Showing results for 
Search instead for 
Did you mean: 

Cisco router 2911 blocking single IP address.


I am really desperate to find an answer for my problem I want to share with this forum, maybe someone will know the solution. I also want to say that I'm not sure is this the right section of the forum to ask this type of the question, so I apologies in advance if it is not.

We have a Cisco 2911 router in our company. I didn't set it up myself nor I was involved. I only started working here recently, bit over 3 months ago. I have been given ongoing task which other IT Technicians been struggling for almost a year with a idea that maybe because I'm fresh person in the company I will find a original idea why could this thing not work.

Our router have a problem with blocking a single IP address, but not completely  It's hard to explain but I will try my best. Company is hosting their website externally and accessing the host and FTP on the host on daily bases. It is important for the website to work on the internal network in company. It does work sometimes, but from time-to-time the website showing time-out error 118 on any point before Cisco router using both http and https, have tried putting just the IP address( doesn't matter is it on the general network or last ISA server on DMZ ). I am able to connect to the website using any of proxy gates but not directly to the website. I have also tested the connection past the router and I was able to connect to the website without any problems. I am also able to ping the host's address from the router and internal network.

I have eliminated the possibility of not correctly setup proxy or firewall on the network as problem also occur on the DMZ. I have also checked access-lists on the router and firewall rules for Any possibilities and I can't really see a way why would the router do this.

Please, help.

I can provide any details and information if needed: Tell me the command output from the router you would like to see if you willing to help.


It's only happening for a single IP address, rest of the internet is fine...

Rising star


Post here your router config(mask your public IPs) and network topology diagram.

Hope it will help.

Best regards,

Best regards,
Richard Burts
Hall of Fame Guru

If it is a problem with a single address then one possibility to consider is a duplicate address. Is there some possibility that some other device is also using the IP address of the server? Or some possibility that the address is also in some DHCP pool and occasionally gets assigned?

One way to investigate this would be to do show arp (from a router connected in the subnet where the server is connected). Record the MAC address of the server. Then when the problem is happening do the show arp again. Look to see if it is still the same MAC address.



Sent from Cisco Technical Support iPad App