All other Cisco networking related discussions.
drurydd1
New Member
Posts:
1
Joined:
Thu Jul 14, 2016 4:35 am

Dialer interfaces not connecting with VRF

Thu Jul 14, 2016 4:40 am

Hi,

I'm having some trouble setting up VRF on a Cisco 1921. The router has 2 VDSL card installed. The ISP has only been able to active 1 of the FTTC lines however, the Dialer2 isn't connecting/getting an IP. I've tested the line with the free router from the ISP and all works fine. Dialer2 is part of the vrf DATA_LAN tag.

Would somebody be able to look at my config and see where i'm going wrong please.

#sh run br
Building configuration...

Current configuration : 4794 bytes
!
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ?
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 PASSWORD
!
no aaa new-model
!
ip cef
!
!
!
ip vrf DATA_LAN
rd 1:1
route-target export 1:1
route-target import 1:1
route-target import 1:2
!
ip vrf VOICE_LAN
rd 1:2
route-target export 1:2
route-target import 1:2
route-target import 1:1
!
ip dhcp excluded-address 192.168.20.1 192.168.20.10
ip dhcp excluded-address 192.168.20.200 192.168.20.254
ip dhcp excluded-address 192.168.30.1 192.168.30.10
ip dhcp excluded-address 192.168.30.200 192.168.30.254
!
ip dhcp pool ETR_Voice_Pool
vrf VOICE_LAN
network 192.168.30.0 255.255.255.0
default-router 192.168.30.1
dns-server 192.168.30.1 8.8.8.8
domain-name Voice.local
lease 0 6
!
ip dhcp pool ETR_Data_Pool
vrf DATA_LAN
network 192.168.20.0 255.255.255.0
default-router 192.168.20.1
dns-server 192.168.20.1 8.8.8.8
domain-name Data.local
lease 0 6
!
!
!
ip domain name test.local
no ipv6 cef
multilink bundle-name authenticated
!
!
crypto pki trustpoint TP-self-signed-1226948131
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1226948131
revocation-check none
rsakeypair TP-self-signed-1226948131
!
!
crypto pki certificate chain TP-self-signed-1226948131
certificate self-signed 01
license udi pid CISCO1921/K9 sn FCZ1839C2Y4
!
!
username USERNAME privilege 15 secret 5 PASSWORD REMOVED
!
!
controller VDSL 0/0/0
!
controller VDSL 0/1/0
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description Voice_LAN
ip vrf forwarding VOICE_LAN
ip address 192.168.30.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
description Data_LAN
ip vrf forwarding DATA_LAN
ip address 192.168.20.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface ATM0/0/0
no ip address
shutdown
no atm ilmi-keepalive
!
interface Ethernet0/0/0
no ip address
!
interface Ethernet0/0/0.101
encapsulation dot1Q 101
pppoe enable group global
pppoe-client dial-pool-number 1
!
interface ATM0/1/0
no ip address
shutdown
no atm ilmi-keepalive
!
interface Ethernet0/1/0
no ip address
!
interface Ethernet0/1/0.101
encapsulation dot1Q 101
pppoe enable group global
pppoe-client dial-pool-number 2
!
interface Dialer1
description Voice_LAN
mtu 1492
ip vrf forwarding VOICE_LAN
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
ip nat outside
ip virtual-reassembly in
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
ppp authentication pap chap ms-chap callin
ppp chap hostname IPS_USERNAME
ppp chap password 0 IPS_PASSWORD
ppp ipcp address accept
no cdp enable
!
interface Dialer2
description Data_LAN
mtu 1492
ip vrf forwarding DATA_LAN
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
ip nat outside
ip virtual-reassembly in
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 2
ppp authentication pap chap ms-chap callin
ppp chap hostname IPS_USERNAME
ppp chap password 0 IPS_PASSWORD
ppp ipcp address accept
no cdp enable
!
router bgp 65000
bgp log-neighbor-changes
!
ip forward-protocol nd
!
ip http server
ip http authentication local
ip http secure-server
!
ip nat inside source list NAT2 interface Dialer2 vrf DATA_LAN overload
ip nat inside source list NAT1 interface Dialer1 vrf VOICE_LAN overload
ip route vrf DATA_LAN 0.0.0.0 0.0.0.0 Dialer2
ip route vrf VOICE_LAN 0.0.0.0 0.0.0.0 Dialer1
!
ip access-list extended NAT1
permit ip 192.168.30.0 0.0.0.255 any
ip access-list extended NAT2
permit ip 192.168.20.0 0.0.0.255 any
deny ip 192.168.20.0 0.0.0.255 10.1.74.0 0.0.0.255
ip access-list extended VPNSPLIT
permit ip 192.168.20.0 0.0.0.255 10.1.74.0 0.0.0.255
!
!
!
!
control-plane
!
!

!
line con 0
logging synchronous
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
exec-timeout 0 0
privilege level 15
login local
transport input telnet ssh
transport output telnet ssh
!
scheduler allocate 20000 1000
!
end

'
Return to Cisco General

Who is online

Users browsing this forum: Exabot [Bot] and 11 guests