Re: (ASCEND) Static routes to an ATMP tunnel

To: David Ponzone <david@isdnet.net>
Subject: Re: (ASCEND) Static routes to an ATMP tunnel
From: Matt Holdrege <matt@ascend.com>
Date: Wed, 18 Jun 1997 06:51:17 -0700
Cc: ascend-users@bungi.com
In-Reply-To: <199706181326.PAA00560@emma.isdnet.net>
Sender: owner-ascend-users@max.bungi.com

At 03:26 PM 6/18/97 +0200, David Ponzone wrote:
>
>When playing with ATMP stuff, I encountered the following
>problem:
>
>I defined the following profile in RADIUS, for the mobile node
>connecting the foreign agent:
>
>foo     Password = "ascend-rules"
>        User-Service = Framed-User,
>        Framed-Protocol = PPP,
>        Framed-Routing = None,
>        Framed-Address = 172.16.1.1,
>        Framed-Netmask = 255.255.255.0,
>        Framed-Route = "172.16.2.0/24 172.16.1.1 1",
>        Ascend-Idle-Limit = 600,
>        Ascend-Home-Agent-IP-Addr = 10.0.0.1,
>        Ascend-Home-Agent-Password = "home-max", 
>        Ascend-Home-Agent-UDP-Port = 5150
>
>Once foo is connected to the FA, I see a route for 172.16.1.0/24
>with gateway tunnel0 on the Home agent, but nothing about
>172.16.2.0/24.
>sh ip route gives:
>172.16.1.0/24     -               tunnel0  ?      100   2       3       5
>
>I tried to add static routes for 172.16.2.0/24 on FA and/or HA,
>but it doesn't help.
>(a traceroute to 172.16.2.x stops after the HA with * * *, when
>the mobile node -172.16.1.1- should answer).
>Of course, a traceroute to 172.16.1.1 works perfectly.
>
>It seems the tunnel is not usable as a real interface, as it is
>with a GRE tunnel on a Cisco.
>
>This is quite ennoying, and doesn't help when building intranet,
>as the static routing flexibilty is quite decreased.
>
>Is this a normal behaviour, or a bug ?
>Is there a solution, or can we expect this will be solved soon ?

I'm not sure what exactly you are trying to do. You say you can ping the
mobile node, which shows the tunnel is working. This interface should NOT
be usable as a normal interface. One of the reasons for VPN's is security.
Can you sketch out what exactly you need? Or get with a local Ascend SE who
might be able to help in person?


Matt Holdrege  -  http://www.ascend.com  -  matt@ascend.com
++ Ascend Users Mailing List ++
To unsubscribe:	send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd:	<http://www.shore.net/~dreaming/ascend-faq>
or		<ftp://ftp.shore.net/members/dreaming/ascend-faq.txt>

Follow-Ups:

Re: (ASCEND) Static routes to an ATMP tunnel

From: David Ponzone <david@isdnet.net>

References:

(ASCEND) Static routes to an ATMP tunnel

From: David Ponzone <david@isdnet.net>

Prev by Date: Re: (ASCEND) Static routes to an ATMP tunnel
Next by Date: (ASCEND) Ascend Radius ??
Prev by thread: (ASCEND) Static routes to an ATMP tunnel
Next by thread: Re: (ASCEND) Static routes to an ATMP tunnel
Index(es):
- Main
- Thread