Solved: Re: Cisco 861 WAN changed from DHCP to Static IP and now can't p

eceflyboy · ‎01-22-2011

Hello,

My old office uses Cisco 861 as a VPN router, with the WAN side setup to receive a dynamic IP assigned by Time Warner cable. Now we switched to a new office, with TowerStream which provide 4G SLA'ed 10Mbit service with static IP, and I get a Cat 5 ethernet down from it.

So all I did, was to go my "interface FastEthernet4", and typed

ip address 173.243.123.123 255.255.255.252.

Changed speed to "speed 100" and "full-duplex" (as instructed by the ISP).

I also did "ip default-gateway 173.243.123.124", which is the default gate way assigned by the ISP.

I also typed "ip name-server 64.17.123.123" to setup the new DNS, am I doing anything wrong? I can't even use the router to ping google, but if I connect the laptop directly to the outside line, then it works, so I know the outside line is good.

Am I not doing something right? Why can't I connect to the internet? I wasted several hours already trying everything in my book to trouble shoot a supposedly very simple configuration change. Do I need to change something related to NAT when changing to Static IP? My NAT was working just fine before when under DHCP.

Thanks for the help!

The below is my full config (some IPs changed to preserve anonymity):

=============================================

Building configuration...

Current configuration : 16628 bytes

!

version 12.4

no service pad

service tcp-keepalives-in

service tcp-keepalives-out

service timestamps debug datetime msec localtime show-timezone

service timestamps log datetime msec localtime show-timezone

service password-encryption

service sequence-numbers

!

hostname PureGate

!

boot-start-marker

boot-end-marker

!

logging message-counter syslog

logging buffered 51200 informational

enable secret 5 adsfasdf

enable password 7 asdfasdfdasf

!

aaa new-model

!

aaa authentication login default local

aaa authentication login ciscocp_vpn_xauth_ml_1 local

aaa authorization exec default local

aaa authorization network ciscocp_vpn_group_ml_1 local

!

aaa session-id common

clock timezone PCTime -8

clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00

!

crypto pki trustpoint TP-self-signed-1245995727

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-1245995727

revocation-check none

rsakeypair TP-self-signed-1245995727

!

crypto pki trustpoint test_trustpoint_config_created_for_sdm

subject-name e=sdmtest@sdmtest.com

revocation-check crl

!

crypto pki certificate chain TP-self-signed-1234213421342134

certificate self-signed 01

adsfasdfadfasdfasdfasf

quit

crypto pki certificate chain test_trustpoint_config_created_for_sdm

no ip source-route

!

ip dhcp pool ccp-pool1

import all

network 10.2.2.0 255.255.255.0

default-router 10.2.2.1

dns-server 10.2.2.1

domain-name local

!

ip dhcp update dns

ip cef

ip domain name local

ip host local ns ns.local

ip host trac.local 10.2.2.7

ip host ns.local 10.2.2.1

ip host-list members.dyndns.org

ip host-list mydomain.dyndns.org

ip name-server 64.17.123.123

ip name-server 64.17.123.124

ip name-server 4.2.2.1

ip ddns update method ccp_ddns

HTTP

add http://mydomain:passwd@members.dyndns.org/nic/update?system=dyndns&hostname=passwd@members.dyndns.org/nic/update?system=dyndns&hostname=<h>&myip=<a>

remove http://mydomain:passwd@members.dyndns.org/nic/update?system=dyndns&hostname=passwd@members.dyndns.org/nic/update?system=dyndns&hostname=<h>&myip=<a>

interval maximum 28 0 0 0

interval minimum 28 0 0 0

!

ip dhcp-client update dns server both

!

parameter-map type regex ccp-regex-nonascii

pattern [^\x00-\x80]

parameter-map type protocol-info msn-servers

server name messenger.hotmail.com

server name gateway.messenger.hotmail.com

server name webmessenger.msn.com

parameter-map type protocol-info aol-servers

server name login.oscar.aol.com

server name toc.oscar.aol.com

server name oam-d09a.blue.aol.com

parameter-map type protocol-info yahoo-servers

server name scs.msg.yahoo.com

server name scsa.msg.yahoo.com

server name scsb.msg.yahoo.com

server name scsc.msg.yahoo.com

server name scsd.msg.yahoo.com

server name cs16.msg.dcn.yahoo.com

server name cs19.msg.dcn.yahoo.com

server name cs42.msg.dcn.yahoo.com

server name cs53.msg.dcn.yahoo.com

server name cs54.msg.dcn.yahoo.com

server name ads1.vip.scd.yahoo.com

server name radio1.launch.vip.dal.yahoo.com

server name in1.msg.vip.re2.yahoo.com

server name data1.my.vip.sc5.yahoo.com

server name address1.pim.vip.mud.yahoo.com

server name edit.messenger.yahoo.com

server name messenger.yahoo.com

server name http.pager.yahoo.com

server name privacy.yahoo.com

server name csa.yahoo.com

server name csb.yahoo.com

server name csc.yahoo.com

!

username admin privilege 15 secret 5 asdfasdfasdfas

username user2 privilege 15 secret 5 adsfasdfasdfas

!

crypto logging ezvpn

!

crypto isakmp policy 1

encr 3des

authentication pre-share

group 2

crypto isakmp client configuration address-pool local SDM_POOL_1

!

crypto isakmp client configuration group Company

key sdfgsdfgdsgsd

dns 4.2.2.1 4.2.2.2

pool SDM_POOL_1

acl 102

include-local-lan

max-users 100

netmask 255.255.255.0

banner ^CWelcome to company VPN! Split tunneling is enabled. ^C

!

crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac

!

crypto ipsec profile CiscoCP_Profile1

set security-association idle-time 3600

set transform-set ESP-3DES-SHA

set isakmp-profile ciscocp-ike-profile-1

!

crypto ctcp port 10000

archive

log config

hidekeys

!

ip tcp synwait-time 10

!

class-map type inspect match-any SDM_HTTPS

match access-group name SDM_HTTPS

class-map type inspect match-any SDM_SSH

match access-group name SDM_SSH

class-map type inspect match-any SDM_SHELL

match access-group name SDM_SHELL

class-map type inspect match-any sdm-cls-access

match class-map SDM_HTTPS

match class-map SDM_SSH

match class-map SDM_SHELL

class-map type inspect imap match-any ccp-app-imap

match invalid-command

class-map type inspect match-any SDM_AH

match access-group name SDM_AH

class-map type inspect match-any CCP-Voice-permit

match protocol h323

match protocol skinny

match protocol sip

class-map type inspect match-any ccp-cls-insp-traffic

match protocol cuseeme

match protocol dns

match protocol ftp

match protocol h323

match protocol https

match protocol icmp

match protocol imap

match protocol pop3

class-map type inspect match-all ccp-insp-traffic

match class-map ccp-cls-insp-traffic

class-map type inspect match-any SDM_IP

match access-group name SDM_IP

class-map type inspect match-any SDM_ESP

match access-group name SDM_ESP

class-map type inspect match-any SDM_EASY_VPN_SERVER_TRAFFIC

match protocol isakmp

match protocol ipsec-msft

match class-map SDM_AH

match class-map SDM_ESP

class-map type inspect match-all SDM_EASY_VPN_SERVER_PT

match class-map SDM_EASY_VPN_SERVER_TRAFFIC

class-map type inspect ymsgr match-any ccp-app-yahoo-otherservices

match service any

class-map type inspect msnmsgr match-any ccp-app-msn-otherservices

match service any

class-map type inspect match-any ccp-cls-icmp-access

match protocol icmp

match protocol tcp

match protocol udp

class-map type inspect match-any ccp-cls-protocol-im

match protocol ymsgr yahoo-servers

match protocol msnmsgr msn-servers

match protocol aol aol-servers

class-map type inspect aol match-any ccp-app-aol-otherservices

match service any

class-map type inspect match-all ccp-protocol-pop3

match protocol pop3

class-map type inspect pop3 match-any ccp-app-pop3

match invalid-command

class-map type inspect match-all sdm-access

match class-map sdm-cls-access

match access-group 101

class-map type inspect msnmsgr match-any ccp-app-msn

match service text-chat

class-map type inspect ymsgr match-any ccp-app-yahoo

match service text-chat

class-map type inspect match-all ccp-protocol-im

match class-map ccp-cls-protocol-im

class-map type inspect match-all ccp-invalid-src

match access-group 100

class-map type inspect match-all ccp-icmp-access

match class-map ccp-cls-icmp-access

class-map type inspect http match-any ccp-app-httpmethods

match request method bcopy

match request method bdelete

match request method bmove

match request method bpropfind

match request method bproppatch

match request method connect

match request method copy

match request method delete

match request method edit

match request method getattribute

match request method getattributenames

match request method getproperties

match request method index

match request method lock

match request method mkcol

match request method mkdir

match request method move

match request method notify

match request method options

match request method poll

match request method propfind

match request method proppatch

match request method put

match request method revadd

match request method revlabel

match request method revlog

match request method revnum

match request method save

match request method search

match request method setattribute

match request method startrev

match request method stoprev

match request method subscribe

match request method trace

match request method unedit

match request method unlock

match request method unsubscribe

class-map type inspect http match-any ccp-http-blockparam

match request port-misuse im

match request port-misuse p2p

match req-resp protocol-violation

class-map type inspect match-all ccp-protocol-imap

match protocol imap

class-map type inspect aol match-any ccp-app-aol

match service text-chat

class-map type inspect match-all ccp-protocol-http

match protocol http

class-map type inspect http match-any ccp-http-allowparam

match request port-misuse tunneling

!

interface Null0

no ip unreachables

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

!

interface FastEthernet4

description $ES_WAN$$FW_OUTSIDE$$ETH-WAN$

ip dhcp client update dns server none

ip ddns update hostname members.dyndns.org

ip ddns update ccp_ddns1

ip address 173.243.123.123 255.255.255.252

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

ip flow egress

ip nat outside

ip nat enable

ip virtual-reassembly

speed 100

full-duplex

!

interface Virtual-Template1 type tunnel

ip unnumbered Vlan1

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

ip flow egress

ip nat inside

ip virtual-reassembly

tunnel mode ipsec ipv4

tunnel protection ipsec profile CiscoCP_Profile1

!

interface Vlan1

description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$

ip address 10.2.2.1 255.255.255.0

no ip redirects

no ip unreachables

ip flow ingress

ip flow egress

ip nat inside

ip virtual-reassembly

ip tcp adjust-mss 1452

!

ip local pool SDM_POOL_1 10.2.2.100 10.2.2.254

ip default-gateway 173.243.123.124

ip forward-protocol nd

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

ip flow-top-talkers

top 100

sort-by bytes

cache-timeout 1000

!

ip dns server

ip nat inside source list 1 interface FastEthernet4 overload

ip nat inside source static tcp 10.0.0.12 80 interface FastEthernet4 999

!

ip access-list extended DYNDNS

permit tcp host 204.13.248.112 eq 443 any established log

ip access-list extended SDM_AH

remark CCP_ACL Category=1

permit ahp any any

ip access-list extended SDM_ESP

remark CCP_ACL Category=1

permit esp any any

ip access-list extended SDM_HTTPS

remark CCP_ACL Category=1

permit tcp any any eq 443

ip access-list extended SDM_IP

remark CCP_ACL Category=1

permit ip any any

ip access-list extended SDM_SHELL

remark CCP_ACL Category=1

permit tcp any any eq cmd

ip access-list extended SDM_SSH

remark CCP_ACL Category=1

permit tcp any any eq 22

ip access-list extended VNC

permit tcp any any eq 999

ip access-list extended kwVNC

remark CCP_ACL Category=1

remark kwVNC

permit tcp any host 10.0.0.19 eq 999

!

access-list 1 remark INSIDE_IF=Vlan1

access-list 1 remark CCP_ACL Category=2

access-list 1 permit 10.0.0.0 0.0.0.255

access-list 1 permit 10.2.2.0 0.0.0.255

access-list 2 permit 10.0.0.20

access-list 2 remark CCP_ACL Category=1

access-list 2 permit 10.0.0.21

access-list 3 remark CCP_ACL Category=1

access-list 3 permit 10.0.0.11

access-list 3 permit 10.0.0.15

access-list 4 remark CCP_ACL Category=1

access-list 4 permit 10.0.0.14

access-list 4 permit 10.0.0.16

access-list 10 remark CCP_ACL Category=16

access-list 10 permit 10.0.0.19

access-list 100 remark CCP_ACL Category=128

access-list 100 permit ip host 255.255.255.255 any

access-list 100 permit ip 127.0.0.0 0.255.255.255 any

access-list 101 remark CCP_ACL Category=128

access-list 101 permit ip any any

access-list 102 remark CCP_ACL Category=4

access-list 102 permit ip 10.2.2.0 0.0.0.255 any

no cdp run

!

control-plane

!

banner exec ^C

cadet alain · ‎01-23-2011

Hi,

change

ip route 0.0.0.0 0.0.0.0 interface fastethernet 4

to

ip route 0.0.0.0 0.0.0.0 173.243.123.124

Regards.

Alain.

Don't forget to rate helpful posts.

View solution in original post

iain.stewart · ‎01-25-2011

It was a test lab I had and I changed the default gate address on a router, and had

to ammend the DHCP. When I done this the ubuntu box had a new IP in the correct subnet but couldn't ping

a remote router or access the internet.

From the Ubuntu box, I removed all DHCP setting and set the nic to manual and manually entered a new IP address, subnet mask and default gateway, I then applied this to the box.

I then went back in and cleared these setting so that the IP address, Subnet mask and default gateway where blank. I may have hit ok and tried to apply these, I then went back in and made sure all setting where blank set the nic to DHCP applied and all worked.

The issue was on the ubuntu box for me, it just kept hold of the old default gateway for some strange reason.

View solution in original post

cadet alain · ‎01-26-2011

Hi,

to sniff traffic on linux bow use tcpdump.

Looking at your arp caches you haven't got the same mapping for 10.2.2.1 on linux and windows.

On windows the MAC is the MAC address of the Cisco router but on the linux box it corresponds to a netgear box.

Regards.

Alain.

Don't forget to rate helpful posts.

View solution in original post

Jernej Vodopivec · ‎01-22-2011

Can you ping 173.243.123.124 from router?

I think the problem is with default gateway: try to run these commands:

no ip default-gateway 173.243.123.124

ip route 0.0.0.0 0.0.0.0 interface fastethernet 4

After that ping some external IP address from your router.

cadet alain · ‎01-23-2011

Hi,

change

ip route 0.0.0.0 0.0.0.0 interface fastethernet 4

to

ip route 0.0.0.0 0.0.0.0 173.243.123.124

Regards.

Alain.

Don't forget to rate helpful posts.

eceflyboy · ‎01-23-2011

Wow, that worked! Thanks! Both:

ip route 0.0.0.0 0.0.0.0 interface fastethernet 4

and

ip route 0.0.0.0 0.0.0.0 173.243.123.124

allowed me to connect to the internet. Is the later how you are supposed to connect to a "default gateway"?

Now the question is, what exactly does the "ip route" command do, and why was it necessary when configuring static IP? How come I didn't previously need it when my ISP provided dynamic IP?

Thanks both again for saving me hours of agony.

Jernej Vodopivec · ‎01-23-2011

Now the question is, what exactly does the "ip route" command do

"ip route x.x.x.x m.m.m.m g.g.g.g" adds a static route (x - network address, m - network mask, g - gateway address)

"ip route 0.0.0.0 0.0.0.0 IP" adds a default static route

why was it necessary when configuring static IP?  How come I didn't 
previously need it when my ISP provided dynamic IP?

Before you changed the configuration from dynamic to static IP configuration, ISP's DHCP server has send you all network parameteres, including default gateway address. After you've changed to static you have to enter all parameters manually, including default gateway address.

Usually DHCP servers sends IP address, network mask, default gateway address and DNS servers but can be configured to send many more parameters.

eceflyboy · ‎01-23-2011

Thanks, that was very useful information. So basically, adding a static route to either the gate way IP or FastEthernet4 is like adding a default gateway, one of the parameters that the DHCP usually provides right?

Now I have a different problem. So my router is now configured for static IP, and the router acts as a DHCP client to assign IP to all my servers in my subnet. The laptops are fine, but my Ubuntu Linux box is having trouble getting a default gate way assigned automatically by the Cisco 861.

Do you know why? Here is my Ubuntu's routing table

*** When it boots up, you can see there is no default route.

root@dev-server:/home/developer# netstat -nr

Kernel IP routing table

Destination Gateway Genmask Flags MSS Window irtt Iface

10.2.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0

169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0

*** After I added a default route to my subnet 10.2.2.0:

root@dev-server:/home/developer# route add default gw 10.2.2.1
root@dev-server:/home/developer# netstat -nr

Kernel IP routing table

Destination Gateway Genmask Flags MSS Window irtt Iface

10.2.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0

169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0

0.0.0.0 10.2.2.1 0.0.0.0 UG 0 0 0 eth0

However, my Linux box still can't ping the internet! This is driving me crazy.

I suspect this section of code might be the culprit.

ip dhcp pool ccp-pool1

import all <-- this imports the DHCP info from the ISP right? But now the ISP doesn't give any DHCP info, this is quite useless? Taking it out doesn't seem to improve the situation.

network 10.2.2.0 255.255.255.0

default-router 10.2.2.1

dns-server 10.2.2.1

domain-name local

?

Any help would be deeply appreciated. Tomorrow is Monday and this is a dev server in production that our devs needs to be able to use and upload files to the internet. Thanks!

cadet alain · ‎01-24-2011

Hi,

Can you confirm your Linux Box is receiving an ip address with dhcp. type ifconfig -a and post here.

You can also do a debug ip dhcp server event on your router while renewing your lease.

Regards.

Alain.

Don't forget to rate helpful posts.

eceflyboy · ‎01-24-2011

Here is the result of the Linux server's "ifconfig":

root@dev-server:/home/myname# ifconfig

eth0 Link encap:Ethernet HWaddr 00:26:b9:89:64:de

inet addr:10.2.2.7 Bcast:10.2.2.255 Mask:255.255.255.0

inet6 addr: fe80::226:b9ff:fe89:64de/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:7335 errors:0 dropped:0 overruns:0 frame:0

TX packets:3218 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:1471319 (1.4 MB) TX bytes:769095 (769.0 KB)

Interrupt:16 Memory:da000000-da012800

eth1 Link encap:Ethernet HWaddr 00:26:b9:89:64:df

UP BROADCAST MULTICAST MTU:1500 Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

Interrupt:17 Memory:dc000000-dc012800

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

inet6 addr: ::1/128 Scope:Host

UP LOOPBACK RUNNING MTU:16436 Metric:1

RX packets:390 errors:0 dropped:0 overruns:0 frame:0

TX packets:390 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:156015 (156.0 KB) TX bytes:156015 (156.0 KB)

eceflyboy · ‎01-24-2011

And the Ubuntu server in question resides on 10.2.2.7:

Here is the DHCP binding that I have assigned to it.

ip dhcp pool Trac

host 10.2.2.7 255.255.255.0

hardware-address 1234.1234.1234

client-name dev-server

dns-server 10.2.2.1

!

I tried to add a default gateway of 10.2.2.1 (my router's IP) but the Linux box still refuses to ping the outside world, while my router and my windows laptops are able to connect fine. Our Mac users have reported instability and have to restart the mac's network interface once in a while.

This leads me to believe that some of the DHCP parameters are not passed correctly to the machines in the subnet; since the router no longer receives full DHCP parameters from the ISP, and what's passed down to the subnet is all manually configured parameters.

cadet alain · ‎01-24-2011

Hi,

Is this MAC the real physical address? why did you change it? Can you try with client-identifier 0112.3412.3412.34 instead of hardware-address?

http://www.cisco.com/en/US/docs/ios/12_2/ip/configuration/guide/1cfdhcp.html#wp1001108

Regards.

Alain.

Don't forget to rate helpful posts.

eceflyboy · ‎01-24-2011

oh, because I was reluctant to post our real mac addresses on the internet, but here are the real dhcp bindings for this server:

ip dhcp pool Trac

host 10.2.2.7 255.255.255.0

hardware-address 0026.b989.64de

client-name dev-server

dns-server 10.2.2.1

default-router 10.2.2.1

!

cadet alain · ‎01-24-2011

Hi,

So is this Linux box getting an ip address with dhcp? -----> ifconfig

when you do an ifconfig down then ifconfig up and at same time issue debug ip dhcp server event on router what happens ?

if you use regular pool and not a static binding is it the same?

Regards.

Alain.

Don't forget to rate helpful posts.

eceflyboy · ‎01-24-2011

Hello,

Yes the Linux server is getting a DHCP IP correctly. Very strange. And I did:

ip dhcp pool Trac

host 10.2.2.7 255.255.255.0

hardware-address 0026.b989.64de

client-name dev-server

dns-server 10.2.2.1

default-router 10.2.2.1

!

Because client-identifier wasn't working for me before, I thought we only use client-identifier for windows, and hardware-address for Linux boxes.

This all has worked before in our old office where we were getting a DHCP IP from the ISP. I didn't think switching over to static IP address would be this painful....

If I don't use the DHCP binding pool the result is this when I restart the network interface:

root@dev-server:~$ netstat -nr

Kernel IP routing table

Destination Gateway Genmask Flags MSS Window irtt Iface

10.2.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0

169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0

root@dev-server:~$ ifconfig -a

eth0 Link encap:Ethernet HWaddr 00:26:b9:89:64:de

inet addr:10.2.2.7 Bcast:10.2.2.255 Mask:255.255.255.0

inet6 addr: fe80::226:b9ff:fe89:64de/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:377 errors:0 dropped:0 overruns:0 frame:0

TX packets:248 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:52842 (52.8 KB) TX bytes:56350 (56.3 KB)

Interrupt:16 Memory:da000000-da012800

eth1 Link encap:Ethernet HWaddr 00:26:b9:89:64:df

UP BROADCAST MULTICAST MTU:1500 Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

Interrupt:17 Memory:dc000000-dc012800

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

inet6 addr: ::1/128 Scope:Host

UP LOOPBACK RUNNING MTU:16436 Metric:1

RX packets:93 errors:0 dropped:0 overruns:0 frame:0

TX packets:93 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:72867 (72.8 KB) TX bytes:72867 (72.8 KB)

cadet alain · ‎01-24-2011

ok,

so can you traceroute to an external ip like 4.2.2.2

Regards.

Alain.

Don't forget to rate helpful posts.

eceflyboy · ‎01-24-2011

A small problem, the linux box doesn't have tracert installed, normally, all I need to do on Ubuntu is "aptitude install tracert", but I don't have the internet!

Let me try to see if I can get it some other way, but basically I get this error:

root@dev-server:~$ ping 4.2.2.1

PING 4.2.2.1 (4.2.2.1) 56(84) bytes of data.

From 10.2.2.1 icmp_seq=1 Destination Net Unreachable

Cisco 861 WAN changed from DHCP to Static IP and now can't ping the internet.