Hi all,
I'm a newbie with Cisco and I'm currently configuring a 800 series router but I'm struggling with basic configuration. I would appreciate if you can help me. This is my current setting:
R1 WAN interface is connected to a R2 LAN interface.
My problem is that I can't access to the router R1 from host computer using ssh, I cant' ping from R1 to R2 or host but I can ping from host and R2 to R1 and I also can access with ssh if host is connected to the private network of R1.
I used debug ip packet and found that it is a routing issue, I got message "FIBipv4-packet-proc: packet routing failed" when receiving the echo-reply, I tried different static routes but I wasn't able to find the solution.
Below you can find the configuration of the router.
Many Thanks!
version 15.5
service timestamps debug datetime msec
service timestamps log datetime msec
!
hostname R1
!
boot-start-marker
boot-end-marker
!
vrf definition Inet
address-family ipv4
exit-address-family
!
aaa new-model
aaa authentication login default local
aaa authorization exec default local
aaa session-id common
ethernet lmi ce
!
ip dhcp excluded-address 10.15.0.1 10.15.0.20
ip dhcp pool Dpool1
network 10.15.0.0 255.255.255.0
default-router 10.15.0.1
dns-server 8.8.8.8
!
no ip domain lookup
ip name-server vrf Inet 8.8.8.8
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
ip tcp synwait-time 5
!
interface FastEthernet0
no ip address
!
interface FastEthernet1
switchport access vlan 1
no ip address
!
interface FastEthernet2
switchport access vlan 2
no ip address
!
interface FastEthernet3
switchport access vlan 2
no ip address
!
interface GigabitEthernet0
vrf forwarding Inet
ip address dhcp
no ip redirects
ip nat enable
ip virtual-reassembly in
duplex auto
speed auto
!
interface Serial0
no ip address
shutdown
clock rate 2000000
!
interface Vlan1
ip address 10.15.0.1 255.255.255.0
no ip redirects
ip nat inside
ip nat enable
ip virtual-reassembly in
!
interface Vlan2
ip address 10.16.0.1 255.255.255.0
ip nat enable
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip dns view vrf Inet default
ip nat source static tcp 10.15.0.20 80 interface GigabitEthernet0 80
ip nat source route-map Pat1-rmap interface GigabitEthernet0 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0 dhcp
ip ssh rsa keypair-name Ssh-keypair
ip ssh version 2
!
ip access-list extended Pat1-acclist
permit ip 10.15.0.0 0.0.0.255 any
permit ip 10.16.0.0 0.0.0.255 any
!
route-map Pat1-rmap permit 10
match ip address Pat1-acclist
set interface GigabitEthernet0
!
access-list 101 permit ip any any
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
no modem enable
stopbits 1
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line 2
no activation-character
no exec
transport preferred none
transport input all
stopbits 1
line vty 0 4
access-class 101 in
transport preferred ssh
transport input ssh
!
end
Accepted Solutions
