Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
13029
Views
5
Helpful
18
Replies

Commands to check internet connection for Cisco 4431 Integrated Services Router

Go to solution
txu
Level 1
Level 1

‎05-21-2019 11:19 PM

Hi,

I'm pretty new to business-level routers (I have programming and certain Ubuntu system admin experience though) but I'm facing a problem with Cisco 4431 router.

We have a client with quite strict security policy. The router resides in client's network, with external IP (12.34.56.78) assigned by client's network. The router manages a few Ubuntu servers (X, Y, Z, etc).

 

From my computer at my home, I can log into client's VPN and then access the router with ssh command, like

>ssh admin@12.34.56.78

or access server X with command like

>ssh -p 2210 guest@12.34.56.78

 

When I ssh into X, I issue command

>wget https://www.gnu.org/software/wget    # I have wget installed actually, just to test internet connection

I got error like

>wget: unable to resolve host address: 'ftp.gnu.org'

I think I've set the networking files like "interfaces" correctly on server X and believe it's the client's firewall setting. However, the client's IT department says they don't block anything.

 

To avoid the possibility that I didn't configure X correctly, I also ssh into the router, and I issue command

#show ip nat trans

Pro  Inside global         Inside local          Outside local         Outside global

icmp 172.24.62.135:1    192.168.2.10:15172       8.8.8.8:15172    8.8.8.8:1

.......

tcp  172.24.62.135:2210    192.168.2.10:22       10.132.63.11:43853    10.132.63.11:43853

udp  172.24.62.135:1064    192.168.2.11:21803    129.176.199.5:53      129.176.199.5:53

Total number of translations: 114

I think this says the router is able to sending out outbound requests. However I wonder if there's any command that can show the router is sending outbound to www.gnu.org or www.google.com, but is blocked by the network. An imagined command like this:

#send_outbound_request_to_google

sending request out; sent; returned message saying you are blocked

 

I don't know much about router commands. Can you please help? TIA

-tx

Labels:
0 Helpful
18 Replies 18

Go to solution
Georg Pauwen
VIP
VIP
In response to pieterh

‎05-23-2019 11:11 AM - edited ‎05-23-2019 11:12 AM

Hello,

 

what if you configure a local DNS entry ?

 

ip host ftp.gnu.org 209.51.188.20

0 Helpful

Go to solution
txu
Level 1
Level 1
In response to Georg Pauwen

‎05-23-2019 09:45 PM

How do I do this? The server is Ubuntu v16.04
0 Helpful

Go to solution
txu
Level 1
Level 1

‎05-23-2019 10:36 PM

https://community.cisco.com/t5/routing/can-ping-ip-address-but-not-by-domain-name-a-dns-issue/m-p/3862079#M315526

 

The issue turns out to be a DNS issue (most likely or I think so). Basically, I can ping 72.30.35.9 (Yahoo IP) but not www.yahoo.com. Please refer to the link above for the progress. I guess it's better to have different post as the nature of the problem changed.

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to txu

‎05-24-2019 01:55 AM

if the nature of the problem in related to this was one working - so suggest to close this thread rather we lay the issue all over.

 

so people can follow other thread and suggest what we can best based in your inputs.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card