cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
16828
Views
5
Helpful
6
Replies

I can't ping GRE Tunnel Destination

Gabriel Tanase
Level 1
Level 1

Friends, I created a GRE tunnel and I can't ping the tunnel destination from either router.  I am able to ping the tunnel ip address on the router that it's configured on.  Can anyone help please?  I have two routers.  The configs are as follows.

Router A

------------------

Router_A#show ip int brief

Interface                  IP-Address      OK? Method Status                Prot                                             ocol

FastEthernet0/0            192.168.1.121   YES DHCP   up                    up                                              

FastEthernet0/1            10.10.12.254    YES NVRAM  up                    up                                              

Serial0/0/0                unassigned      YES NVRAM  down                  down                                            

Serial0/0/1                192.168.2.2     YES NVRAM  up                    up                                              

BRI0/2/0                   unassigned      YES NVRAM  administratively down down                                            

BRI0/2/0:1                 unassigned      YES unset  administratively down down                                            

BRI0/2/0:2                 unassigned      YES unset  administratively down down                                            

Async0/3/0                 unassigned      YES NVRAM  down                  down                                            

NVI0                       unassigned      NO  unset  up                    up                                              

Loopback0                  10.10.13.249    YES NVRAM  up                    up                                              

Tunnel1                    10.10.10.1      YES manual up                    up                                              

Router_A#

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Router_A

!

boot-start-marker

boot-end-marker

!

aaa new-model

!

!

aaa authentication login word local

aaa authentication login CONSOLE none

!

aaa session-id common

!

!

ip cef

no ip dhcp use vrf connected

!

ip dhcp pool Dhcp_Pool

   network 10.10.12.0 255.255.255.0

   default-router 10.10.12.254

   dns-server 206.141.192.60

!

!

ip auth-proxy max-nodata-conns 3

ip admission max-nodata-conns 3

!

!

voice-card 0

no dspfarm

interface Loopback0

ip address 10.10.13.249 255.255.255.252

!

interface Tunnel1

ip address 10.10.10.1 255.255.255.0

ip mtu 1480

tunnel source Loopback0

tunnel destination 192.168.2.1

!

interface FastEthernet0/0

description Connection to Internet

ip address dhcp client-id FastEthernet0/0

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

!

interface FastEthernet0/1

description Connection to LAN

ip address 10.10.12.254 255.255.255.0

ip nat inside

ip virtual-reassembly

duplex auto

speed auto

!

interface Serial0/0/0

no ip address

clock rate 2000000

interface Serial0/0/1

description Connection to Network B

bandwidth 1000000

ip address 192.168.2.2 255.255.255.252

encapsulation ppp

!

interface BRI0/2/0

no ip address

encapsulation hdlc

shutdown

!

interface Async0/3/0

no ip address

encapsulation slip

!

router rip

version 2

network 10.0.0.0

network 192.168.1.0

network 192.168.2.0

!

ip forward-protocol nd

ip route 10.10.0.0 255.255.0.0 192.168.2.1

!

!

ip http server

no ip http secure-server

ip nat pool ovrld 192.168.1.250 192.168.1.250 prefix-length 24

ip nat inside source list 7 pool ovrld overload

!

access-list 7 permit 10.10.12.0 0.0.0.255

!

!

!

control-plane

--------------------------------------------------------

Router_B

Router_B#show ip int brief

Interface                  IP-Address      OK? Method Status                Protocol

FastEthernet0/0            10.10.14.254    YES manual up                    up

FastEthernet0/1            unassigned      YES NVRAM  administratively down down

Serial0/0/0                unassigned      YES NVRAM  administratively down down

BRI0/1/0                   unassigned      YES NVRAM  administratively down down

BRI0/1/0:1                 unassigned      YES unset  administratively down down

BRI0/1/0:2                 unassigned      YES unset  administratively down down

Serial0/3/0                unassigned      YES NVRAM  administratively down down

Serial0/3/1                192.168.2.1     YES manual up                    up

NVI0                       10.10.14.254    YES unset  up                    up

SSLVPN-VIF0                unassigned      NO  unset  up                    up

Loopback0                  10.10.15.1      YES manual up                    up

Tunnel1                    10.10.10.2      YES manual up                    up

Router_B#

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname Router_B

!

boot-start-marker

boot-end-marker

!

logging message-counter syslog

!

no aaa new-model

memory-size iomem 10

!

dot11 syslog

ip source-route

!

!

ip cef

!

ip dhcp pool Dhcp_Pool

   network 10.10.14.0 255.255.255.0

   default-router 10.10.14.254

   dns-server 206.141.192.60

!

!

ip name-server 206.141.192.60

no ipv6 cef

!

!

archive

log config

  hidekeys

!

!

!

!

!

!

!

!

!

interface Loopback0

ip address 10.10.15.1 255.255.255.252

!

interface Tunnel1

ip address 10.10.10.2 255.255.255.0

tunnel source Loopback0

tunnel destination 192.168.2.2

!

interface FastEthernet0/0

description Connection to LAN

ip address 10.10.14.254 255.255.255.0

ip nat inside

ip virtual-reassembly

duplex auto

speed auto

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface Serial0/0/0

no ip address

shutdown

!

interface BRI0/1/0

no ip address

encapsulation hdlc

shutdown

!

interface Serial0/3/0

no ip address

shutdown

clock rate 2000000

!

interface Serial0/3/1

bandwidth 1000000

ip address 192.168.2.1 255.255.255.252

ip nat outside

ip virtual-reassembly

encapsulation ppp

!

router rip

version 2

network 10.0.0.0

network 172.16.0.0

network 192.168.1.0

network 192.168.2.0

!

ip forward-protocol nd

no ip http server

no ip http secure-server

!

1 Accepted Solution

Accepted Solutions

shamax_1983
Level 3
Level 3

Hello Gabriel,

For the GRE tunnel,  Router A and Router B should point to matching Source/Destination of each other.

But in your config, on Router A,

tunnel source Loopback0

tunnel destination 192.168.2.1

and on Router B

tunnel source Loopback0

tunnel destination 192.168.2.2

So the destination you defined in router A is not the Tunnel source of Router B ( on router B, it should be

"tunnel source 192.168.2.1  or Serial0/3/1 )

Your working configuration should look like this

Router A

interface Tunnel1

ip address 10.10.10.1 255.255.255.0

ip mtu 1480

tunnel source Loopback0

tunnel destination 192.168.2.1

Router B

interface Tunnel1

ip address 10.10.10.2 255.255.255.0

tunnel source Serial0/3/1

tunnel destination 10.10.13.249

Or you can go with the other way around, on Router A, Source is interface Serial0/0/0 and so on..

Let me know how you go with this configs

Please rate this post if helpful.



View solution in original post

6 Replies 6

shamax_1983
Level 3
Level 3

Hello Gabriel,

For the GRE tunnel,  Router A and Router B should point to matching Source/Destination of each other.

But in your config, on Router A,

tunnel source Loopback0

tunnel destination 192.168.2.1

and on Router B

tunnel source Loopback0

tunnel destination 192.168.2.2

So the destination you defined in router A is not the Tunnel source of Router B ( on router B, it should be

"tunnel source 192.168.2.1  or Serial0/3/1 )

Your working configuration should look like this

Router A

interface Tunnel1

ip address 10.10.10.1 255.255.255.0

ip mtu 1480

tunnel source Loopback0

tunnel destination 192.168.2.1

Router B

interface Tunnel1

ip address 10.10.10.2 255.255.255.0

tunnel source Serial0/3/1

tunnel destination 10.10.13.249

Or you can go with the other way around, on Router A, Source is interface Serial0/0/0 and so on..

Let me know how you go with this configs

Please rate this post if helpful.



Shamal, I want to thank you for your response.  I have tried your idea but unfortunately, I'm getting a recursive routing issue.

Router_B#

*Jan 10 02:54:39.491: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel1, changed state to down

*Jan 10 02:54:40.475: %SYS-5-CONFIG_I: Configured from console by console

*Jan 10 02:54:40.767: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel1, changed state to up

*Jan 10 02:54:40.795: %ADJ-5-PARENT: Midchain parent maintenance for IP midchain out of Tunnel1 482137E0 - looped chain attempting to stack

Router_B#show ip int b

*Jan 10 02:54:48.495: %TUN-5-RECURDOWN: Tunnel1 temporarily disabled due to recursive routing

*Jan 10 02:54:49.495: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel1, changed state to down

% Incomplete command.

Router_B#

Router_B#

Let me know if you have any further ideas.

Thanks

After playing around some more, I figured it out.  For some apparent reason, the source loopback was not working.  I sourced it off the serial interface and it worked.  Here is the config.  Thanks for pointing me in the right direction.

RTR A

interface Tunnel1

ip address 10.10.10.1 255.255.255.0

ip mtu 1480

tunnel source 192.168.2.2

tunnel destination 192.168.2.1

RTR B

interface Tunnel1

ip address 10.10.10.2 255.255.255.0

tunnel source 192.168.2.1

tunnel destination 192.168.2.2

Router_B#ping 10.10.10.2

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.10.10.2, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms

Router_B#ping 10.10.10.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 16/17/20 ms

Router_B#

------------------------

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms

Router_A#ping 10.10.10.2

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.10.10.2, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 16/17/20 ms

Router_A#

Hi Gabriel,

Yes this is the more cleaner way to do this.. But you can still do it with the loopback interface involved if you clean up your routing a little bit as I suggest below

Leave the changes you made based on my previous suggession, and do the following..

remove network 10.0.0.0 from RIP from both routers..

on router A

delete ip route 10.10.0.0 255.255.0.0 192.168.2.1

on router B


add ip route 10.10.13.0 255.255.255.0 192.168.2.2

If you want to advertise other Local subnets only advertise specific subnets but leave loopback subnets alone. DO NOT advertise the whole range 10.0.0.0 255.255.255.0 because it makes the GRE tunnel to advertise routers while your Serial link advertise the same thing and it makes everything unstable..

Try this and let me know..

Review Cisco Networking for a $25 gift card