cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
18186
Views
0
Helpful
25
Replies

Unable to Ping

simon.hutton1
Level 1
Level 1

First let me apologize for posting probably such a simple question but i'm new to configuring routers so please be nice :) I have installed a 2nd router on our network (my first router config) from this router I can get out to the rest of the network and Internet no problem however I am not able to access any computer connected to the new router. There are 2 networks configured on the new router 10.20.4.0/10.20.5.0. I can ping the router and connect to it over my network, I can ping 10.20.4.1 and 5.1 but the laptop I connect which, has IP address 10.20.4.2, I am unable to ping.

2 Accepted Solutions

Accepted Solutions

There are no rip learned routes in the routing table. Did you ever have rip routes, or did you just configure it and it not work? If you do a "show ip rip database" on both routers, do you get anything back?

If not, you could always put your static routes on routerA. This is the exact reason why you lost internet access when you removed nat. The only network RouterA knows about is 10.20.0.0/22 which your 10.20.3.0 falls into. When you nat, all of your traffic is going out of routerB as the 10.20.3.253 wan address. Before you can remove nat though, you'll need to get the routing fixed on RouterA.

Try 10.20.4.0 <netmask> with a next hop of 10.20.3.253. Remove nat again and try again...

John

HTH, John *** Please rate all useful posts ***

View solution in original post

Glad to hear it! Can you please mark this as resolved?

Thanks!

John

HTH, John *** Please rate all useful posts ***

View solution in original post

25 Replies 25

John Blakley
VIP Alumni
VIP Alumni

The most common cause of this is the firewall on the laptop is enabled. Have you made sure that it's disabled? If it is, you can try to source your ping:

ping 10.20.4.2 source 10.20.4.1

HTH,

John

HTH, John *** Please rate all useful posts ***

Ping using source 10.20.4.1 also fails. I've also noticed that i got my windows mixed up when pinging 10.20.4.1. From the router it pings 10.20.4.1 but not 10.20.4.2 and from my computer connected to a different network i can ping the router but not 10.20.4.1

Firewall on laptop is disabled.

Can you post your config?

HTH, John *** Please rate all useful posts ***

Config attached. This is my first attempt at configuring a router and I am currently working towards my CCNA so still learning.

Ouch!  You do realize you just pasted your passwords in clear text?  I'd change them immediately.  It's always a good idea to sanitize your config before pasting it online, removing any passwords (either clear text or hash), any crypto keys and any real-world IPs at minimum.  It's also a good idea to run the

service password encryption

command on your routers.

Thanks for pointing that out. I picked out a few passwords that i'd noticed were still in clear text but missed a couple. doh! changed now

The first thing I see is in your dhcp pool. You're assigning an incorrect gateway to the 10.20.4.0 subnet:

 

ip dhcp pool Train
 import all
 network 10.20.4.0 255.255.255.192
 dns-server 10.20.0.20 10.20.0.21 
 default-router 10.20.3.254 
 lease 8

This should be 10.20.4.1. This won't stop your pings though.

This dhcp pool should be changed as well:

 

ip dhcp pool Demo
 import all
 network 10.20.5.0 255.255.255.192
 dns-server 10.20.0.20 10.20.0.21 
 domain-name autotech.co.uk
 default-router 10.20.3.254 
 lease 8

The default router for it should be 10.20.5.1.

 

You also don't need these two static routes because the router already sees them as Connected:

 

ip route 10.20.4.0 255.255.255.192 GigabitEthernet0/1
ip route 10.20.5.0 255.255.255.192 GigabitEthernet0/0/0

 

I don't see anything that would keep you from pinging. So, let me clarify. You can ping the router from a laptop in the 10.20.4.x range, but you cannot ping the laptop from the router? The only thing that I see that could affect it is your acl on the interface, but that acl allows everything. You could try removing that to see if it helps. Is there anything between this router and the workstation that you're trying to ping?

HTH,

John

 

HTH, John *** Please rate all useful posts ***

Hi and thanks for the tips. I've corrected those things.

Ah! the Kaspersky firewall was blocking the ping's from the router even though i'd set the exclusions to allow it. So i am now able to ping my laptop from the router it's just from my existing network i'm not able to ping the new ranges. But from new network I can ping the old.

 

What is your existing network? 10.20.3.x?

HTH, John *** Please rate all useful posts ***

10.20.2.x is my existing network

This router doesn't know anything about 10.20.2.x. There aren't any routes or interfaces in that network. Where is that in relation to 10.20.3.x? Can I ask why you're natting on the 10.20.3.x interface?

HTH, John *** Please rate all useful posts ***

10.20.3.x is the IP range for Comms and Printers. So in that range I have switches, Printers, Wireless AP's and my firewall/default gateway.

Devices in existing network have DHCP range of 10.20.1.1-10.20.2.254

The 10.20.3.x interface is the interface that is connected back to my existing network.

Okay. Is there anything between your router and the workstation that you cannot ping? Are you 100% certain that there isn't a firewall enabled on your laptop and that it's getting the correct information from dhcp? I see no reason otherwise why you wouldn't be able to ping the laptop, especially when you can ping the router from the laptop unless there was a firewall between you and it.

You could try to enable debug to see where the packet is going. If you have a heavy network, create an acl and tie the debug to that:

access-list 101 permit ip any host <laptop address>
access-list 101 permit ip host <laptop address> any

debug ip packet 101 detail

Try to ping the host to see what the router is reporting.


 

HTH, John *** Please rate all useful posts ***

I have checked and triple checked the firewall on the laptop and it is definitely disabled., the laptop I cannot ping is currently plugged directly in to INT 0/1 on the Router

I don't think I've explained myself very well so for that i appolgise. What i have at the moment is

1. Laptop A connected to existing network via Router A.

2. From Laptop A I can ping Router B on it's 10.20.3.x address but not it's 10.20.4.x address.

3. I can telnet to router B from Laptop A using the 10.20.3.x address.

4. From that telnet session I can ping Laptop B on it's 10.20.4.x (DHCP) address

5. From Laptop B I can ping Laptop A which has a 10.20.2.x address

So I can get "out" from router B I just can't get "in" Does that makes sense?