02-10-2009 07:33 AM - edited 03-04-2019 03:30 AM
Hi,
I am having an issue with a route to an external DMVPN spoke. The external spoke can ping all internal devices and the DMVPN hub can ping all spokes and connected devices(including the external spoke). All internal spokes can ping each other over dynamically established tunnels. So it seems like the IPSEC/GRE portion of my configuration is correct. The problem lies with a few of the internal spokes trying to reach the external spoke.
Sanitized configs attached. Diagram is here http://img152.imageshack.us/img152/9043/layoutfs3.jpg
When I try to ping from I-SPOKE-1 to E-SPOKE-1, I receive the first ping response but all pings after that time out, and I receive the same condition from I-SPOKE-3 to E-SPOKE-1. The really strange part is that I-SPOKE-2 has complete connectivity, and can ping all devices including the external spoke. When I do a 'sh ip route' all internal spokes have the HUB listed as the next hop to the external spoke, so EIGRP seems to be propagating the correct info, but the HUB just isn't routing it properly. The part the really baffles me is Traceroute works end to end with every device⦠:-/
I have scrutinized every peace of the configurations and can't figure out what my problem is. If anyone has any ideas or links that might help it would be greatly appreciated.
Thanks in advance,
Joe
02-10-2009 10:34 AM
Hello Joe,
the command
no ip split-horizon eigrp 90
is usually needed on hub not on spokes
to create dynamic spoke to spoke tunnels
on the hub you need also
no ip next-hop-self eigrp 90
you can check NHRP issues with
sh ip nhrp
debug nhrp
the fact that first packet is fine has some meaning NHRP activity has to be investigated.
Hope to help
Giuseppe
02-10-2009 10:46 AM
Hi,
Pls post complete config in text files..
HTH
Mohamed
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide