Solved: Problem with ping

vgklezakos · ‎11-04-2011

Hello

I recently changed my company's router with a cisco 1941 k9 and i have a problem......

I can not ping from inside the router the a distinct network but when i try to ping from my server the same network the ping passes. The same occurs when i try to trace route the same network.

Any clue why is this happening???

nkarpysh · ‎11-06-2011

Hi Evangelos,

It seems to be remote side not having route to NW configured on S0/0/0. Or there is an access-list blocking access to it between your router and distinct location. Your ISP or anyone who has access through the WAN path need to check that.

Nik

HTH,
Niko

View solution in original post

Reza Sharifi · ‎11-04-2011

Hi,

maybe your router does not have a route to the distinct network. Can you provide a diagram of the network and what you are trying to reach? Also can you post 1941 config?

HTH

vgklezakos · ‎11-04-2011

The only static route that my router has is 0.0.0.0 0.0.0.0 10.248.0.17

10.248.0.17 is the serial interface ot the provider

AIA_Router#show run

Building configuration...

Current configuration : 4884 bytes

!

! Last configuration change at 15:15:13 UTC Fri Nov 4 2011 by administrator

!

version 15.0

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname AIA_Router

!

boot-start-marker

boot-end-marker

!

logging buffered 51200 warnings

!

no aaa new-model

!

no ipv6 cef

ip source-route

ip cef

!

ip domain name yourdomain.com

multilink bundle-name authenticated

!

crypto pki trustpoint TP-self-signed-2937537602

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-2937537602

revocation-check none

rsakeypair TP-self-signed-2937537602

!

crypto pki certificate chain TP-self-signed-2937537602

certificate self-signed 01

30820251 308201BA A0030201 02020101 300D0609 2A864886 F70D0101 04050030

31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274

69666963 6174652D 32393337 35333736 3032301E 170D3131 30393330 30383435

35395A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649

4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 39333735

33373630 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281

8100C78C 39F3885A B9703214 F3C6BABE 228CCCD2 57B5E817 D3EABA82 73E104CA

0C32556E 766423B7 BF2BDBF1 A163773E B14EFFFA 9BE6684D 03C394C1 7CA9193F

563EF8CE 9F95646E 187A6E3C 3B713239 76045850 4D793D48 C7972933 95966B07

7EE429CC 6A262D2B 6AA6F4E8 5FBA8219 B515CD04 C94701F0 BE731441 FF575AB8

AE710203 010001A3 79307730 0F060355 1D130101 FF040530 030101FF 30240603

551D1104 1D301B82 19414941 5F526F75 7465722E 796F7572 646F6D61 696E2E63

6F6D301F 0603551D 23041830 168014B2 17DC0FCD 5E997695 E17D83E0 A8EAB5EC

30C00D30 1D060355 1D0E0416 0414B217 DC0FCD5E 997695E1 7D83E0A8 EAB5EC30

C00D300D 06092A86 4886F70D 01010405 00038181 007DAF9A 6A72662F 76416B79

EA04341A C373F76A 935B5FB5 835BA9FD 93BDBC88 A5AD489F 8CE6BC0B 3E6DED92

030BF11F 27A48AAE 60A5A5DB D643359A 633FF6BD 17A116B0 D96D13D4 D3DD497C

FFDD3352 785BF7AC 464D8F86 6F390F01 86534A0A CAF030F2 91FFFA05 D762FFE2

EB87B99E D6B3A06F FA8BA6DF C22E9DB0 1082CAA1 B4

quit

license udi pid CISCO1941/K9 sn FCZ152891DK

!

username administrator privilege 15 secret 5 $1$wEwc$MYvRtZopMlwLSJxw3Er571

!

interface GigabitEthernet0/0

description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$

ip address 172.27.11.10 255.255.255.0

duplex auto

speed auto

!

interface GigabitEthernet0/1

ip address 10.102.50.1 255.255.255.0

shutdown

duplex auto

speed auto

!

interface Serial0/0/0

ip address 10.248.0.18 255.255.255.252

encapsulation ppp

!

ip forward-protocol nd

!

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

ip route 0.0.0.0 0.0.0.0 10.248.0.17

!

control-plane

!

banner exec ^C

% Password expiration warning.

-----------------------------------------------------------------------

Cisco Configuration Professional (Cisco CP) is installed on this device

and it provides the default username "cisco" for one-time use. If you have

already used the username "cisco" to login to the router and your IOS image

supports the "one-time" user option, then this username has already expired.

You will not be able to login to the router with this username after you exit

this session.

It is strongly suggested that you create a new username with a privilege level

of 15 using the following command.

username privilege 15 secret 0

Replace and with the username and password you want to

use.

-----------------------------------------------------------------------

^C

banner login ^C

-----------------------------------------------------------------------

Cisco Configuration Professional (Cisco CP) is installed on this device.

This feature requires the one-time use of the username "cisco" with the

password "cisco". These default credentials have a privilege level of 15.

YOU MUST USE CISCO CP or the CISCO IOS CLI TO CHANGE THESE PUBLICLY-KNOWN

CREDENTIALS

Here are the Cisco IOS commands.

username privilege 15 secret 0

no username cisco

Replace and with the username and password you want

to use.

IF YOU DO NOT CHANGE THE PUBLICLY-KNOWN CREDENTIALS, YOU WILL NOT BE ABLE

TO LOG INTO THE DEVICE AGAIN AFTER YOU HAVE LOGGED OFF.

For more information about Cisco CP please follow the instructions in the

QUICK START GUIDE for your router or go to http://www.cisco.com/go/ciscocp

-----------------------------------------------------------------------

^C

!

line con 0

login local

line aux 0

line vty 0 4

access-class 23 in

privilege level 15

login local

transport input telnet ssh

line vty 5 15

access-class 23 in

privilege level 15

login local

transport input telnet ssh

!

scheduler allocate 20000 1000

end

Thank you in Advanced!!!!!!

cadet alain · ‎11-04-2011

Hi,

Which network are you trying to reach and from where is it failing.

Could you post the results of what is working and what is failing.

Alain

Don't forget to rate helpful posts.

Richard Burts · ‎11-04-2011

I agree that having some specifics of what is working and what is not working would help us figure out what is going on.

I do not see any address translation in the configuration that is posted. So I wonder if the provider is doing address translation. And that makes me wonder if the problem might be related to address translation. My theory is that the problem relates to the fact that the ping and traceroute from the server would have a source address in the subnet of one of the Gig interfaces while ping and traceroute from the router will have the source address of the serial interface. Perhaps there is address translation for the subnets on Gig but not translation for the subnet on the serial interface?

One way to test this would be to use extended ping and tracearoute on the router. In the extended ping and traceroute you have an option to specify the source interface. So try extended ping and traceroute where you specify the source address for the router as the Gig interface where the server is connected.

HTH

Rick

HTH

Rick

vgklezakos · ‎11-06-2011

Hello

The gig0/0 interface is directly connected to my network while the serial interface s0/0/0 is connected with the provider's modem. You are right Ritchard when i try extended ping with source interface the gig interface the ping passes while when i try to ping from the serial interfaces it doesn't passes.

Any suggestions on what I should do?

Thanks in advanced

nkarpysh · ‎11-06-2011

Hi Evangelos,

It seems to be remote side not having route to NW configured on S0/0/0. Or there is an access-list blocking access to it between your router and distinct location. Your ISP or anyone who has access through the WAN path need to check that.

Nik

HTH,
Niko

vgklezakos · ‎11-07-2011

Thank you Nikolay you were right i just contacted my isp and he confirmed me the malfunction