sundance-communications.com/forum Forums VOIP Phones & IP PBX Networking adtran routing issues?

Can you show the routing tables from the main site and site A routers? I've never worked with Adtran routers, but it looks like you're missing a network statement, in which case the router won't be advertising the route it has on it's ethernet interface. Also, these two lines look redundant to me:

ip route 10.1.1.0 255.255.255.0 ppp 1
ip route 10.1.3.0 255.255.255.252 ppp 1

The Netopia router doesn't seem to know how to get to the 10.1.2.x and 10.1.3.x networks either.

Adtran routers program basically the same as any Cisco router.

I'd say that if you can receive ping responses back from the Netopia from either site, routing is working to that point.

Do you know what that Cisco device is at the network edge in your diagram. I'm guessing maybe a firewall. Whatever it is, that must be the device that's doing your network address translation as I don't see any NAT statements on the Netopia.

This line on the Netopia indicates that the connection to the internet are running through the Cisco device. Try to ping 10.1.1.245 as that must be the address of that device.

interface eth 0/1
description to isp
ip address 10.1.1.245 255.255.255.0
no shutdown

My guess is there's a problem on the Cisco side, like it doesn't know what to do with traffic going to your remote subnets.

Also, you should erase any of the password info you posted on your configurations. Not good to have that on a public access web site.

If Chris posted the config for the Netopia router I'm missing it. I would guess the Netopia router is doing NAT based on the routing table posted.

If we can see all the routing tables the problem should be easier to identify.

Steve-

Typically when a Cisco router is at the end of a T1, provided and managed by the ISP, it is not configured for any firewall effects. It is simply a T1-Ethernet translator and management point for the ISP.

I would concur, that the Netopia is not configured right... not sure how, but that's my feeling.

Haven't dealt with ISP managed CPE here Rob, though I've often thought that would take some finger-pointing out of the equasion when a T1 goes down. Perhaps that's just a Cisco CSU/DSU then? I haven't seen one separate from the router in some time as ours are all WICs.

Clinton's correct, that configuration is for the NetVanta, not the Netopia. This now makes much more sense to me.

Perhaps a tracert from one of the hosts will tell you where the problem lies. I still can't see how there's a routing problem on the Netopia with respect to routing packets back to sites a & b. I would expect the echo-replies wouldn't know how to get back to the remote PCs if that were the case.

I would do either a tracert or pathping to some known Internet IP address and see what you get.

clinton>>main site is 6th post from top

RobCalltrol>>thanks for the edit but none of these are able to be accessed from the net

Steve Brower>>the cisco is a 1280 (i think). some sort of little router with a t1 wic card in it. from what i under stand it is basically a converter from t1 to ethernet and does NOT block anything.

clinton>>actually the netopia is just the interface to the internet with some sort of basic firewall. dhcp is done with a win2000 server.

RobCalltrol>>you are correct about the cisco router. it is done around here alot by AT&T.

Steve Brower>>a tracert from site b to a known static ip address (my office) will bounce back & forth between the adtran's and never get out. i don't have one handy to paste in here but i can get you one.

OK, it appears the Adtran at the main site has a default route pointing to the site A Adtran, which has a default route pointing back again. That would certainly be a problem. I'll say again though, seeing the routing table for each router would make problems like that much more obvious.

The Netopia router is definately doing the NAT in this situation. Private IPs on one interface, public IPs on the other. It may not be the DHCP server, but that's unrelated.

I agree, looks like the default route in the main should be changed to 0.0.0.0 0.0.0.0 10.1.1.245 (eth 0/1)