HHowdy yall. Hoping you can help me with a problem. I have a 904 setup for t1 with a wan of And subnet and lan for eth 0/1 of When I put in a dhcp of and exclude all ips from 0-72 and a gateway if fails to give out the rightt ip addresses. It gives out something that starts with 169.??? Also for DNS should I put in the isp DNS in the main DNS setup page and then put in the primary DNS under DHCP? I am also hooking this up to 2 wireless routers so should I put these into bridge mode to give out the Internet? Thanks in advance.
FOrgot to add in routing table I have and and interface t1 . Plus there are 3 others that I can't seem to get rid of.
Hi drlebel:
It seems like you might be dealing with two or three separate concerns.
IP addresses beginning with 169 are "holding place" addresses which indicate that the client did not obtain a DHCP lease from a server. The cause is difficult to guess without more information. Misconfiguration of the DHCP server, Layer 1 or Layer 2 connection issues may have bearing.
As a staring point, would you mind attaching your config to this discussion? Be sure to edit out any sensitive information such as passwords and preshared keys.
The route table will show a Connected route pertaining to each interface. This may be what you observed.
ookay I fixed the dhcp by changing the exclusions to 1-72. 0-72 really messed it up. And the DNS is working well. I am still having trouble with my 2 wireless routers Down the line. I have changed them to access points and disabled dhcp and put in Adtran eth0/1 ip in the proper gateway with no luck. Should I change the ip of the wireless router to be on same subnet as the Adtran? Also should I enable dhcp forwarding oR just disable dhcp. thanks. Should I place the routers in another moDe? Thanks.
Good find!
I'm not sure what to recommend as the best configuration, but I think you could disable DHCP and/or DHCP forwarding in the WiFi routers and connect a LAN/private interface of the WiFi routers to the same LAN as the ADTRAN Total Access. Without understanding more about your products, this general approach should bridge WiFi clients to the LAN. DHCP, DNS and everything else should work just like a wired device.
Changing the Ip and subnet to match the adtran and Dhcp forwarding did the trick. Thanks for the help. One last thing my download speed is only .6mbits per second while the upload is 1.4. It was my understanding that T1 should do 1.5mbits both ways. Is there any thing I should tweak or check that might only effect the download speed. Thanks
So this is really strange and I wanted to run it by yall. All IPs from the above 904 router from work and get out to the internet. All other Ips either before 72 or after will not get out to the internet. I really need more Ips than that to work with. Now my Lan block from the ISP is which I know is only for 8 subnets and wasnt sure if this was the problem or if the router was the culprit. Thanks
Hi drlebel:
Your /29 block provides 8 addresses, but is the network address and is the broadcast address. All IPv4 subnets must consume the top and bottom addresses for use as the network and broadcast addr... This leaves 6 usable addresses. Your ISP must use one of them as their gateway address, leaving only 5 for your ADTRAN firewall.
This is why ISPs commonly offer single static IPv4 addresses (/30 is a 4-address subnet; top/bottom are used for network/brodcast; 1 of the remaining 2 are used by ISP as the gateway address), 5-IP blocks (/29 like in your case), 13-IP blocks (/28 is a 16-address subnet but the same network/broadcast/gateway requirements are in place), and so on.
Your options are, generally, ordering a larger IP block (and probably giving up your existing IP addresses), adding a secondary Internet connection (from the same ISP or another carrier), or using the same IPs for multiple services. For example, you might have a web server and a SIP server. Both services can share the same external IP address. NAT traffic to on TCP port 80/443 to the web server and traffic to on UDP port 5060 to the SIP server. If you have more than 5 of the same type of server and need them all working on the same port number (e.g., five web servers all listening on TCP port 443 for HTTPS), then you may need more external IP addresses, assuming none of them can move to alternate port numbers.
Please let us know whether this helps or if you have additional questions!
well that makes a lot of sense. So I did the firewall wizard And it created a public some on the PPP t1 line and a private on ethernet 0/1. 2 policies in private one is total traffic to 904 allow self bound destination of and the other is nat list wizard-ics with nat policy source with overloading on interface PPP. No policies on the public. But this still doesn't seem to being the trick. No traffic getting through to Internet On any ips now.
The firewall wizard will replace your security zone policies with all new policies, so use with caution. It's meant to simplify setup of a new unit but shouldn't be used once the unit is configured. To manage the firewall after original installation, view a Security Zone and move/add/change/delete policies.
Do you have a backup of the previous configuration? If you can attach your config (be sure to edit the file to hide passwords and any other sensitive information), perhaps we can help you with changes.
Here is the config. Nothing fancy server wise. Just want to share internet into the home business across about 15 things. What should i change in NAT? Previous to the firewall wizard, I had no firewall settings so there was nothing to overide. THis is a first time setup for the router.
ADTRAN, Inc. OS version R11.4.2.E
! Boot ROM version 14.04.00
! Platform: Total Access 904 (2nd Gen), part number 4212904L1
! Serial number CFG0876665
hostname "TA904"
clock timezone -6-Central-Time
ip subnet-zero
ip classless
ip default-gateway
ip routing
domain-name "home"
no auto-config
event-history on
no logging forwarding
no logging email
no service password-encryption
ip firewall
no ip firewall alg msn
no ip firewall alg mszone
no ip firewall alg h323
dot11ap access-point-control
bridge irb
bridge 1 protocol ieee
ip dhcp excluded-address
ip dhcp pool ""
domain-name "home"
interface eth 0/1
ip address
ip access-policy Private
no awcp
no shutdown
interface t1 0/1
description Windstream
tdm-group 1 timeslots 1-24 speed 64
no shutdown
interface t1 0/2
interface fxs 0/1
no shutdown
interface fxs 0/2
no shutdown
interface fxs 0/3
no shutdown
interface fxs 0/4
no shutdown
interface ppp 1
description ppp 1
ip address
ip mtu 1500
ip access-policy Public
no shutdown
cross-connect 1 t1 0/1 1 ppp 1
ip access-list standard wizard-ics
remark Internet Connection Sharing
permit any
ip access-list extended self
remark Traffic to Total Access
permit ip any any log
ip policy-class Private
allow list self self
nat source list wizard-ics interface ppp 1 overload
ip policy-class Public
! Implicit discard
ip route ppp 1
no tftp server
no tftp server overwrite
http server
http secure-server
no snmp agent
no ip ftp server
no ip scp server
no ip sntp server
sip udp 5060
no sip tcp
voice feature-mode network
voice forward-mode network
line con 0
no login
line telnet 0 4
no shutdown
line ssh 0 4
login local-userlist
no shutdown