07-24-2007 03:12 AM - edited 03-05-2019 05:27 PM
Good morning everyone,
I have a strange problem interconnecting a Cisco851 with an ISP router.
The ISP router has the 192.168.1.1 255.255.255.0 address and the C851 has the 192.168.1.100 255.255.255.0 on the FastEthernet4 connected to the ISP device through a switch (but i've tried also the direct connection).
given this, no communication passes by between the c857 and the ISP device.
Sniffing the packets, i can see that the ISP Provider sends an ARP Request to know wich one is the 192.168.1.100 and the C857 filters it with the following reason:
IP ARP req filtered src 0.0.0.0 0017.c2cf.974f, dst 192.168.1.100 0000.0000.0000 martian source.
can someone tell me why? is there a way not to make the router filter these ARP Request?
Below there's the full configuration of the router which has 12.4.15(T1) release onboard (bt i've tried also older ones..)
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname giacomo-Alberione-gw
!
boot-start-marker
boot-end-marker
!
logging buffered 4096
!
no aaa new-model
clock timezone CET 1
clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00
!
!
!
no ip source-route
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.0.254
!
ip dhcp pool locale
network 192.168.0.0 255.255.255.0
default-router 192.168.0.254
dns-server 194.20.8.1 151.99.125.2
lease 30
!
!
ip cef
no ip bootp server
no ip domain lookup
ip domain name router.it
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
ip address 192.168.1.100 255.255.255.0
ip virtual-reassembly
duplex auto
speed auto
ip nat outside
!
interface Vlan1
ip address 192.168.0.254 255.255.255.0
ip nat inside
ip virtual-reassembly
!
ip route 0.0.0.0 0.0.0.0 192.168.1.1
!
no ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 5 life 86400 requests 10000
ip nat inside source list 100 interface fastethernet4 overload
!
!
access-list 11 permit any
access-list 100 remark ****** ACL per PAT ******
access-list 100 permit ip 192.168.0.0 0.0.0.255 any
control-plane
!
!
line con 0
logging synchronous
login local
no modem enable
line aux 0
line vty 0 4
exec-timeout 120 0
logging synchronous
login local
transport input telnet ssh
!
scheduler max-task-time 5000
end
07-24-2007 03:17 AM
Hi
I'm not sure it's your router. If you look at the message it is complaining about the source address being 0.0.0.0 which is clearly incorrect.
Have you talked to your ISP.
Jon
07-26-2007 05:04 AM
The source mac address is that of the service provider router (which is actually open in that I can configure it but there are very few options.. for instance I can't set a static arp)
The Service Provider says everything's fine and it suggests to connect the machines directly to its Router (in this scenario, everything works properly and the computers have no problem answering that request).
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide