... In this box is possible activate this?? I want do a traffic monitor for my users.. Any help, thaks..
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
Mike- Thanks for your detailed explaination. At the first chance I get, I will give it a shot. -- Scot ----- Original Message ----- From: "Mike Greene" <mikeg@rockisland.com> To: <usr-tc@lists.xmission.com> Sent: Friday, May 11, 2001 9:42 PM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
Hey Scott, I'll give you a hand.
I've successfully gotten both single static IP's and routed subnets working through the HARC using OSPF. Are you using OSPF? If you are only using the one NAS then this is very simple, if you have multiple NAS's then you will need OSPF (RIPv2 would work, but I haven't touched it).
For me getting the TCH to do what I wanted was a major PITA, mostly because 3com support was useless, and the documentation was very light in examples. So I fussed and fiddled, and gave up for a year, then dove back in and viola it started working! ;)
Why don't you send me your problem via email (sorry I don't have your original post) and I will give you the run down on what I have done here, it may not exactly apply but I believe it will help you none the less.
I'll give you what I have now and you can draw from that...
4) Lucent PM3 1) Lucent PM2 1) TotalControl
1) Cisco 3640 (DR for OSPF)
All sit on the same Ethernet segment, 199.217.72.0/24 The Lucent NAS uses 209.102.67.0 for their IP pools, the TCH is 207.149.168.0
I use OSPF/VLSM to divy up the IP pools among the PM3's, the TCH just gets the whole class c since it has a much higher port density, the dialup modem pools are announced via OSPF, why? Because static IP customers (single or subnet) will hit different NAS's and the hardware needs to know where to send the packets, static routes don't cut it in this situation.
We assign the static IP (single or subnet) via Radius, so you have to create an entry in your radius users file (this can vary depending on your Radius software) and for the TCH we have to add a "send policy" (this really had me stumped for a long time!) the PM3's just dealt with it.
If you just have one NAS, then you can use static routing and be done with it, you will have to create a route in your router (which connects you to the Internet) and one in your NAS, and then create the Radius entry and your pretty much done.
Here is a Livingston 2.0.1 Radius entry for a single static IP customer:
joeuser Password = "its-a-secret-man!", User-Service-Type = Framed-User, Framed-Protocol = PPP, Framed-Address = 209.102.67.1, Framed-Netmask = 255.255.255.240, Framed-Routing = None, Framed-Compression = Van-Jacobsen-TCP-IP, Framed-MTU = 1500, Session-Timeout = 28800
Here is an entry for a static subnet:
joeuser2 Password = "its-another-secret!", User-Service-Type = Framed-User, Framed-Protocol = PPP, Framed-Address = 209.102.66.9, Framed-Route = "209.102.66.8/29 209.102.66.9 1", Framed-Routing = None, Framed-Compression = Van-Jacobsen-TCP-IP, Framed-MTU = 1500
So there you go, if you ARE running OSPF let me know and I'll go into a little more detail on that end of things.
Disclaimer, I'm not an expert! I look up to guys like Mike Andrews and Jeff Mcadams, they have a LOT more experience with the 3com gear than I, but I did manage to figure it out over time, by reading examples and blowing up a few things along the way (well not that bad)... :-)
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
Scott, Please read my original post - it contains all the necessary elements to get the job done. I have tried to be more clean in this email. You said: "What configuration steps do I need to take on the TC to allow it to assign this block to this dialup customer?" Answer is a Radius Entry (only as nothing is needed on the TC but you can if you wish do what Mike Greene stated): username Auth-Type = System Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Address = 192.168.1.200, Framed-IP-Netmask = 255.255.255.255, Framed-Routing = None, Framed-Compression = Van-Jacobson-TCP-IP, Port-Limit = 2, Idle-Timeout = 1200, Session-Timeout = 28800, Framed-MTU = 1500 As well, you stated: "Note that I am not running RIP. This customer will ALWAYS hit this particular TC, so there is no need to announce the route. I will manually route the block to the TC." Answer is: So that means you do not want to announce the route via any routing method and you will be manually routing (via the Cisco I assume) the block to it (in this case) the static the customer gets from the Radius profile. Since you will be routing them a network, not using a routing protocol to announce it, and only have a single TC, just give them a static IP on the TC Lan and let proxy arp do it's thing. TC GW 192.168.1.1 TC IP 192.168.1.2 TC POOL whatever on user's machine : User Static IP 192.168.1.200 (PPP WAN DEVICE IP) - I would ask them to set their software to dynamic as you will give it to them via Radius anyway - make their setup simplier. User Ethernet IP 192.168.20.1 (LAN DEVICE IP) on GW router (assume a Cisco): ip route 192.168.20.0 255.255.255.224 192.168.1.200 (so net is 192.168.20.0/27) I hope this better explains what works in the field and how easy your setup can be. PS: I have probably been on this list as long as other active members - I even have some of David Bolen's old email marked. I would like to think I have been very helpful to many people as well both now and in the past ;-) Marshall Morgan Internet Doorway, Inc (aka NETDOOR) http://www.netdoor.com 601.969.1434 x28 | 800.952.1570 x28 | 601.969.3629 x28 | Fax 601.969.3838 ----- Original Message ----- From: "Scot Desort" <scot@njaccess.net> To: <usr-tc@lists.xmission.com> Sent: Friday, May 11, 2001 7:17 PM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
Marshall-
I know basic routing on a Cisco, and if I were were using a Cisco in this case, there would be no question. But I stated in my original post that I am new to the TC when it comes to how it handles routing. Reading a Cisco book is not going to help me enter commands at a HARC prompt. We run very basic single user dialup out of our TC, and now have the need to route a small network to a customer. I was hoping to get a little hand-holding from the folks on this list.
I appreciate you taking the time to answer my questions. But I honestly don't think a Cisco book is going to help me here. A little more than '"No" might have been a little more helpful to me than the Amazon link. If there is some inherent feature in IP that handles the routing of the network to the dialup customer that I do not understand, I will certainly take the opportunity to read about it and try to comprehend it. Unfortunately, time is of the essence in this situation.
Since your example illustrates that no commands need to be entered on the HARC, and that proxy arp will handle everything, I will try your suggestion.
Thanks again for the help.
-- Scot
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
Marshall, I read your original post. And in my subsequent posts, it should have been a little obvious that I was having a little trouble following your example based on my follow-up questions. I do not doubt your past contributions to the list. I do appreciate you taking the time to answer my original question, and will try to implement your answer to my routing question when I am at the customer site this week, having Mike Green's example as a backup (or vice-versa, depending...). Thanks again, -- Scot ----- Original Message ----- From: "Marshall Morgan" <marshall@netdoor.com> To: <usr-tc@lists.xmission.com> Sent: Sunday, May 13, 2001 1:49 AM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
Scott,
Please read my original post - it contains all the necessary elements to get the job done. I have tried to be more clean in this email.
You said: "What configuration steps do I need to take on the TC to allow it to assign this block to this dialup customer?"
Answer is a Radius Entry (only as nothing is needed on the TC but you can if you wish do what Mike Greene stated):
username Auth-Type = System Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Address = 192.168.1.200, Framed-IP-Netmask = 255.255.255.255, Framed-Routing = None, Framed-Compression = Van-Jacobson-TCP-IP, Port-Limit = 2, Idle-Timeout = 1200, Session-Timeout = 28800, Framed-MTU = 1500
As well, you stated: "Note that I am not running RIP. This customer will ALWAYS hit this particular TC, so there is no need to announce the route. I will manually route the block to the TC."
Answer is: So that means you do not want to announce the route via any routing method and you will be manually routing (via the Cisco I assume) the block to it (in this case) the static the customer gets from the Radius profile.
Since you will be routing them a network, not using a routing protocol to announce it, and only have a single TC, just give them a static IP on the TC Lan and let proxy arp do it's thing.
TC GW 192.168.1.1 TC IP 192.168.1.2 TC POOL whatever
on user's machine :
User Static IP 192.168.1.200 (PPP WAN DEVICE IP) - I would ask them to set their software to dynamic as you will give it to them via Radius anyway - make their setup simplier. User Ethernet IP 192.168.20.1 (LAN DEVICE IP)
on GW router (assume a Cisco):
ip route 192.168.20.0 255.255.255.224 192.168.1.200
(so net is 192.168.20.0/27)
I hope this better explains what works in the field and how easy your setup can be.
PS: I have probably been on this list as long as other active members - I even have some of David Bolen's old email marked. I would like to think I have been very helpful to many people as well both now and in the past ;-)
Marshall Morgan
Internet Doorway, Inc (aka NETDOOR) http://www.netdoor.com
601.969.1434 x28 | 800.952.1570 x28 | 601.969.3629 x28 | Fax 601.969.3838 ----- Original Message ----- From: "Scot Desort" <scot@njaccess.net> To: <usr-tc@lists.xmission.com> Sent: Friday, May 11, 2001 7:17 PM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
Marshall-
I know basic routing on a Cisco, and if I were were using a Cisco in this case, there would be no question. But I stated in my original post that I am new to the TC when it comes to how it handles routing. Reading a Cisco book is not going to help me enter commands at a HARC prompt. We run very basic single user dialup out of our TC, and now have the need to route a small network to a customer. I was hoping to get a little hand-holding from the folks on this list.
I appreciate you taking the time to answer my questions. But I honestly don't think a Cisco book is going to help me here. A little more than '"No" might have been a little more helpful to me than the Amazon link. If there is some inherent feature in IP that handles the routing of the network to the dialup customer that I do not understand, I will certainly take the opportunity to read about it and try to comprehend it. Unfortunately, time is of the essence in this situation.
Since your example illustrates that no commands need to be entered on the HARC, and that proxy arp will handle everything, I will try your suggestion.
Thanks again for the help.
-- Scot
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
Let us know how it goes! Marshall Morgan Internet Doorway, Inc (aka NETDOOR) http://www.netdoor.com 601.969.1434 x28 | 800.952.1570 x28 | 601.969.3629 x28 | Fax 601.969.3838 ----- Original Message ----- From: "Scot Desort" <scot@njaccess.net> To: <usr-tc@lists.xmission.com> Sent: Monday, May 14, 2001 1:16 PM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
Marshall,
I read your original post. And in my subsequent posts, it should have been a little obvious that I was having a little trouble following your example based on my follow-up questions.
I do not doubt your past contributions to the list.
I do appreciate you taking the time to answer my original question, and will try to implement your answer to my routing question when I am at the customer site this week, having Mike Green's example as a backup (or vice-versa, depending...).
Thanks again,
-- Scot
----- Original Message ----- From: "Marshall Morgan" <marshall@netdoor.com> To: <usr-tc@lists.xmission.com> Sent: Sunday, May 13, 2001 1:49 AM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
Scott,
Please read my original post - it contains all the necessary elements to get the job done. I have tried to be more clean in this email.
You said: "What configuration steps do I need to take on the TC to allow it to assign this block to this dialup customer?"
Answer is a Radius Entry (only as nothing is needed on the TC but you can if you wish do what Mike Greene stated):
username Auth-Type = System Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Address = 192.168.1.200, Framed-IP-Netmask = 255.255.255.255, Framed-Routing = None, Framed-Compression = Van-Jacobson-TCP-IP, Port-Limit = 2, Idle-Timeout = 1200, Session-Timeout = 28800, Framed-MTU = 1500
As well, you stated: "Note that I am not running RIP. This customer will ALWAYS hit this particular TC, so there is no need to announce the route. I will manually route the block to the TC."
Answer is: So that means you do not want to announce the route via any routing method and you will be manually routing (via the Cisco I assume) the block to it (in this case) the static the customer gets from the Radius profile.
Since you will be routing them a network, not using a routing protocol to announce it, and only have a single TC, just give them a static IP on the TC Lan and let proxy arp do it's thing.
TC GW 192.168.1.1 TC IP 192.168.1.2 TC POOL whatever
on user's machine :
User Static IP 192.168.1.200 (PPP WAN DEVICE IP) - I would ask them to set their software to dynamic as you will give it to them via Radius anyway - make their setup simplier. User Ethernet IP 192.168.20.1 (LAN DEVICE IP)
on GW router (assume a Cisco):
ip route 192.168.20.0 255.255.255.224 192.168.1.200
(so net is 192.168.20.0/27)
I hope this better explains what works in the field and how easy your setup can be.
PS: I have probably been on this list as long as other active members - I even have some of David Bolen's old email marked. I would like to think I have been very helpful to many people as well both now and in the past ;-)
Marshall Morgan
Internet Doorway, Inc (aka NETDOOR) http://www.netdoor.com
601.969.1434 x28 | 800.952.1570 x28 | 601.969.3629 x28 | Fax 601.969.3838 ----- Original Message ----- From: "Scot Desort" <scot@njaccess.net> To: <usr-tc@lists.xmission.com> Sent: Friday, May 11, 2001 7:17 PM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
Marshall-
I know basic routing on a Cisco, and if I were were using a Cisco in this case, there would be no question. But I stated in my original post that I am new to the TC when it comes to how it handles routing. Reading a Cisco book is not going to help me enter commands at a HARC prompt. We run very basic single user dialup out of our TC, and now have the need to route a small network to a customer. I was hoping to get a little hand-holding from the folks on this list.
I appreciate you taking the time to answer my questions. But I honestly don't think a Cisco book is going to help me here. A little more than '"No" might have been a little more helpful to me than the Amazon link. If there is some inherent feature in IP that handles the routing of the network to the dialup customer that I do not understand, I will certainly take the opportunity to read about it and try to comprehend it. Unfortunately, time is of the essence in this situation.
Since your example illustrates that no commands need to be entered on the HARC, and that proxy arp will handle everything, I will try your suggestion.
Thanks again for the help.
-- Scot
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
Marshall / Mike Green- Well, I did not fair too well today trying to get the client in question functioning. Client is now using a Cisco 776M ISDN router. Their Netopia was having ISDN problems. First I tried your suggestion Marshall. I simply assigned the customer a static WAN IP through a radius profile, assigned that IP to the WAN link in their Cisco, and setup their LAN netblock. The router connects and authenticates fine, the router can ping out to the TC, and the TC can ping the static WAN IP. But a client on the remote LAN cannot ping beyond the Cisco router, and we could not ping into the client LAN IP's. Per your instructions, no route commands were entered on the TC, since you indicated that proxy arp would take care of it. Since that didn't work, I issued this command to the TC: add ip route <cust-netblock/netmask> gateway <static-WAN-IP> metric 1 No effect. I then tried Mike Green's approach. I assigned a static WAN IP through their radius profile, and included a framed route atrribute: Framed-Route <cust-netblock/netmask> <static-WAN-IP> 1 I also entered the same 'add ip route' statement into the TC. Same effect - we could only ping back and forth between the router and the TC using the WAN IP. When I issued a 'list ip routes" command at the TC, it showed the following <cust-netblock/netmask> NetMgr <static-WAN-IP> 1 <slotx:modx> I contacted Cisco who telnetted into the 776 to see if all was setup OK. After many hours, it is their best guess that something is wrong with the routing in the TC. If we turn on NAT in the 776, all stations on the customer LAN can browse since they are now being masked behind the static WAN IP, which is routing properly. I have all of my internal routers configured properly to route the customer's netblock to the TC through static route statements. All traceroutes from the outside show proper transit until the TC. The last good hop is the TC's ethernet port, then it dies. If either of you (or anyone else for that matter) has any ideas, I'll try anything at this point. All of our dedicated ISDN customer's with public LAN netblocks come into BRI cards in our Cisco routers, so this has always been a no-brainer on the Cisco's. We use Verizon ISDN Centrex for these customers delivered over standard BRI lines because our normal dialup PRI's that come into the TC are provided by a CLEC, and we can't get ISDN Centrex through them for our customers. TIA, -- Scot ----- Original Message ----- From: "Marshall Morgan" <marshall@netdoor.com> To: <usr-tc@lists.xmission.com> Sent: Tuesday, May 15, 2001 1:29 PM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
Let us know how it goes!
Marshall Morgan
Internet Doorway, Inc (aka NETDOOR) http://www.netdoor.com
601.969.1434 x28 | 800.952.1570 x28 | 601.969.3629 x28 | Fax 601.969.3838 ----- Original Message ----- From: "Scot Desort" <scot@njaccess.net> To: <usr-tc@lists.xmission.com> Sent: Monday, May 14, 2001 1:16 PM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
Marshall,
I read your original post. And in my subsequent posts, it should have been a little obvious that I was having a little trouble following your example based on my follow-up questions.
I do not doubt your past contributions to the list.
I do appreciate you taking the time to answer my original question, and will try to implement your answer to my routing question when I am at the customer site this week, having Mike Green's example as a backup (or vice-versa, depending...).
Thanks again,
-- Scot
----- Original Message ----- From: "Marshall Morgan" <marshall@netdoor.com> To: <usr-tc@lists.xmission.com> Sent: Sunday, May 13, 2001 1:49 AM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
Scott,
Please read my original post - it contains all the necessary elements to get the job done. I have tried to be more clean in this email.
You said: "What configuration steps do I need to take on the TC to allow it to assign this block to this dialup customer?"
Answer is a Radius Entry (only as nothing is needed on the TC but you can if you wish do what Mike Greene stated):
username Auth-Type = System Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Address = 192.168.1.200, Framed-IP-Netmask = 255.255.255.255, Framed-Routing = None, Framed-Compression = Van-Jacobson-TCP-IP, Port-Limit = 2, Idle-Timeout = 1200, Session-Timeout = 28800, Framed-MTU = 1500
As well, you stated: "Note that I am not running RIP. This customer will ALWAYS hit this particular TC, so there is no need to announce the route. I will manually route the block to the TC."
Answer is: So that means you do not want to announce the route via any routing method and you will be manually routing (via the Cisco I assume) the block to it (in this case) the static the customer gets from the Radius profile.
Since you will be routing them a network, not using a routing protocol to announce it, and only have a single TC, just give them a static IP on the TC Lan and let proxy arp do it's thing.
TC GW 192.168.1.1 TC IP 192.168.1.2 TC POOL whatever
on user's machine :
User Static IP 192.168.1.200 (PPP WAN DEVICE IP) - I would ask them to set their software to dynamic as you will give it to them via Radius anyway - make their setup simplier. User Ethernet IP 192.168.20.1 (LAN DEVICE IP)
on GW router (assume a Cisco):
ip route 192.168.20.0 255.255.255.224 192.168.1.200
(so net is 192.168.20.0/27)
I hope this better explains what works in the field and how easy your setup can be.
PS: I have probably been on this list as long as other active members - I even have some of David Bolen's old email marked. I would like to think I have been very helpful to many people as well both now and in the past ;-)
Marshall Morgan
Internet Doorway, Inc (aka NETDOOR) http://www.netdoor.com
601.969.1434 x28 | 800.952.1570 x28 | 601.969.3629 x28 | Fax 601.969.3838
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
The only thing I do at our end to configure a static subnet for a client is to enter the client router's ip address into the user table along with the client's subnet mask. I do not enter anything in the framed-route field. My TC's are configured to share RIP routes with each other, but not the core Cisco router (had problems overloading the router at 30 second intervals before). The Cisco directs traffic to each chassis by static routes. Nothing fancy going on and it works. Other than adding the customer to the user table and creating a static route in the core router everything else is done at the client side. I've used NetGear, Ascend, Cisco, Netopia, and WebRamp routers on the client side with this configuration, and probably a few I haven't been told about. Mark Thornton San Marcos Internet, Inc 512-393-5300 ----- Original Message ----- From: "Scot Desort" <scot@njaccess.net> To: <usr-tc@lists.xmission.com> Sent: Tuesday, May 29, 2001 9:58 PM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
Marshall / Mike Green-
Well, I did not fair too well today trying to get the client in question functioning. Client is now using a Cisco 776M ISDN router. Their Netopia was having ISDN problems.
First I tried your suggestion Marshall. I simply assigned the customer a static WAN IP through a radius profile, assigned that IP to the WAN link in their Cisco, and setup their LAN netblock. The router connects and authenticates fine, the router can ping out to the TC, and the TC can ping the static WAN IP. But a client on the remote LAN cannot ping beyond the Cisco router, and we could not ping into the client LAN IP's. Per your instructions, no route commands were entered on the TC, since you indicated that proxy arp would take care of it. Since that didn't work, I issued this command to the TC:
add ip route <cust-netblock/netmask> gateway <static-WAN-IP> metric 1
No effect.
I then tried Mike Green's approach. I assigned a static WAN IP through their radius profile, and included a framed route atrribute:
Framed-Route <cust-netblock/netmask> <static-WAN-IP> 1
I also entered the same 'add ip route' statement into the TC. Same effect - we could only ping back and forth between the router and the TC using the WAN IP.
When I issued a 'list ip routes" command at the TC, it showed the following
<cust-netblock/netmask> NetMgr <static-WAN-IP> 1 <slotx:modx>
I contacted Cisco who telnetted into the 776 to see if all was setup OK. After many hours, it is their best guess that something is wrong with the routing in the TC. If we turn on NAT in the 776, all stations on the customer LAN can browse since they are now being masked behind the static WAN IP, which is routing properly.
I have all of my internal routers configured properly to route the customer's netblock to the TC through static route statements. All traceroutes from the outside show proper transit until the TC. The last good hop is the TC's ethernet port, then it dies.
If either of you (or anyone else for that matter) has any ideas, I'll try anything at this point. All of our dedicated ISDN customer's with public LAN netblocks come into BRI cards in our Cisco routers, so this has always been a no-brainer on the Cisco's. We use Verizon ISDN Centrex for these customers delivered over standard BRI lines because our normal dialup PRI's that come into the TC are provided by a CLEC, and we can't get ISDN Centrex through them for our customers.
TIA,
-- Scot
----- Original Message ----- From: "Marshall Morgan" <marshall@netdoor.com> To: <usr-tc@lists.xmission.com> Sent: Tuesday, May 15, 2001 1:29 PM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
Let us know how it goes!
Marshall Morgan
Internet Doorway, Inc (aka NETDOOR) http://www.netdoor.com
601.969.1434 x28 | 800.952.1570 x28 | 601.969.3629 x28 | Fax 601.969.3838 ----- Original Message ----- From: "Scot Desort" <scot@njaccess.net> To: <usr-tc@lists.xmission.com> Sent: Monday, May 14, 2001 1:16 PM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
Marshall,
I read your original post. And in my subsequent posts, it should have been a little obvious that I was having a little trouble following your example based on my follow-up questions.
I do not doubt your past contributions to the list.
I do appreciate you taking the time to answer my original question, and will try to implement your answer to my routing question when I am at the customer site this week, having Mike Green's example as a backup (or vice-versa, depending...).
Thanks again,
-- Scot
----- Original Message ----- From: "Marshall Morgan" <marshall@netdoor.com> To: <usr-tc@lists.xmission.com> Sent: Sunday, May 13, 2001 1:49 AM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
Scott,
Please read my original post - it contains all the necessary elements to get the job done. I have tried to be more clean in this email.
You said: "What configuration steps do I need to take on the TC to allow it to assign this block to this dialup customer?"
Answer is a Radius Entry (only as nothing is needed on the TC but you can if you wish do what Mike Greene stated):
username Auth-Type = System Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Address = 192.168.1.200, Framed-IP-Netmask = 255.255.255.255, Framed-Routing = None, Framed-Compression = Van-Jacobson-TCP-IP, Port-Limit = 2, Idle-Timeout = 1200, Session-Timeout = 28800, Framed-MTU = 1500
As well, you stated: "Note that I am not running RIP. This customer will ALWAYS hit this particular TC, so there is no need to announce the route. I will manually route the block to the TC."
Answer is: So that means you do not want to announce the route via any routing method and you will be manually routing (via the Cisco I assume) the block to it (in this case) the static the customer gets from the Radius profile.
Since you will be routing them a network, not using a routing protocol to announce it, and only have a single TC, just give them a static IP on the TC Lan and let proxy arp do it's thing.
TC GW 192.168.1.1 TC IP 192.168.1.2 TC POOL whatever
on user's machine :
User Static IP 192.168.1.200 (PPP WAN DEVICE IP) - I would ask them to set their software to dynamic as you will give it to them via Radius anyway - make their setup simplier. User Ethernet IP 192.168.20.1 (LAN DEVICE IP)
on GW router (assume a Cisco):
ip route 192.168.20.0 255.255.255.224 192.168.1.200
(so net is 192.168.20.0/27)
I hope this better explains what works in the field and how easy your setup can be.
PS: I have probably been on this list as long as other active members - I even have some of David Bolen's old email marked. I would like to think I have been very helpful to many people as well both now and in the past ;-)
Marshall Morgan
Internet Doorway, Inc (aka NETDOOR) http://www.netdoor.com
601.969.1434 x28 | 800.952.1570 x28 | 601.969.3629 x28 | Fax 601.969.3838
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
Mark- Thanks for the reply. Sorry to sound ignorant, but what user table - in the TC? Can you give an example? Thanks. -- Scot ----- Original Message ----- From: "Mark Thornton" <mark@corridor.net> To: <usr-tc@lists.xmission.com> Sent: Wednesday, May 30, 2001 10:29 AM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
The only thing I do at our end to configure a static subnet for a client is to enter the client router's ip address into the user table along with the client's subnet mask. I do not enter anything in the framed-route field. My TC's are configured to share RIP routes with each other, but not the core Cisco router (had problems overloading the router at 30 second intervals before). The Cisco directs traffic to each chassis by static routes. Nothing fancy going on and it works. Other than adding the customer to the user table and creating a static route in the core router everything else is done at the client side.
I've used NetGear, Ascend, Cisco, Netopia, and WebRamp routers on the client side with this configuration, and probably a few I haven't been told about.
Mark Thornton San Marcos Internet, Inc 512-393-5300
----- Original Message ----- From: "Scot Desort" <scot@njaccess.net> To: <usr-tc@lists.xmission.com> Sent: Tuesday, May 29, 2001 9:58 PM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
Marshall / Mike Green-
Well, I did not fair too well today trying to get the client in question functioning. Client is now using a Cisco 776M ISDN router. Their Netopia was having ISDN problems.
First I tried your suggestion Marshall. I simply assigned the customer a static WAN IP through a radius profile, assigned that IP to the WAN link in their Cisco, and setup their LAN netblock. The router connects and authenticates fine, the router can ping out to the TC, and the TC can ping the static WAN IP. But a client on the remote LAN cannot ping beyond the Cisco router, and we could not ping into the client LAN IP's. Per your instructions, no route commands were entered on the TC, since you indicated that proxy arp would take care of it. Since that didn't work, I issued this command to the TC:
add ip route <cust-netblock/netmask> gateway <static-WAN-IP> metric 1
No effect.
I then tried Mike Green's approach. I assigned a static WAN IP through their radius profile, and included a framed route atrribute:
Framed-Route <cust-netblock/netmask> <static-WAN-IP> 1
I also entered the same 'add ip route' statement into the TC. Same effect - we could only ping back and forth between the router and the TC using the WAN IP.
When I issued a 'list ip routes" command at the TC, it showed the following
<cust-netblock/netmask> NetMgr <static-WAN-IP> 1 <slotx:modx>
I contacted Cisco who telnetted into the 776 to see if all was setup OK. After many hours, it is their best guess that something is wrong with the routing in the TC. If we turn on NAT in the 776, all stations on the customer LAN can browse since they are now being masked behind the static WAN IP, which is routing properly.
I have all of my internal routers configured properly to route the customer's netblock to the TC through static route statements. All traceroutes from the outside show proper transit until the TC. The last good hop is the TC's ethernet port, then it dies.
If either of you (or anyone else for that matter) has any ideas, I'll try anything at this point. All of our dedicated ISDN customer's with public LAN netblocks come into BRI cards in our Cisco routers, so this has always been a no-brainer on the Cisco's. We use Verizon ISDN Centrex for these customers delivered over standard BRI lines because our normal dialup PRI's that come into the TC are provided by a CLEC, and we can't get ISDN Centrex through them for our customers.
TIA,
-- Scot
----- Original Message ----- From: "Marshall Morgan" <marshall@netdoor.com> To: <usr-tc@lists.xmission.com> Sent: Tuesday, May 15, 2001 1:29 PM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
Let us know how it goes!
Marshall Morgan
Internet Doorway, Inc (aka NETDOOR) http://www.netdoor.com
601.969.1434 x28 | 800.952.1570 x28 | 601.969.3629 x28 | Fax 601.969.3838 ----- Original Message ----- From: "Scot Desort" <scot@njaccess.net> To: <usr-tc@lists.xmission.com> Sent: Monday, May 14, 2001 1:16 PM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
Marshall,
I read your original post. And in my subsequent posts, it should have been a little obvious that I was having a little trouble following your example based on my follow-up questions.
I do not doubt your past contributions to the list.
I do appreciate you taking the time to answer my original question, and will try to implement your answer to my routing question when I am at the customer site this week, having Mike Green's example as a backup (or vice-versa, depending...).
Thanks again,
-- Scot
----- Original Message ----- From: "Marshall Morgan" <marshall@netdoor.com> To: <usr-tc@lists.xmission.com> Sent: Sunday, May 13, 2001 1:49 AM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
Scott,
Please read my original post - it contains all the necessary elements to get the job done. I have tried to be more clean in this email.
You said: "What configuration steps do I need to take on the TC to allow it to assign this block to this dialup customer?"
Answer is a Radius Entry (only as nothing is needed on the TC but you can if you wish do what Mike Greene stated):
username Auth-Type = System Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Address = 192.168.1.200, Framed-IP-Netmask = 255.255.255.255, Framed-Routing = None, Framed-Compression = Van-Jacobson-TCP-IP, Port-Limit = 2, Idle-Timeout = 1200, Session-Timeout = 28800, Framed-MTU = 1500
As well, you stated: "Note that I am not running RIP. This customer will ALWAYS hit this particular TC, so there is no need to announce the route. I will manually route the block to the TC."
Answer is: So that means you do not want to announce the route via any routing method and you will be manually routing (via the Cisco I assume) the block to it (in this case) the static the customer gets from the Radius profile.
Since you will be routing them a network, not using a routing protocol to announce it, and only have a single TC, just give them a static IP on the TC Lan and let proxy arp do it's thing.
TC GW 192.168.1.1 TC IP 192.168.1.2 TC POOL whatever
on user's machine :
User Static IP 192.168.1.200 (PPP WAN DEVICE IP) - I would ask them to set their software to dynamic as you will give it to them via Radius anyway - make their setup simplier. User Ethernet IP 192.168.20.1 (LAN DEVICE IP)
on GW router (assume a Cisco):
ip route 192.168.20.0 255.255.255.224 192.168.1.200
(so net is 192.168.20.0/27)
I hope this better explains what works in the field and how easy your setup can be.
PS: I have probably been on this list as long as other active members - I even have some of David Bolen's old email marked. I would like to think I have been very helpful to many people as well both now and in the past ;-)
Marshall Morgan
Internet Doorway, Inc (aka NETDOOR) http://www.netdoor.com
601.969.1434 x28 | 800.952.1570 x28 | 601.969.3629 x28 | Fax 601.969.3838
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
Or you could go to Bookpool.com and get the same book for almost $8 less. I've found Bookpool to be fast and cheap. http://www.bookpool.com/.x/p6kdf2o6p6/sm/1565923200 On 11 May 2001, at 15:57, Marshall Morgan wrote:
No. Might want to pick up the following from Amazon.
http://www.amazon.com/exec/obidos/ASIN/1565923200/o/qid=989614459/sr=8-1/ref =aps_sr_b_1_1/102-4104910-5894540
Managing Ip Networks With Cisco Routers ISBN: 1565923200
Marshall Morgan
Internet Doorway, Inc (aka NETDOOR) http://www.netdoor.com
601.969.1434 x28 | 800.952.1570 x28 | 601.969.3629 x28 | Fax 601.969.3838 ----- Original Message ----- From: "Scot Desort" <scot@njaccess.net> To: <usr-tc@lists.xmission.com> Sent: Friday, May 11, 2001 9:21 AM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
OK, so do I need to add a route within the TC so it knows to send 192.168.20.0/27 to 192.168.1.200?
----- Original Message ----- From: "Marshall Morgan" <marshall@netdoor.com> To: <usr-tc@lists.xmission.com> Sent: Thursday, May 10, 2001 4:21 PM Subject: Re: (usr-tc) Routing a subnet to an ISDN dialup customer
In your radius example:
Framed-IP-Address = 192.168.1.200, Framed-IP-Netmask = 255.255.255.255,
Doesn't this assign a single IP, 192.168.1.200 to the dialup user?
Yes. You stated you were going to route them a network via the gateway (or similar). The example I emailed has this in it.
Marshall Morgan
Internet Doorway, Inc (aka NETDOOR) http://www.netdoor.com
601.969.1434 x28 | 800.952.1570 x28 | 601.969.3629 x28 | Fax 601.969.3838
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
Wayne Barber Coastal Telco Services - To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
Can anyone tell me how to set up the system so that it uses the Analog Ports? I'm also confused on saving settings. I do a "save all" and a reset but when I do a "sh" the values have not changed. Help. Thanks al - To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
participants (11)
-
Aaron Daniels -
Al Kelkhoff -
albert -
Jorge Lozano -
LIST -
Mark Thornton -
Marshall Morgan -
Mike Greene -
Nauman Malik -
Scot Desort -
Wayne Barber