Solved: Re: Installing Cisco 1711 - Issue routing between FE0 and VLAN1

james.curran · ‎06-02-2011

I have been tasked with bridging two segments in our internal structure. I have been given the 1711 to accomplish this task. all segments are used strickly within the organization and no internet access is needed or desired.

My test bed

desktop 192.9.100.250/24------->Vlan1 Port 4 with vlan1 at 192.9.100.194 ----->FastEthernet0 in 1711 at 156.52.42.194 ----------> Desktop 156.52.42.10

I can successfully ping from 192.9.100.250 to the Desktop 156.52.42.10

Pinging from the 156.52.42.10 Desktop to the 192.9.100.250 is unsuccessful

pinging from 156.52.42.10 to 192.9.100.194 shows a reply from 156.52.42.194 only

I messed up the access-list maybe?

Any help would be appreciated.

Thotsaphon Lueangwattanaphong · ‎06-02-2011

Hi,

We use NAT for many reasons. If you have no internet access , just do a routing between networks. It's okay.

HTH,

Toshi

View solution in original post

Thotsaphon Lueangwattanaphong · ‎06-02-2011

Hi,

It's a NAT problem. Do you want to use NAT in this case? If not, just try the following command.

!

interface Vlan1

no ip nat inside

!

interface FastEthernet0

no ip nat outside

!

HTH,

Toshi

james.curran · ‎06-02-2011

Thanks for the fast responce

I entered the statements but still cannot access the 192.9.100.250 desktop from the 156.52.42.10 desktop

The reverse trip works fine. Pings like a champ. I just cannot get the packet to across or to the 194.9.100.194 barrier.

Any help is appreciated.

Thotsaphon Lueangwattanaphong · ‎06-02-2011

Hi,

Can you ping from 156.52.42.10 to 192.9.100.194?

Please post the configuration you modify and the output of "show ip route" command?

Toshi

james.curran · ‎06-02-2011

When i ping from the 156.52.42.10 desktop to the 192.9.100.194 Vlan address on the router

it returns "reply from 156.52.42.194

Pinging 192.9.100.194 with 32 bytes of data:

Reply from 156.52.42.194: bytes=32 time=3ms TTL=255
Reply from 156.52.42.194: bytes=32 time=8ms TTL=255
Reply from 156.52.42.194: bytes=32 time=1ms TTL=255
Reply from 156.52.42.194: bytes=32 time=1ms TTL=255

Ping statistics for 192.9.100.194:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 8ms, Average = 3ms

Why did it bounce back like that----This is with NAT inside/outside set up again.

With NAT disabled per your last e-mail

C:\Documents and Settings\curran>ping 192.9.100.194

Pinging 192.9.100.194 with 32 bytes of data:

Reply from 192.9.100.194: bytes=32 time=2ms TTL=255
Reply from 192.9.100.194: bytes=32 time=8ms TTL=255
Reply from 192.9.100.194: bytes=32 time=1ms TTL=255
Reply from 192.9.100.194: bytes=32 time=1ms TTL=255

Ping statistics for 192.9.100.194:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 8ms, Average = 3ms

C:\Documents and Settings\curran>ping 192.9.100.250

Pinging 192.9.100.250 with 32 bytes of data:

Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 192.9.100.250:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

Thotsaphon Lueangwattanaphong · ‎06-02-2011

Hi,

Okay, Can you ping 192.9.100.250 from the router? Please post the output of ping commands below.

Router#ping 192.9.100.250

Router#ping 192.9.100.250 source Fastethernet0

it might be a personal firewall problem.

Toshi

james.curran · ‎06-02-2011

here are results

again thanks for the assist

Thotsaphon Lueangwattanaphong · ‎06-02-2011

Hi,

If desktop-192.9.100.250 has been configured a gateway as 192.9.100.194, I think this is a personal firewall problem.

You just turn off a personal firewall/window fireall on desktop for testing.

HTH,

Toshi

james.curran · ‎06-02-2011

Turned off firewall on 192.9.100.250

no change in ping from 156.52.42.10 no answer

I can ping 192.9.100.250 desktop from Fastethernet0 but not from the 156.52.42.10 system

james.curran · ‎06-02-2011

since my last responce I remembered that I had reenabled NAT again on the interfaces.

Turned of natting and it is working. I can ping 192.9.100.250 desktop from the 156.52.42.10 desktop fine.

reversing the ping works as well.

Must have been that firewall GRRRR. I hope my hair grows back.

Thank you very much. I will test somemore and respond soon.

Thotsaphon Lueangwattanaphong · ‎06-02-2011

Hi,

Edit: Okay it seems to work now. Next lab should be NAT.

Toshi

james.curran · ‎06-02-2011

Here is running-config

If it runs without Nat do I still need it since it is for internal use

only?

Thotsaphon Lueangwattanaphong · ‎06-02-2011

Hi,

We use NAT for many reasons. If you have no internet access , just do a routing between networks. It's okay.

HTH,

Toshi

james.curran · ‎06-02-2011

It will be used internally from some older units in an incinerator by fiber to a headoffice Cisco 3560 (152.52.42.194)

It could not see the 192.x.x.x from the 156.x.x.x .

Installing Cisco 1711 - Issue routing between FE0 and VLAN1 ports