Buy or Renew
Buy or Renew
COMING SOON: Umbrella and Secure Access release notes are coming to Cisco Community. The community will be in read-only August 16 – 19. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
403
Views
0
Helpful
4
Replies

HSRP

Go to solution
ashz14387
Level 1
Level 1

‎03-11-2024 12:41 AM - edited ‎03-11-2024 12:41 AM

Hi @All 

I made a demo HSRP lab with the below setup:

R1 connected to Switchport E0
R2 connected to Switchport E1
VPC connected to Switchport E2

R1 connected to a tap interface tap1 (192.176.1.1)
R2 connected to a tap interface tap2 (168.172.1.1)

Conf of R1 as follow,

!

!

!

 

!

! Last configuration change at 10:45:29 UTC Thu Mar 7 2024

!

version 15.2

service timestamps debug datetime msec

service timestamps log datetime msec

!

hostname R1

!

boot-start-marker

boot-end-marker

!

!

!

no aaa new-model

no ip icmp rate-limit unreachable

ip cef

!

!

!

!

!

!

no ip domain lookup

no ipv6 cef

!

!

multilink bundle-name authenticated

!

!

!

!

!

!

!

username admin password 0 Network@123

!

!

ip tcp synwait-time 5

!

track 1 interface FastEthernet0/0 line-protocol

!

!

!

!

!

!

!

!

!

!

!

!

interface FastEthernet0/0

ip address 192.176.1.2 255.255.255.0

ip nat outside

duplex full

!

interface FastEthernet1/0

ip address 10.10.10.2 255.255.255.0

ip nat inside

standby 1 ip 10.10.10.1

standby 1 priority 150

standby 1 preempt delay minimum 20

standby 1 track 1 decrement 60

duplex full

!

interface FastEthernet2/0

no ip address

shutdown

duplex full

!

interface FastEthernet3/0

no ip address

shutdown

duplex full

!

interface FastEthernet4/0

no ip address

shutdown

duplex full

!

interface FastEthernet5/0

no ip address

shutdown

duplex full

!

ip nat inside source list 1 interface FastEthernet0/0 overload

ip nat inside source static 10.10.10.5 192.176.1.2

ip forward-protocol nd

!

!

no ip http server

no ip http secure-server

ip route 0.0.0.0 0.0.0.0 192.176.1.1

!

access-list 1 permit 10.10.10.0 0.0.0.255

!

snmp-server community privat RW

snmp-server community public RO

!

!

control-plane

!

!

line con 0

exec-timeout 0 0

privilege level 15

logging synchronous

stopbits 1

line aux 0

exec-timeout 0 0

privilege level 15

logging synchronous

stopbits 1

line vty 0 4

password Network@123

login local

transport input telnet

!

!

end


Conf of R2 as follow,

!

!

!

 

!

! Last configuration change at 07:55:09 UTC Thu Mar 7 2024

!

version 15.2

service timestamps debug datetime msec

service timestamps log datetime msec

!

hostname R2

!

boot-start-marker

boot-end-marker

!

!

!

no aaa new-model

no ip icmp rate-limit unreachable

ip cef

!

!

!

!

!

!

no ip domain lookup

no ipv6 cef

!

!

multilink bundle-name authenticated

!

!

!

!

!

!

!

username admin password 0 Network@123

!

!

ip tcp synwait-time 5

!

!

!

!

!

!

!

!

!

!

!

!

interface FastEthernet0/0

ip address 168.172.1.2 255.255.255.0

ip nat outside

duplex full

!

interface FastEthernet1/0

ip address 10.10.10.3 255.255.255.0

ip nat inside

standby 1 ip 10.10.10.1

standby 1 priority 110

standby 1 preempt

duplex full

!

interface FastEthernet2/0

no ip address

shutdown

duplex full

!

interface FastEthernet3/0

no ip address

shutdown

duplex full

!

interface FastEthernet4/0

no ip address

shutdown

duplex full

!

interface FastEthernet5/0

no ip address

shutdown

duplex full

!

ip nat inside source list 1 interface FastEthernet0/0 overload

ip nat inside source static 10.10.10.5 168.172.1.2

ip forward-protocol nd

!

!

no ip http server

no ip http secure-server

ip route 0.0.0.0 0.0.0.0 168.172.1.1

ip route 10.10.10.0 255.255.255.0 168.172.1.1

!

access-list 1 permit 10.10.10.0 0.0.0.255

!

snmp-server community public RO

snmp-server community private RW

!

!

control-plane

!

!

line con 0

exec-timeout 0 0

privilege level 15

logging synchronous

stopbits 1

line aux 0

exec-timeout 0 0

privilege level 15

logging synchronous

stopbits 1

line vty 0 4

password Network@123

login local

transport input telnet

!

!

end

HSRP is working fine when i tried trace with R1 present and Without R1 Present.

My question is i am unable to ping 8.8.8.8 from the r1 and r2 but able to do that from vpc why?

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Torbjørn
Spotlight
Spotlight

‎03-11-2024 01:32 AM

I suspect that this is a NAT issue. Are you trying to ping from your "inside" interface of your router?

Could you try to remove the following line of configuration and try again?

ip nat inside source static 10.10.10.5 192.176.1.2

 

Happy to help! Please mark as helpful/solution if applicable.
Get in touch: https://torbjorn.dev

View solution in original post

0 Helpful
4 Replies 4

Go to solution
nict
Level 1
Level 1

‎03-11-2024 01:29 AM - edited ‎03-11-2024 01:32 AM

Hi @ashz14387 

Just so I understand:

So your Router is Connected to a switch, and behind that switch is your VPC, correct?
What is the IP address of the VPC?

0 Helpful

Go to solution
ashz14387
Level 1
Level 1
In response to nict

‎03-11-2024 02:41 AM - edited ‎03-11-2024 02:42 AM

The ip address of VPC is 10.10.10.5 with default gateway of 10.10.10.1

0 Helpful

Go to solution
nict
Level 1
Level 1
In response to ashz14387

‎03-11-2024 02:43 AM

That makes sense why it works then for the VPC. See what Torbjørn wrote in his reply about the ip nat inside source static.

0 Helpful

Go to solution
Torbjørn
Spotlight
Spotlight

‎03-11-2024 01:32 AM

I suspect that this is a NAT issue. Are you trying to ping from your "inside" interface of your router?

Could you try to remove the following line of configuration and try again?

ip nat inside source static 10.10.10.5 192.176.1.2

 

Happy to help! Please mark as helpful/solution if applicable.
Get in touch: https://torbjorn.dev
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card