OSPF demand-circuit over dialer profile [7:20741]
Does anyone have a successful config for ospf demand-circuit over ISDN, where the dialer profile is used ? My config is as follows, but whenever I put ip ospf demand-circuit on dialer interface 1 (of RA), the show ip ospf command will show it not a ABR anymore and OSPF stop to work right away! Thanks Andy RA config -- ! version 11.3 no service password-encryption ! hostname RA ! enable secret 5 $1$z3DF$3JKut/S8iklU.C/OFGKIZ0 ! username RB password 0 abc123 memory-size iomem 15 isdn switch-type basic-5ess ! interface Loopback0 ip address 1.1.1.13 255.255.255.0 ! interface Ethernet 0 ip address 172.16.1.1 255.255.255.0 ! interface BRI3/0 no ip address encapsulation ppp ip ospf demand-circuit dialer pool-member 1 ppp authentication chap ! interface BRI3/1 no ip address shutdown ! interface BRI3/2 no ip address shutdown ! interface BRI3/3 no ip address shutdown ! interface Dialer1 ip address 10.1.1.2 255.255.255.0 encapsulation ppp ip ospf demand-circuit dialer remote-name RB dialer string 4125993507 dialer pool 1 dialer-group 1 no peer neighbor-route ppp authentication chap ! router ospf 100 network 10.1.1.0 0.0.0.255 area 0 network 172.16.1.0 0.0.0.255 area 5 ! ip classless dialer-list 1 protocol ip permit ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 login ! end --- RB config ! version 11.3 no service password-encryption ! hostname RB ! enable secret 5 $1$z3DF$3JKut/S8iklU.C/OFGKIZ0 ! username RA password 0 abc123 memory-size iomem 15 isdn switch-type basic-5ess ! interface Loopback0 ip address 1.1.1.12 255.255.255.0 ! interface Ethernet 0 ip address 192.168.1.1 255.255.255.0 ! interface BRI3/0 no ip address encapsulation ppp ip ospf demand-circuit dialer pool-member 1 ppp authentication chap ! interface BRI3/1 no ip address shutdown ! interface BRI3/2 no ip address shutdown ! interface BRI3/3 no ip address shutdown ! interface Dialer1 ip address 10.1.1.1 255.255.255.0 encapsulation ppp ip ospf demand-circuit dialer remote-name RB dialer string 4125993508 dialer pool 1 dialer-group 1 no peer neighbor-route ppp authentication chap ! router ospf 100 network 10.1.1.0 0.0.0.255 area 0 network 192.168.1.0 0.0.0.255 area 5 ! ip classless dialer-list 1 protocol ip permit ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 login ! end _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=20741t=20741 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
How many dynamic access list can be in a router ?
I created two dynamic access list (with different name and under different extended ip access list) for the lock-and-key feature, but no matter what access list I choose for the interface, it's keeping using the first dynamic ACL, does it mean one router only can have one dynamic ACL ? Thanks Andy Here the config: (I use 103 ACL for int e 0, but it's always using dynamic ACL for 10.1.1.1 ??!!) - Current configuration: ! version 12.0 service password-encryption ! hostname Rabbit ! enable secret 5 $1$yKHa$nUhLHTLUhTRw6quNKtdvE. ! username test password 7 111D1C1603 username abc password 7 01120407 username abc autocommand access-enable timeout 5 username me password 7 060B0A ! ! ! ! ip subnet-zero no ip domain-lookup ! frame-relay switching ! ! process-max-time 200 ! interface Ethernet0 ip address 10.1.1.3 255.255.255.0 ip access-group 103 in no ip directed-broadcast ! interface Serial0 bandwidth 192 ip address 192.168.18.1 255.255.255.0 no ip directed-broadcast encapsulation frame-relay ip split-horizon no fair-queue no frame-relay inverse-arp IP 20 no frame-relay inverse-arp NOVELL 20 no frame-relay inverse-arp APPLETALK 20 frame-relay local-dlci 20 frame-relay intf-type dce ! interface Serial1 no ip address no ip directed-broadcast shutdown ! router rip redistribute static metric 1 network 10.0.0.0 network 192.168.18.0 ! no ip http server ip classless ! logging trap Unknown access-list 102 permit tcp any host 10.1.1.3 eq telnet access-list 102 dynamic myTest2 permit ip host 10.1.1.1 any access-list 103 permit tcp any host 10.1.1.3 eq telnet access-list 103 dynamic myTest3 permit ip host 10.1.1.5 any ! line con 0 exec-timeout 30 0 logging synchronous history size 256 transport input none line 1 16 transport input all line aux 0 transport input all line vty 0 4 login local ! end - _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
can't use regular telnet after Lock-and-Key configured ?
After I configured the router using Lock-and-Key (Dynamic access-list), I can't use the regular telnet to go into the system for some maintenance tasks, seems like all the usernames are tightly bound to Lock-and-Key feature. Any workaround ? Thanks in advance Andy configure of the router: Current configuration: ! version 12.0 service password-encryption ! hostname Rabbit ! enable secret 5 $1$yKHa$nUhLHTLUhTRw6quNKtdvE. ! username test password 7 111D1C1603 username abc password 7 01120407 username me password 7 060B0A ! ! ! ! ip subnet-zero no ip domain-lookup ! frame-relay switching ! ! process-max-time 200 ! interface Ethernet0 ip address 10.1.1.3 255.255.255.0 ip access-group 102 in no ip directed-broadcast ! interface Serial0 bandwidth 192 ip address 192.168.18.1 255.255.255.0 no ip directed-broadcast encapsulation frame-relay ip split-horizon no fair-queue no frame-relay inverse-arp IP 20 no frame-relay inverse-arp NOVELL 20 no frame-relay inverse-arp APPLETALK 20 frame-relay local-dlci 20 frame-relay intf-type dce ! interface Serial1 no ip address no ip directed-broadcast shutdown ! router rip redistribute static metric 1 network 10.0.0.0 network 192.168.18.0 ! no ip http server ip classless ! logging trap Unknown access-list 102 permit tcp any host 10.1.1.3 eq telnet access-list 102 dynamic myTest timeout 5 permit ip any any ! line con 0 exec-timeout 30 0 logging synchronous history size 256 transport input none line 1 16 transport input all line aux 0 transport input all line vty 0 4 login local autocommand access-enable timeout 5 ! end _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]