11-12-2008 05:55 PM - edited 03-04-2019 12:18 AM
Have a 3640 connecting to ISP via PPPoE in FA and a point to point T1 on Serial. Default route is pppoe and then static routes for IP's on the other end of the T1. Pinging from inside the 3640 works fine to either the web or a pc at the other end of the t1.
Have a pix behind the router to firewall. It has one route - the 3640. Web works great, but not getting to the T1. Have enabled pings and can ping the web, but can't ping pc on T1.
How can I debug? Suggestions to look for?
Pertinent pieces of config below and full configs attached.
Pix:
ip address outside 6x.x.x.166 255.255.255.252
ip address inside 10.10.1.254 255.255.255.0
!
global (outside) 1 interface
nat (inside) 0 access-list nonat
nat (inside) 1 10.10.1.0 255.255.255.0 0 0
static (inside,outside) tcp 6x.x.x.166 ftp 10.10.1.5 ftp netmask 255.255.255.255 0 0
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 6x.x.x.165 1
Router:
interface FastEthernet0/0
ip address 6x.x.x.165 255.255.255.252
duplex auto
speed auto
no cdp enable
!
interface Ethernet2/0
no ip address
half-duplex
pppoe enable
pppoe-client dial-pool-number 1
!
interface Serial2/0
description T1
ip address 172.18.0.1 255.255.255.252
!
interface Dialer1
mtu 1492
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
no cdp enable
ppp authentication chap callin
ppp chap hostname s****@********.net
ppp chap password 0 *******
!
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 10.0.0.0 255.255.255.0 Serial2/0
ip route 10.1.1.0 255.255.255.0 Serial2/0
Solved! Go to Solution.
11-12-2008 06:31 PM
When you ping from the 3640, you are sourcing from the serial interface T1 which I assume the remote network knows about because you get a successful reply.
When you ping from the PIX, you are sourcing from its outside interface 6x.x.x.166 and I'm sure the remote network does not have a route to that IP via the serial, does it?
__
Edison.
11-12-2008 06:31 PM
When you ping from the 3640, you are sourcing from the serial interface T1 which I assume the remote network knows about because you get a successful reply.
When you ping from the PIX, you are sourcing from its outside interface 6x.x.x.166 and I'm sure the remote network does not have a route to that IP via the serial, does it?
__
Edison.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide