by bbaez » Wed Mar 27, 2013 12:01 pm
I am trying to consolidate my home Zoom DSL modem and Cisco 1711 into one Cisco 1760 with a WIC-1ADSL and having routing problems. My clients were able to connect to the bridge subnet 64.142.102.0/24. However my clients couldn’t reach my GRE Tunnel addresses or the routed subnet 208.106.46.192/27 that is over 64.142.102.64. Also, although my client computers tested at DSL max speed, I lost over 80% of my ping packets to 64.142.102.1 from the Cisco router.

Any help is greatly appreciated!

---------------------------------------------------

Code: Select all

gw03#wr t
Building configuration...

Current configuration : 9952 bytes
!
! Last configuration change at 16:29:12 PST Mon Feb 18 2013 by swadmin
! NVRAM config last updated at 15:37:44 PST Mon Feb 18 2013 by swadmin
!
version 12.4
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname gw03
!
boot-start-marker
boot system flash:c1700-adventerprisek9-mz.124-25b.bin
boot-end-marker
!
logging buffered 51200 warnings
enable secret 5 SHHHHH
!
aaa new-model
!
!
aaa authentication login default local
aaa authorization exec default local
!
aaa session-id common
clock timezone PST -8
clock summer-time PDT recurring 2 Sun Mar 2:00 1 Sun Nov 23:00
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.16.1.1 10.16.1.100
!
ip dhcp pool KLVKDHCP
   import all
   network 10.16.1.0 255.255.255.0
   default-router 10.16.1.1
   netbios-name-server 10.16.1.27
   dns-server 64.142.102.66 208.106.46.195 208.201.224.11 208.201.224.33
   option 2 hex ffff.8f80
   domain-name treslagos.org
   netbios-node-type h-node
   option 42 ip 10.16.1.1
   option 135 ascii "treslagos.org,biospectra.com"
   lease 1 0 30
!
ip dhcp pool ooma1
   host 64.142.102.71 255.255.255.0
   client-identifier 0100.1861.0263.41
   client-name ooma1
!
ip dhcp pool baezbo07vm01
   host 10.16.1.103 255.255.255.0
   client-identifier 0100.0c29.719f.8e
   client-name baezbo07vm01
!
ip dhcp pool baezbo07vm02
   host 10.16.1.104 255.255.255.0
   client-identifier 0100.0c29.e595.4a
   client-name baezbo07vm02
!
ip dhcp pool baezbo07vm03
   host 10.16.1.105 255.255.255.0
   client-identifier 0100.0c29.5335.1a
   client-name baezbo07vm03
!
ip dhcp pool gx280-01
   host 10.16.1.107 255.255.255.0
   client-identifier 0100.123f.62b6.86
   client-name gx280-01
!
ip dhcp pool winxppro
   host 10.16.1.109 255.255.255.0
   client-identifier 0100.0c29.50f5.1d
   client-name winxppro
!
ip dhcp pool mce01
   host 10.16.1.110 255.255.255.0
   client-identifier 0190.e6ba.882d.f2
   client-name mce01
!
!
no ip domain lookup
ip domain name treslagos.org
ip name-server 64.142.102.66
ip name-server 208.106.46.195
ip name-server 208.201.224.11
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
!
!
!
!
!
!
!
!
!
!
!
crypto pki trustpoint TP-self-signed-3056471545
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3056471545
 revocation-check none
 rsakeypair TP-self-signed-3056471545
!
!
crypto pki certificate chain TP-self-signed-3056471545
 certificate self-signed 01
  3082024A 308201B3 SHHHHH
  quit
no spanning-tree optimize bpdu transmission
username swadmin privilege 15 secret 5 SHHHHH
!
!
!
crypto keyring TreslagosKeyRing
  pre-shared-key address 0.0.0.0 0.0.0.0 key SHHHHH
!
crypto isakmp policy 1
 encr 3des
 authentication pre-share
 group 2
crypto isakmp profile PrimaryProfile
   description SugarPine connection
   keyring TreslagosKeyRing
   match identity address 0.0.0.0
!
!
crypto ipsec transform-set DMVPNTransformSet ah-sha-hmac esp-3des esp-sha-hmac
crypto ipsec df-bit clear
!
crypto ipsec profile DMVPNProfile
 set transform-set DMVPNTransformSet
!
!
crypto dynamic-map dm-mesh-vpn 21
 set transform-set DMVPNTransformSet
 set isakmp-profile PrimaryProfile
!
!
crypto map cm-mesh-vpn 65535 ipsec-isakmp dynamic dm-mesh-vpn
!
bridge irb
!
!
!
interface Tunnel0
 ip address 172.5.0.1 255.255.255.0
 no ip redirects
 ip mtu 1400
 no ip next-hop-self eigrp 629
 ip nhrp authentication 88vacaXZ
 ip nhrp map multicast dynamic
 ip nhrp network-id 1
 ip nhrp holdtime 600
 no ip split-horizon eigrp 629
 tunnel source 64.142.102.64
 tunnel mode gre multipoint
 tunnel key 10000
 tunnel protection ipsec profile DMVPNProfile
!
interface ATM0/0
 ip address 64.142.102.64 255.255.255.0
 no atm ilmi-keepalive
 dsl operating-mode auto
 bridge-group 1
 pvc 0/35
  encapsulation aal5snap
 !
!
interface FastEthernet0/0
 no ip address
 ip route-cache flow
 shutdown
 speed auto
 no cdp enable
!
interface FastEthernet1/1
 description vm04
 switchport trunk allowed vlan 1,600,601,1002-1005
 switchport mode trunk
 no cdp enable
!
interface FastEthernet1/2
 description H3C_Switch
 switchport trunk allowed vlan 1,500-517,1002-1005
 switchport mode trunk
 no cdp enable
!
interface FastEthernet1/3
 description OOMA TELEPHONE
 switchport access vlan 600
 no cdp enable
 spanning-tree portfast
!
interface FastEthernet1/4
 description WAN
 switchport access vlan 600
 no cdp enable
 spanning-tree portfast
!
interface Vlan1
 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
 no ip address
 ip tcp adjust-mss 1452
!
interface Vlan501
 description Dublin_Home_Treslagos
 ip address 10.16.1.3 255.255.255.0
!
interface Vlan600
 description SONIC_64.142.102.0/24
 ip address 64.142.102.64 255.255.255.0
 ip access-group PRIVATE_ADDRESSES in
 ip access-group PRIVATE_ADDRESSES out
 bridge-group 1
!
interface Vlan601
 description SONIC_208.106.46.192/27
 ip address 208.106.46.193 255.255.255.224
 ip access-group PRATE_ADDRESSES in
 ip access-group PRIVATE_ADDRESSES out
!
router eigrp 629
 network 10.16.1.0 0.0.0.255
 network 172.5.0.0 0.0.0.255
 no auto-summary
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 64.142.102.1
ip route 64.142.102.0 255.255.255.0 64.142.102.1
ip route 208.106.46.192 255.255.255.224 Vlan600
!
ip flow-export source FastEthernet1/4
ip flow-export version 5
ip flow-export destination 10.16.1.36 2055
ip flow-top-talkers
 top 5
 sort-by bytes
!
no ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 600 life 86400 requests 10000
!
ip access-list extended CORPORATE_ADDRESSES
 permit ip 10.0.0.0 0.255.255.255 any
 permit ip 64.142.102.0 0.0.0.255 any
 permit ip 208.106.46.0 0.0.0.255 any
 deny   ip any any
ip access-list extended ISOLATE-208-106-146-192-VLAN601
 deny   ip 64.142.102.0 0.0.0.255 any
 deny   ip 0.0.0.0 0.255.255.255 any
 deny   ip 10.0.0.0 0.255.255.255 any
 deny   ip 127.0.0.0 0.255.255.255 any
 deny   ip 169.254.0.0 0.0.255.255 any
 deny   ip 160.16.0.0 15.0.255.255 any
 deny   ip 192.0.2.0 0.0.0.255 any
 deny   ip 192.168.0.0 0.0.255.255 any
 deny   ip 224.0.0.0 15.255.255.255 any
 deny   ip 240.0.0.0 7.255.255.255 any
 deny   ip 248.0.0.0 7.255.255.255 any
 deny   ip host 255.255.255.255 any
 permit ip any any
ip access-list extended ISOLATE-64-142-102-0-VLAN600
 deny   ip 208.106.46.192 0.0.0.31 any
 deny   ip 0.0.0.0 0.255.255.255 any
 deny   ip 10.0.0.0 0.255.255.255 any
 deny   ip 127.0.0.0 0.255.255.255 any
 deny   ip 169.254.0.0 0.0.255.255 any
 deny   ip 160.16.0.0 15.0.255.255 any
 deny   ip 192.0.2.0 0.0.0.255 any
 deny   ip 192.168.0.0 0.0.255.255 any
 deny   ip 224.0.0.0 15.255.255.255 any
 deny   ip 240.0.0.0 7.255.255.255 any
 deny   ip 248.0.0.0 7.255.255.255 any
 deny   ip host 255.255.255.255 any
 permit ip any any
ip access-list extended PRIVATE_ADDRESSES
 deny   ip 0.0.0.0 0.255.255.255 any
 deny   ip 10.0.0.0 0.255.255.255 any
 deny   ip 127.0.0.0 0.255.255.255 any
 deny   ip 169.254.0.0 0.0.255.255 any
 deny   ip 160.16.0.0 15.0.255.255 any
 deny   ip 192.0.2.0 0.0.0.255 any
 deny   ip 192.168.0.0 0.0.255.255 any
 deny   ip 224.0.0.0 15.255.255.255 any
 deny   ip 240.0.0.0 7.255.255.255 any
 deny   ip 248.0.0.0 7.255.255.255 any
 deny   ip host 255.255.255.255 any
 permit ip any any
!
access-list 23 permit 10.16.1.0 0.0.0.255
access-list 23 permit 10.16.8.0 0.0.0.255
access-list 23 permit 64.142.102.0 0.0.0.255
access-list 23 permit 208.106.46.192 0.0.0.31
snmp-server community SHHHHH RO
snmp-server community SHHHHH RW
snmp-server location Dublin_Garage
snmp-server enable traps config
snmp-server enable traps entity
snmp-server enable traps hsrp
snmp-server enable traps rtr
no cdp run
!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
!
!
!
mgcp behavior g729-variants static-pt
!
!
!
!
banner login ^CCCC
   WARNING: To protect the system from unauthorized use and to ensure that the
   system is functioning properly,
   activities on this system are monitored, recorded and subject to audit.
   Use of this system is expressed consent to such monitoring and recording.
   Any unauthorized access or use of this Automated Information System is
   prohibited,
   and could be subject to criminal and civil penalties.
   YOU HAVE BEEN WARNED!!!!
   ^C
!
line con 0
line aux 0
line vty 0 4
 access-class 23 in
 transport input ssh
line vty 5 15
 access-class 23 in
 transport input ssh
!
ntp clock-period 17179944
ntp server 64.183.55.54
ntp server 64.73.32.134
ntp server 64.34.180.101
ntp server 140.142.16.34
end

-----------------------------------------------

gw03#show atm interface atM 0/0
Interface ATM0/0:
AAL enabled: AAL5 AAL2, Maximum VCs: 23, Current VCCs: 0

VCIs per VPI: 256,
Max. Datagram Size: 4528
PLIM Type: ADSL - 768Kbps Upstream, DMT, TX clocking: LINE
0 input, 0 output, 0 IN fast, 0 OUT fast
Avail bw = 768
Config. is ACTIVE
gw03#show atm route

Input Intf Input VC Output Intf Output VC Status
gw03#sh dsl interface atm0/0
ATM0/0
Alcatel 20150 chipset information
ATU-R (DS) ATU-C (US)
Modem Status: Showtime (DMTDSL_SHOWTIME)
DSL Mode: ITU G.992.1 (G.DMT) Annex A
ITU STD NUM: 0x01 0x1
Vendor ID: 'ALCB' ' '
Vendor Specific: 0x0000 0x0000
Vendor Country: 0x00 0x00
Capacity Used: 65% 84%
Noise Margin: 16.5 dB 11.0 dB
Output Power: 11.5 dBm 12.0 dBm
Attenuation: 15.0 dB 6.0 dB
Defect Status: None None
Last Fail Code: None
Selftest Result: 0x00
Subfunction: 0x15
Interrupts: 1335 (0 spurious)
PHY Access Err: 0
Activations: 1
LED Status: ON
LED On Time: 100
LED Off Time: 100
Init FW: embedded
Operation FW: embedded
SW Version: 3.8131
FW Version: 0x1A04

Interleave Fast Interleave Fast
Speed (kbps): 0 6016 0 768
Cells: 0 23584 0 10878556
Reed-Solomon EC: 0 0 0 0
CRC Errors: 0 0 0 0
Header Errors: 0 0 0 0
Bit Errors: 0 0
BER Valid sec: 0 0
BER Invalid sec: 0 0

LOM Monitoring : Disabled

DMT Bits Per Bin
00: 0 0 0 0 0 0 0 6 6 7 9 A A A B B
10: B B B B B A A A A 9 9 8 8 7 0 0
20: 0 0 0 0 0 0 2 2 3 4 4 5 5 6 6 7
30: 7 7 8 8 8 9 9 9 9 9 9 9 9 9 A A
40: A A A A A A A A A A A A A A A A
50: A A A A A A A A A A A A A 2 A A
60: A A A A A A A A A A A A A A A A
70: A A A A A 9 9 9 9 9 A A 9 9 9 9
80: 9 9 9 9 9 9 9 9 9 9 9 9 9 9 9 9
90: 9 9 9 9 9 9 9 9 9 9 8 8 8 8 8 8
A0: 8 8 8 8 8 8 8 8 8 8 8 8 8 8 7 7
B0: 7 7 7 7 7 7 7 7 7 7 6 6 6 6 6 6
C0: 6 6 6 6 6 6 6 5 5 5 5 5 5 5 5 5
D0: 6 6 6 6 6 6 6 6 6 6 6 6 6 6 6 6
E0: 6 6 6 6 6 6 6 6 6 6 7 6 6 6 6 6
F0: 5 5 4 4 2 0 0 0 0 0 0 0 0 0 0 0

DSL: Training log buffer capability is not enabled
gw03#



Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 64.142.102.1, timeout is 2 seconds:
.!...
Success rate is 20 percent (1/5), round-trip min/avg/max = 8/8/8 ms

gw03#ping 64.142.102.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 64.142.102.1, timeout is 2 seconds:
..!.!
Success rate is 40 percent (2/5), round-trip min/avg/max = 36/46/56 ms

gw03#show atm ilmi-status atM 0/0

Interface : ATM0/0 Interface Type : Unknown
ILMI VCC : (0, 16) ILMI Keepalive : Disabled
ILMI State: Restarting
gw03#