Routing between Cisco 851 and 871 problem!

TiagoRebelo · ‎01-04-2011

Hi all,

I´m having a problem in configuring routing between 2 Cisco 800 series.

I am trying to connect this 2 routers with a cross cable in the FA4 (WAN interface) to test a VPN tunnel in a lab enviroment, but i am having some issues in reaching the remote LAN´s.

I have joined the 2 router´s FA4 interface in the same network, and they can reach each other. In the interface´s Vlan1 in each Router that agregate the switching module (Fa0-Fa3) i have created a network Lan.

The problem is when static routes or RIP are implemented, i can ping the remote router Vlan´s interface... but i can´t reach the host´s that are in that network!

Router´s Wan interface (192.168.0.1; 192.168.0.2) /30

R1 Int VLAN 1 - 192.168.1.1 /24

R2 Int VLAN 2 - 192.168.2.1 /24

I´m sure that something is missing.

Hope anyone can advise.

Best Regards,

Reza Sharifi · ‎01-04-2011

Hi,

Make sure you have the correct default gateway configured on the hosts. For host in subnet VLAN 1 - 192.168.1.1 /24 the default gateway should be 192.168.1.1 and for the host in subnet VLAN 2 - 192.168.2.1 /24 the default gateway should be 192.168.2.1

HTH

Reza

TiagoRebelo · ‎01-04-2011

Hi Reza Sharifi,

Thanks for participate in my topic.

The host´s default gateway are correct, because i can reach other networks.

An example, I can ping from a host in the Router 1 VLAN1 network, to the Router 2 VLAN1 (192.168.2.1)... but i can´t ping the test host with 192.168.2.2.

I have an host in each router´s Vlan, both hosts can ping all local and remote router interfaces, but the host can´t ping each other. :S

I think the missing problem is on the interface VLAN, that aggregates the switching module on the 800series.. but i can´t see what´s missing.

When i implement RIP.. the routes are advertised in both routers.

Best Regards,

johnlloyd_13 · ‎01-04-2011

hi tiago,

kindly post your show ip route and show run on both routers.

TiagoRebelo · ‎01-04-2011

Hi John,

i´m not at office, i will post the outputs ASAP.

Thanks

TiagoRebelo · ‎01-05-2011

The outputs of the routers:

RUNNING CONFIG ROUTER

Current configuration : 2931 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router1
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
!
dot11 syslog
ip cef
no ip dhcp use vrf connected
!
ip dhcp pool Lan1
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
!
!
no ip domain lookup
ip domain name yourdomain.com
!
!
!
username ******* privilege 15 secret 5 $1$N0H7$GzHWgHAjiIUQLddTemG2V1
!
!
archive
log config
hidekeys
!
!
!
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
ip address 192.168.0.1 255.255.255.0
duplex auto
speed auto
!
interface Vlan1
description Internal LAN R1
ip address 192.168.1.1 255.255.255.0
ip tcp adjust-mss 1452
!
ip forward-protocol nd
ip route 192.168.2.0 255.255.255.0 192.168.0.2
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
no cdp run
!
!
!
control-plane
!
!
line con 0
login local
no modem enable
line aux 0
line vty 0 4
login local
transport input telnet ssh
!
scheduler max-task-time 5000
end

SHOW IP ROUTE ROUTER1

Gateway of last resort is not set

C    192.168.0.0/24 is directly connected, FastEthernet4
C    192.168.1.0/24 is directly connected, Vlan1
S    192.168.2.0/24 [1/0] via 192.168.0.2

SHOW RUN ROUTER 2

Current configuration : 3049 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router2
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
dot11 syslog

no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool ccp-pool
   import all
   network 192.168.2.0 255.255.255.0
   default-router 192.168.2.1
   lease 0 2
!
!
ip cef
no ip domain lookup
ip domain name yourdomain.com
!
!
!
username ***** privilege 15 secret 5 $1$pzlG$M9vDRGcIFheRXm9RQ9Oad0
!
!
archive
log config
hidekeys
!
!
!
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
ip address 192.168.0.2 255.255.255.0
ip virtual-reassembly
duplex auto
speed auto
!
interface Vlan1
description internal LAN R2
ip address 192.168.2.1 255.255.255.0
ip virtual-reassembly
ip tcp adjust-mss 1452
!
ip forward-protocol nd
ip route 192.168.1.0 255.255.255.0 192.168.0.1
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
no cdp run
!
control-plane
!
!
line con 0
login local
no modem enable
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
end

SHOW IP ROUTE

Gateway of last resort is not set

C    192.168.0.0/24 is directly connected, FastEthernet4
S    192.168.1.0/24 [1/0] via 192.168.0.1
C    192.168.2.0/24 is directly connected, Vlan1

-----------------

Thanks

Best regards

johnlloyd_13 · ‎01-05-2011

your config looks good. could you post your PC's ipconfig and do ping/tracert end-to-end. kindly disable windows FW/AV while doing tests.

dbass · ‎01-05-2011

The routers seem to be configured correctly, so most likely an issue with the PCs. Like somebody else mentioned, are you sure that Windows FW is turned off?

TiagoRebelo · ‎01-06-2011

Hi Jonhlloyd and dbass,

The ipconfig´s are ok.

I´ve found the issue, the routers are ok! It was an ip conflit with the Checkpoint vpn client that i use to connect into a client network. I didn´t expect this application conflit because the host´s and the routers that ive used to test, weren´t connected to the internet and the checkpoint app wasn´t running..

Thanks for the help.

Best Regards,