Hurricane Electric's IPv6 Tunnel Broker Forums

Advanced search  

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Author Topic: Cannot ping Tunnelbroker server on Cisco 2801  (Read 384 times)

CiscoFanboy

  • Newbie
  • *
  • Posts: 4
    • View Profile
Cannot ping Tunnelbroker server on Cisco 2801
« on: May 09, 2017, 06:07:32 PM »

Hello everyone,

I am unable to ping the tunnelbroker on my Cisco 2801... my border router, I have tried what was mentioned in the post regarding the Cisco 3845 and I still can't get it to work.
Logged

cholzhauer

  • Hero Member
  • *****
  • Posts: 2559
    • View Profile
Re: Cannot ping Tunnelbroker server on Cisco 2801
« Reply #1 on: May 10, 2017, 06:26:16 AM »

Well, we're going to need more information to help you out.
Logged

CiscoFanboy

  • Newbie
  • *
  • Posts: 4
    • View Profile
Re: Cannot ping Tunnelbroker server on Cisco 2801
« Reply #2 on: May 10, 2017, 03:10:15 PM »

I can post my config

SVR-BRDR#sh run
Building configuration...


Current configuration : 8327 bytes
!
! Last configuration change at 16:57:01 UTC Wed May 10 2017 by ...
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname SVR-BRDR
!
boot-start-marker
boot-end-marker
!
!
logging buffered 10000000
no logging console
enable secret 4 ...
!
no aaa new-model
!
dot11 syslog
ip source-route
!
!
!
!
!
ip cef
ip name-server 10.0.30.2
ip multicast-routing
ipv6 unicast-routing
ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
voice service voip
 ip address trusted list
  ipv4 10.0.30.3
  ipv4 10.0.30.4
  ipv4 54.172.60.0 255.255.254.0
  ipv4 54.244.51.0 255.255.255.0
  ipv4 54.171.127.192 255.255.255.192
  ipv4 54.65.63.192 255.255.255.192
  ipv4 54.169.127.128 255.255.255.192
  ipv4 54.252.254.64 255.255.255.192
  ipv4 177.71.206.192 255.255.255.192
 allow-connections sip to sip
!
!
!
!
voice translation-rule 1
 rule 1 /[2-9]..[2-9]....../ /+1\0/
 rule 2 /.../ /+.../
 rule 3 /.../ /+.../
 rule 4 /.../ /+.../
!
voice translation-rule 2
 rule 1 /\+.../ /.../
 rule 2 /\+.../ /.../
 rule 4 /\+.../ /.../
!
!
voice translation-profile incoming_twilio
 translate called 2
!
voice translation-profile twilio
 translate calling 1
 translate called 1
!
!
voice-card 0
!
!
application
 service caller flash:callername.tcl
  param display_name1 "..."
  param clid_prefix0 ...
  param display_name0 "..."
 !
 session
  start flash:callername.tcl caller
 !
!
!
!
!
!
license udi pid ... sn ...
username ... privilege 15 secret 4 ...
!
redundancy
!
!
!
crypto keyring keyring-vpn-7fc4dc6d-1
  local-address 65.160.208.69
  pre-shared-key address 52.88.53.53 key ...
crypto keyring keyring-vpn-7fc4dc6d-0
  local-address 65.160.208.69
  pre-shared-key address 52.36.226.161 key ...
!
crypto isakmp policy 200
 encr aes
 authentication pre-share
 group 2
 lifetime 28800
!
crypto isakmp policy 201
 encr aes
 authentication pre-share
 group 2
 lifetime 28800
crypto isakmp keepalive 10 10
crypto isakmp profile isakmp-vpn-7fc4dc6d-0
   keyring keyring-vpn-7fc4dc6d-0
   match identity address 52.36.226.161 255.255.255.255
   local-address 65.160.208.69
crypto isakmp profile isakmp-vpn-7fc4dc6d-1
   keyring keyring-vpn-7fc4dc6d-1
   match identity address 52.88.53.53 255.255.255.255
   local-address 65.160.208.69
!
crypto ipsec security-association replay window-size 128
!
crypto ipsec transform-set ipsec-prop-vpn-7fc4dc6d-0 esp-aes esp-sha-hmac
crypto ipsec transform-set ipsec-prop-vpn-7fc4dc6d-1 esp-aes esp-sha-hmac
crypto ipsec df-bit clear
!
crypto ipsec profile ipsec-vpn-7fc4dc6d-0
 set transform-set ipsec-prop-vpn-7fc4dc6d-0
 set pfs group2
!
crypto ipsec profile ipsec-vpn-7fc4dc6d-1
 set transform-set ipsec-prop-vpn-7fc4dc6d-1
 set pfs group2
!
!
!
!
!
!
!
interface Tunnel0
 ip address 172.16.0.1 255.255.255.252
 tunnel source ATM0/1/0.1
 tunnel destination 68.108.24.65
!
interface Tunnel1
 ip address 169.254.14.154 255.255.255.252
 ip virtual-reassembly in
 ip tcp adjust-mss 1379
 tunnel source 65.160.208.69
 tunnel mode ipsec ipv4
 tunnel destination 52.36.226.161
 tunnel protection ipsec profile ipsec-vpn-7fc4dc6d-0
!
interface Tunnel2
 ip address 169.254.13.90 255.255.255.252
 ip virtual-reassembly in
 ip tcp adjust-mss 1379
 tunnel source 65.160.208.69
 tunnel mode ipsec ipv4
 tunnel destination 52.88.53.53
 tunnel protection ipsec profile ipsec-vpn-7fc4dc6d-1
!
interface Tunnel3
 ip address 209.165.131.5 255.255.255.252
 tunnel source ATM0/1/0.1
 tunnel destination 71.33.246.52
!
interface Tunnel4
 no ip address
 no ip redirects
 ipv6 address dhcp
 tunnel source ATM0/1/0.1
 tunnel mode ipv6ip 6rd
 tunnel 6rd prefix 2602::/24
!
interface FastEthernet0/0
 ip address 10.0.1.1 255.255.255.252
 ip pim dense-mode
 ip nat inside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 123.12.1.1 255.255.255.252
 duplex auto
 speed auto
!
interface ATM0/1/0
 no ip address
 no atm ilmi-keepalive
!
interface ATM0/1/0.1 point-to-point
 ip address dhcp
 ip access-group PROTOCOL41 in
 ip nat outside
 ip virtual-reassembly in
 atm route-bridged ip
 pvc 8/35
  encapsulation aal5snap
 !
!
router ospf 1
 network 10.0.1.0 0.0.0.3 area 0
 network 172.16.0.0 0.0.0.3 area 0
 network 172.16.0.0 0.0.0.255 area 0
 default-information originate
!
router bgp 65000
 bgp log-neighbor-changes
 neighbor 10.0.1.2 remote-as 65001
 neighbor 169.254.13.89 remote-as 7224
 neighbor 169.254.13.89 timers 10 30 30
 neighbor 169.254.13.117 remote-as 7224
 neighbor 169.254.13.117 timers 10 30 30
 neighbor 169.254.14.153 remote-as 7224
 neighbor 169.254.14.153 timers 10 30 30
 neighbor 172.16.0.2 remote-as 65002
 neighbor 209.165.131.6 remote-as 65000
 !
 address-family ipv4
  bgp redistribute-internal
  network 0.0.0.0
  network 10.0.1.0 mask 255.255.255.252
  network 172.16.0.0 mask 255.255.255.252
  neighbor 10.0.1.2 activate
  neighbor 169.254.13.89 activate
  neighbor 169.254.13.89 default-originate
  neighbor 169.254.13.89 soft-reconfiguration inbound
  neighbor 169.254.13.117 activate
  neighbor 169.254.13.117 default-originate
  neighbor 169.254.13.117 soft-reconfiguration inbound
  neighbor 169.254.14.153 activate
  neighbor 169.254.14.153 default-originate
  neighbor 169.254.14.153 soft-reconfiguration inbound
  neighbor 172.16.0.2 activate
  neighbor 209.165.131.6 activate
  neighbor 209.165.131.6 next-hop-self
 exit-address-family
!
ip forward-protocol nd
!
!
ip http server
ip http authentication local
no ip http secure-server
ip nat inside source list NAT interface ATM0/1/0.1 overload
ip nat inside source static tcp 10.0.1.2 443 interface ATM0/1/0.1 443
ip route 192.168.202.0 255.255.255.0 209.168.131.6
!
ip access-list extended NAT
 permit ip any any
ip access-list extended PROTOCOL41
 permit 41 any any
 permit ip any any
 permit gre any any
!
!
!
!
!
!
!
control-plane
!
!
!
!
mgcp profile default
!
!
dial-peer voice 1 voip
 translation-profile outgoing twilio
 destination-pattern [2-9]..[2-9]......
 session protocol sipv2
 session target dns:svr-3cx.pstn.us2.twilio.com
 no voice-class sip early-offer forced
 dtmf-relay rtp-nte
 codec g711ulaw
 no vad
!
dial-peer voice 2 voip
 translation-profile incoming incoming_twilio
 session protocol sipv2
 session target dns:svr-3cx.pstn.us2.twilio.com
 incoming called-number .T
 dtmf-relay rtp-nte
 codec g711ulaw
 no vad
!
dial-peer voice 3 voip
 preference 1
 destination-pattern ...
 session protocol sipv2
 session target ipv4:10.0.30.3
 dtmf-relay rtp-nte
 codec g711ulaw
 no vad
!
dial-peer voice 4 voip
 preference 2
 destination-pattern ...
 session protocol sipv2
 session target ipv4:10.0.30.4
 dtmf-relay rtp-nte
 codec g711ulaw
 no vad
!
dial-peer voice 5 voip
 preference 1
 destination-pattern ...
 session protocol sipv2
 session target ipv4:10.0.30.3
 dtmf-relay rtp-nte
 codec g711ulaw
 no vad
!
dial-peer voice 6 voip
 preference 2
 destination-pattern ...
 session protocol sipv2
 session target ipv4:10.0.30.4
 dtmf-relay rtp-nte
 codec g711ulaw
 no vad
!
dial-peer voice 7 voip
 preference 1
 destination-pattern ...
 session protocol sipv2
 session target ipv4:10.0.30.3
 dtmf-relay rtp-nte
 codec g711ulaw
 no vad
!
dial-peer voice 8 voip
 preference 2
 destination-pattern ...
 session protocol sipv2
 session target ipv4:10.0.30.4
 dtmf-relay rtp-nte
 codec g711ulaw
 no vad
!
!
sip-ua
 credentials username ... password 7 ... realm voicepulse
 authentication username ... password 7 ...
 registrar dns:cucm10.sfo.proxy.voicepulse.com expires 3600
 sip-server dns:cucm10.sfo.proxy.voicepulse.com
 connection-reuse
!
!
!
telephony-service
 max-ephones 10
 max-dn 10
 ip source-address 10.0.1.1 port 2000
 max-conferences 4 gain -6
 transfer-system full-consult
!
!
ephone-dn  1
 number 401
!
!
ephone  1
 device-security-mode none
 mac-address 0015.FAB8.F4E1
 button  1:1
!
!
!
!
line con 0
line aux 0
line vty 0 4
 exec-timeout 0 0
 password cisco
 login local
 transport input all
!
scheduler allocate 20000 1000
end
« Last Edit: May 10, 2017, 06:00:05 PM by kcochran »
Logged

broquea

  • Sr. Network Engineer, HE.NET AS6939
  • Administrator
  • Hero Member
  • *****
  • Posts: 1671
    • View Profile
    • Another IPv6 Blog...
Re: Cannot ping Tunnelbroker server on Cisco 2801
« Reply #3 on: May 10, 2017, 03:17:51 PM »

There.....is no HE tunnel in that config?
Logged

CiscoFanboy

  • Newbie
  • *
  • Posts: 4
    • View Profile
Re: Cannot ping Tunnelbroker server on Cisco 2801
« Reply #4 on: May 10, 2017, 04:06:54 PM »

I forgot I negated the command... lemme put the tunnel in and repost.
Logged

CiscoFanboy

  • Newbie
  • *
  • Posts: 4
    • View Profile
Re: Cannot ping Tunnelbroker server on Cisco 2801
« Reply #5 on: May 10, 2017, 04:11:26 PM »

Code: [Select]
SVR-BRDR#sh run
Building configuration...


Current configuration : 8418 bytes
!
! Last configuration change at 23:10:47 UTC Wed May 10 2017 by ...
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname SVR-BRDR
!
boot-start-marker
boot-end-marker
!
!
logging buffered 10000000
no logging console
enable secret 4 ...
!
no aaa new-model
!
dot11 syslog
ip source-route
!
!
!
!
!
ip cef
ip name-server 10.0.30.2
ip multicast-routing
ipv6 unicast-routing
ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
voice service voip
 ip address trusted list
  ipv4 10.0.30.3
  ipv4 10.0.30.4
  ipv4 54.172.60.0 255.255.254.0
  ipv4 54.244.51.0 255.255.255.0
  ipv4 54.171.127.192 255.255.255.192
  ipv4 54.65.63.192 255.255.255.192
  ipv4 54.169.127.128 255.255.255.192
  ipv4 54.252.254.64 255.255.255.192
  ipv4 177.71.206.192 255.255.255.192
 allow-connections sip to sip
!
!
!
!
voice translation-rule 1
 rule 1 /[2-9]..[2-9]....../ /+1\0/
 rule 2 /.../ /+.../
 rule 3 /.../ /+.../
 rule 4 /.../ /+.../
!
voice translation-rule 2
 rule 1 /\+.../ /.../
 rule 2 /\+.../ /.../
 rule 4 /\+.../ /.../
!
!
voice translation-profile incoming_twilio
 translate called 2
!
voice translation-profile twilio
 translate calling 1
 translate called 1
!
!
voice-card 0
!
!
application
 service caller flash:callername.tcl
  param display_name1 "..."
  param clid_prefix0 ...
  param display_name0 "..."
 !
 session
  start flash:callername.tcl caller
 !
!
!
!
!
!
license udi pid ... sn ...
username ... privilege 15 secret 4 ...
!
redundancy
!
!
!
crypto keyring keyring-vpn-7fc4dc6d-1
  local-address 65.160.208.69
  pre-shared-key address 52.88.53.53 key ...
crypto keyring keyring-vpn-7fc4dc6d-0
  local-address 65.160.208.69
  pre-shared-key address 52.36.226.161 key ...
!
crypto isakmp policy 200
 encr aes
 authentication pre-share
 group 2
 lifetime 28800
!
crypto isakmp policy 201
 encr aes
 authentication pre-share
 group 2
 lifetime 28800
crypto isakmp keepalive 10 10
crypto isakmp profile isakmp-vpn-7fc4dc6d-0
   keyring keyring-vpn-7fc4dc6d-0
   match identity address 52.36.226.161 255.255.255.255
   local-address 65.160.208.69
crypto isakmp profile isakmp-vpn-7fc4dc6d-1
   keyring keyring-vpn-7fc4dc6d-1
   match identity address 52.88.53.53 255.255.255.255
   local-address 65.160.208.69
!
crypto ipsec security-association replay window-size 128
!
crypto ipsec transform-set ipsec-prop-vpn-7fc4dc6d-0 esp-aes esp-sha-hmac
crypto ipsec transform-set ipsec-prop-vpn-7fc4dc6d-1 esp-aes esp-sha-hmac
crypto ipsec df-bit clear
!
crypto ipsec profile ipsec-vpn-7fc4dc6d-0
 set transform-set ipsec-prop-vpn-7fc4dc6d-0
 set pfs group2
!
crypto ipsec profile ipsec-vpn-7fc4dc6d-1
 set transform-set ipsec-prop-vpn-7fc4dc6d-1
 set pfs group2
!
!
!
!
!
!
!
interface Tunnel0
 description Hurricane Electric IPv6 Tunnel Broker
 no ip address
 ipv6 address 2001:470:C:11BD::2/64
 ipv6 enable
 tunnel source 65.160.208.69
 tunnel mode ipv6ip
 tunnel destination 66.220.18.42
!
interface Tunnel1
 ip address 169.254.14.154 255.255.255.252
 ip virtual-reassembly in
 ip tcp adjust-mss 1379
 tunnel source 65.160.208.69
 tunnel mode ipsec ipv4
 tunnel destination 52.36.226.161
 tunnel protection ipsec profile ipsec-vpn-7fc4dc6d-0
!
interface Tunnel2
 ip address 169.254.13.90 255.255.255.252
 ip virtual-reassembly in
 ip tcp adjust-mss 1379
 tunnel source 65.160.208.69
 tunnel mode ipsec ipv4
 tunnel destination 52.88.53.53
 tunnel protection ipsec profile ipsec-vpn-7fc4dc6d-1
!
interface Tunnel3
 ip address 209.165.131.5 255.255.255.252
 tunnel source ATM0/1/0.1
 tunnel destination 71.33.246.52
!
interface Tunnel4
 ip address 172.16.0.1 255.255.255.252
 tunnel source ATM0/1/0.1
 tunnel destination 68.108.24.65
!
interface FastEthernet0/0
 ip address 10.0.1.1 255.255.255.252
 ip pim dense-mode
 ip nat inside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 123.12.1.1 255.255.255.252
 duplex auto
 speed auto
!
interface ATM0/1/0
 no ip address
 no atm ilmi-keepalive
!
interface ATM0/1/0.1 point-to-point
 ip address dhcp
 ip access-group PROTOCOL41 in
 ip nat outside
 ip virtual-reassembly in
 atm route-bridged ip
 pvc 8/35
  encapsulation aal5snap
 !
!
router ospf 1
 network 10.0.1.0 0.0.0.3 area 0
 network 172.16.0.0 0.0.0.3 area 0
 network 172.16.0.0 0.0.0.255 area 0
 default-information originate
!
router bgp 65000
 bgp log-neighbor-changes
 neighbor 10.0.1.2 remote-as 65001
 neighbor 169.254.13.89 remote-as 7224
 neighbor 169.254.13.89 timers 10 30 30
 neighbor 169.254.13.117 remote-as 7224
 neighbor 169.254.13.117 timers 10 30 30
 neighbor 169.254.14.153 remote-as 7224
 neighbor 169.254.14.153 timers 10 30 30
 neighbor 172.16.0.2 remote-as 65002
 neighbor 209.165.131.6 remote-as 65000
 !
 address-family ipv4
  bgp redistribute-internal
  network 0.0.0.0
  network 10.0.1.0 mask 255.255.255.252
  network 172.16.0.0 mask 255.255.255.252
  neighbor 10.0.1.2 activate
  neighbor 169.254.13.89 activate
  neighbor 169.254.13.89 default-originate
  neighbor 169.254.13.89 soft-reconfiguration inbound
  neighbor 169.254.13.117 activate
  neighbor 169.254.13.117 default-originate
  neighbor 169.254.13.117 soft-reconfiguration inbound
  neighbor 169.254.14.153 activate
  neighbor 169.254.14.153 default-originate
  neighbor 169.254.14.153 soft-reconfiguration inbound
  neighbor 172.16.0.2 activate
  neighbor 209.165.131.6 activate
  neighbor 209.165.131.6 next-hop-self
 exit-address-family
!
ip forward-protocol nd
!
!
ip http server
ip http authentication local
no ip http secure-server
ip nat inside source list NAT interface ATM0/1/0.1 overload
ip nat inside source static tcp 10.0.1.2 443 interface ATM0/1/0.1 443
ip route 192.168.202.0 255.255.255.0 209.168.131.6
!
ip access-list extended NAT
 permit ip any any
ip access-list extended PROTOCOL41
 permit 41 any any
 permit ip any any
 permit gre any any
!
ipv6 route ::/0 Tunnel0
!
!
!
!
!
!
control-plane
!
!
!
!
mgcp profile default
!
!
dial-peer voice 1 voip
 translation-profile outgoing twilio
 destination-pattern [2-9]..[2-9]......
 session protocol sipv2
 session target dns:svr-3cx.pstn.us2.twilio.com
 no voice-class sip early-offer forced
 dtmf-relay rtp-nte
 codec g711ulaw
 no vad
!
dial-peer voice 2 voip
 translation-profile incoming incoming_twilio
 session protocol sipv2
 session target dns:svr-3cx.pstn.us2.twilio.com
 incoming called-number .T
 dtmf-relay rtp-nte
 codec g711ulaw
 no vad
!
dial-peer voice 3 voip
 preference 1
 destination-pattern ...
 session protocol sipv2
 session target ipv4:10.0.30.3
 dtmf-relay rtp-nte
 codec g711ulaw
 no vad
!
dial-peer voice 4 voip
 preference 2
 destination-pattern ...
 session protocol sipv2
 session target ipv4:10.0.30.4
 dtmf-relay rtp-nte
 codec g711ulaw
 no vad
!
dial-peer voice 5 voip
 preference 1
 destination-pattern ...
 session protocol sipv2
 session target ipv4:10.0.30.3
 dtmf-relay rtp-nte
 codec g711ulaw
 no vad
!
dial-peer voice 6 voip
 preference 2
 destination-pattern ...
 session protocol sipv2
 session target ipv4:10.0.30.4
 dtmf-relay rtp-nte
 codec g711ulaw
 no vad
!
dial-peer voice 7 voip
 preference 1
 destination-pattern ...
 session protocol sipv2
 session target ipv4:10.0.30.3
 dtmf-relay rtp-nte
 codec g711ulaw
 no vad
!
dial-peer voice 8 voip
 preference 2
 destination-pattern ...
 session protocol sipv2
 session target ipv4:10.0.30.4
 dtmf-relay rtp-nte
 codec g711ulaw
 no vad
!
!
sip-ua
 credentials username ... password 7 ... realm voicepulse
 authentication username ... password 7 ...
 registrar dns:cucm10.sfo.proxy.voicepulse.com expires 3600
 sip-server dns:cucm10.sfo.proxy.voicepulse.com
 connection-reuse
!
!
!
telephony-service
 max-ephones 10
 max-dn 10
 ip source-address 10.0.1.1 port 2000
 max-conferences 4 gain -6
 transfer-system full-consult
!
!
ephone-dn  1
 number 401
!
!
ephone  1
 device-security-mode none
 mac-address 0015.FAB8.F4E1
 button  1:1
!
!
!
!
line con 0
line aux 0
line vty 0 4
 exec-timeout 0 0
 password cisco
 login local
 transport input all
!
scheduler allocate 20000 1000
end

Here is the config now that I have put in the tunnel from the tunnel broker
« Last Edit: May 10, 2017, 06:01:23 PM by kcochran »
Logged