Yes, I have added the static route but no luck still. Here is the config for 1721:1700test#sh run

Building configuration...

Current configuration : 851 bytes

!

version 12.2

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname 1700test

!

enable password 7 104D000A0618

!

ip subnet-zero

ip host 2600test 10.10.10.5

!

!

isdn switch-type basic-ni

!

!

!

interface Loopback0

description network maintenance

ip address 172.25.1.1 255.255.255.255

!

interface BRI0

no ip address

dialer map ip 172.16.254.2 8358662

isdn switch-type basic-ni

!

interface FastEthernet0

ip address 10.10.10.5 255.255.255.252

no ip route-cache

speed auto

!

interface Serial0

no ip address

shutdown

no fair-queue

!

router eigrp 192

network 10.10.10.0 0.0.0.3

auto-summary

!

ip classless

ip route 192.168.1.0 255.255.255.0 10.10.10.2

no ip http server

!

!

dialer-list 1 protocol ip permit

!

line con 0

line aux 0

line vty 0 4

password 7 09584B05170003

login

!

end

....and config for the 2611:

2600test#sh run

Building configuration...

Current configuration : 754 bytes

!

version 12.3

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname 2600test

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$SYNC$ao84Sn9/jjW31UvgBLo191

!

no aaa new-model

ip subnet-zero

ip cef

!

!

ip host 1700test 10.10.10.5

!

ip audit po max-events 100

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

interface FastEthernet0/0

ip address dhcp

duplex auto

speed auto

!

interface FastEthernet0/1

ip address 10.10.10.6 255.255.255.252

duplex auto

speed auto

!

router eigrp 192

network 10.10.10.0 0.0.0.3

network 192.168.1.0

auto-summary

!

ip http server

no ip http secure-server

ip classless

!

!

!

!

!

!

!

!

line con 0

line aux 0

line vty 0 4

password 7 111D1C0919171F

login

!

!

end

Okay.

Firstly your ip route says

ip route 192.168.1.0 255.255.255.0 10.10.10.2

but that is not the interface on your 2600. The 2600 interface is 10.10.10.6 so your route statement should be

ip route 192.168.1.0 255.255.255.0 10.10.10.6

Also you need to make sure your Pix has a route back.

When you do the ping from the 1721 please use an extended ping and use 10.10.10.5 as the source interface.

HTH

Do a traceroute to the pix. Does it take the correct patch to the host?

Are you blocking ICMP on the pix? See link for info on ICMP with the PIX

http://www.cisco.com/en/US/customer/products/hw/vpndevc/ps2030/products_tech_note09186a0080094e8a.shtml

Thanks,

Chad

router eigrp 192

network 10.10.10.4 0.0.0.3

no auto-summary - has solved the problem. Now i can ping 192.168.1 network from 10.10.10.5.

However, I am still unable to ping any addresses from the loopback. This is ip route from 1721:

Gateway of last resort is not set

172.21.0.0/30 is subnetted, 1 subnets

D 172.21.0.0 [90/256007680] via 10.10.10.6, 00:27:45, FastEthernet0

172.25.0.0/32 is subnetted, 1 subnets

C 172.25.1.1 is directly connected, Loopback0

D EX 192.168.200.0/24 [170/286720] via 10.10.10.6, 00:27:45, FastEthernet0

10.0.0.0/30 is subnetted, 2 subnets

D 10.10.10.0 [90/2183680] via 10.10.10.6, 00:27:45, FastEthernet0

C 10.10.10.4 is directly connected, FastEthernet0

192.168.254.0/29 is subnetted, 1 subnets

D EX 192.168.254.0 [170/286720] via 10.10.10.6, 00:27:45, FastEthernet0

D 192.168.1.0/24 [90/30720] via 10.10.10.6, 00:27:45, FastEthernet0

D EX 192.168.2.0/24 [170/286720] via 10.10.10.6, 00:27:45, FastEthernet0

D 192.168.70.0/24 [90/256010240] via 10.10.10.6, 00:27:45, FastEthernet0

1700test#

What command can advertize the loopback on the 1721?

Zubbie

If you add network 172.25.0.0 under your router eigrp it will add the loopback interface to the EIGRP protocol and will advertise the network of the loopback to its neighbors.

HTH

Rick

That is right on the money. I just tried it and it is working now. Thanks a million.