I can't connect or ping hosts on the other side. pls help

osekgarametso · ‎07-14-2011

I have recently bought two 1800 cisco routers and have tried to connect them over wan serial link, but I am having problems when trying to access resources on the other side. I am a newbie to cisco and I wonder if the problem is with the configuration or the new routers or the serial link between the sites. Below is the show-running config results I have done on both routers; I can ping the serial interfaces from both sides and remotely, but I can't ping hosts or FE from other side. See below config

User Access Verification

Password:

headoffice>en

Password:

headoffice#show running-config

Building configuration...

Current configuration : 945 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname headoffice

!

boot-start-marker

boot-end-marker

!

logging message-counter syslog

enable secret 5 $1$0tti$GQScpuV0iOefYLMgUowhn/

!

no aaa new-model

dot11 syslog

ip source-route

!

ip cef

ip name-server 192.168.1.3

!

no ipv6 cef

multilink bundle-name authenticated

!

archive

log config

hidekeys

!

interface FastEthernet0/0

ip address dhcp

shutdown

duplex auto

speed auto

!

interface FastEthernet0/1

ip address 192.168.3.200 255.255.255.0

duplex auto

speed auto

!

interface Serial0/0/0

ip address 192.168.2.9 255.255.255.0

!

ip forward-protocol nd

ip route 192.168.1.0 255.255.255.0 192.168.2.10

no ip http server

no ip http secure-server

!

control-plane

!

line con 0

line aux 0

line vty 0 4

password *********

login

!

scheduler allocate 20000 1000

end

...............................................................................................................................................................

headoffice#show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C 192.168.1.0/24 is directly connected, FastEthernet0/0

C 192.168.2.0/24 is directly connected, Serial0/0/0

S 192.168.3.0/24 [1/0] via 192.168.2.9

montshiwa#

montshiwa#show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

S 192.168.1.0/24 [1/0] via 192.168.2.10

C 192.168.2.0/24 is directly connected, Serial0/0/0

C 192.168.3.0/24 is directly connected, FastEthernet0/1

montshiwa#

p.mcgowan · ‎07-14-2011

is the FE port on the routers connected?

can you post output of "show ip interface brief"

osekgarametso · ‎07-14-2011

yes the FE are connected directly to the switch, and I am able to telnet to the other router while logged into the headoffice router...below is the output as requested

headoffice#show ip interface brief

Interface IP-Address OK? Method Status Prot

ocol

FastEthernet0/0 192.168.1.10 YES NVRAM up up

FastEthernet0/1 unassigned YES NVRAM administratively down down

Serial0/0/0 192.168.2.10 YES NVRAM up up

headoffice#

montshiwa#show ip interface brief

Interface IP-Address OK? Method Status Prot

ocol

FastEthernet0/0 unassigned YES DHCP administratively down down

FastEthernet0/1 192.168.3.200 YES manual up up

Serial0/0/0 192.168.2.9 YES manual up up

montshiwa#

mvsheik123 · ‎07-14-2011

Pretty straight config. Make sure you have proper geateway for your client PCs. Start with the WAN link. Try an extended ping across the link from router 1.

Main router#ping

Protocol [ip]:

Target IP address: 192.168.2.9

Repeat count [5]: 1000

Datagram size [100]:

Timeout in seconds [2]:

Extended commands [n]: y

Source address or interface: 192.168.2.10

Type of service [0]:

Set DF bit in IP header? [no]:

Validate reply data? [no]:

Data pattern [0xABCD]:

Loose, Strict, Record, Timestamp, Verbose[none]:

Sweep range of sizes [n]:

if the result fails, then contact your carrier. If you get success, test hop by hop test from work station.

hth

MS

osekgarametso · ‎07-14-2011

Here is the output for the commands and some few tests I have done, I still cant ping hosts on the other subnets ?? I can only ping the FE on the routers...........

User Access Verification

Password:

headoffice>en

Password:

headoffice#ping

Protocol [ip]:

Target IP address: 192.168.2.9

Repeat count [5]: 1000

Datagram size [100]:

Timeout in seconds [2]: y

% A decimal number between 0 and 3600.

Timeout in seconds [2]:

Extended commands [n]: y

Source address or interface: 192.168.2.10

Type of service [0]:

Set DF bit in IP header? [no]:

Validate reply data? [no]:

Data pattern [0xABCD]:

Loose, Strict, Record, Timestamp, Verbose[none]:

Sweep range of sizes [n]:

Type escape sequence to abort.

Sending 1000, 100-byte ICMP Echos to 192.168.2.9, timeout is 2 seconds:

Packet sent with a source address of 192.168.2.10

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Success rate is 100 percent (1000/1000), round-trip min/avg/max = 20/22/48 ms

headoffice#telnet 192.168.2.9

Trying 192.168.2.9 ... Open

User Access Verification

Password:

montshiwa>en

Password:

montshiwa#ping 192.168.1.10

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.1.10, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 24/24/28 ms

montshiwa#ping 192.168.1.5

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.1.5, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

montshiwa#ping 192.168.3.100

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.3.100, timeout is 2 seconds:

.!!!!

Success rate is 80 percent (4/5), round-trip min/avg/max = 1/1/1 ms

montshiwa#ping 192.168.2.10

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.2.10, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 20/24/28 ms

montshiwa#ping 192.168.1.10

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.1.10, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 24/24/28 ms

montshiwa#ping 192.168.1.5

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.1.5, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

montshiwa#exit

[Connection to 192.168.2.9 closed by foreign host]

headoffice#ping 192.168.1.5

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.1.5, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms

headoffice#telnet 192.168.2.9

Trying 192.168.2.9 ... Open

User Access Verification

Password:

montshiwa>en

Password:

montshiwa#ping 192.168.1.5

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.1.5, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

montshiwa#ping

Protocol [ip]:

Target IP address: 192.168.1.5

Repeat count [5]: 1000

Datagram size [100]:

Timeout in seconds [2]:

Extended commands [n]: y

Source address or interface: 192.168.2.9

Type of service [0]:

Set DF bit in IP header? [no]:

Validate reply data? [no]:

Data pattern [0xABCD]:

Loose, Strict, Record, Timestamp, Verbose[none]:

Sweep range of sizes [n]:

Type escape sequence to abort.

Sending 1000, 100-byte ICMP Echos to 192.168.1.5, timeout is 2 seconds:

Packet sent with a source address of 192.168.2.9

..............................................................................................................

.............................................................................................................

MY CLIENT I.P SETTINGS

C:\>ipconfig

Windows IP Configuration

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix . :
   IP Address. . . . . . . . . . . . : 192.168.1.5
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.10
C:\>ping 192.168.2.9

Pinging 192.168.2.9 with 32 bytes of data:

Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 192.168.2.9:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

C:\>

Thotsaphon Lueangwattanaphong · ‎07-14-2011

Hi,

Okay well,it's pretty straightforward. Please post the output of commands below.

montshiwa#ping 192.168.1.10 source interface f0/1

montshiwa#ping 192.168.1.5 source interface f0/1

Note: Make sure that you disabled a personal firewall/AV on 192.168.1.5 for testing.

headoffice#conf t

headoffice(conf)#access-list 10 permit host 192.168.1.5

headoffice#debug ip packet 10 detail

On PC:

C:\>ping 192.168.2.9

HTH,

Toshi

osekgarametso · ‎07-14-2011

Hi, here is the output as requested , I am starting to suspect the client P.C I am using...I will conduct some tests with a different one , in the mean time check the output.....

User Access Verification

Password:
headoffice>en
Password:
headoffice#telnet 192.168.2.9
Trying 192.168.2.9 ... Open

User Access Verification

Password:
montshiwa>en
Password:
montshiwa#ping 192.168.1.10 source interface f0/1
^
% Invalid input detected at '^' marker.

montshiwa#ping 192.168.1.10 source fastethernet0/1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.10, timeout is 2 seconds:
Packet sent with a source address of 192.168.3.200
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/25/32 ms
montshiwa#ping 192.168.1.5 source fastethernet0/1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.5, timeout is 2 seconds:
Packet sent with a source address of 192.168.3.200
.....
Success rate is 0 percent (0/5)
montshiwa#

Thotsaphon Lueangwattanaphong · ‎07-14-2011

Hi,

That's all right. Seems routing should work. Can you test connections to other hosts in 192.168.1.0/24 network? Make sure that hosts on that segment are already configured the correct default gateway,192.168.1.10. And make sure that you disabled a personal firewall/av on 192.168.1.5 for testing.

HTH,

Toshi

mvsheik123 · ‎07-14-2011

Windows firewall on PCs enabled? if so, make sure ICMP echo/reply is enabled.

Also, revisting router configa, can you try by adding command 'ip routing' on both end sides?

hth

MS