11-06-2012 05:24 AM
Hi guys,
I try to make a gre tunnel with 2 cisco routers 2901, ping responds between tunnel ip's ends, but I don't have pings from the pc's inside the networks.
Router 1 relevant info from config:
============================
interface Tunnel0
ip address 172.16.0.1 255.255.255.0
ip mtu 1400
ip tcp adjust-mss 1360
tunnel source xx.180.116.49
tunnel destination xx.180.116.45
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
ip address 11.11.11.1 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet0/1
ip address xx.180.116.49 255.255.255.224
duplex auto
speed auto
!
ip forward-protocol nd
!
ip http server
ip http secure-server
!
ip route 10.10.10.0 255.255.255.0 172.16.0.2 permanent
!
Router 2
======================================
interface Tunnel0
ip address 172.16.0.2 255.255.255.0
ip mtu 1400
ip tcp adjust-mss 1360
tunnel source xx.180.116.45
tunnel destination xx.180.116.49
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
ip address 10.10.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
description $ES_LAN$
ip address xx.180.116.45 255.255.255.224
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
ip forward-protocol nd
!
ip http server
no ip http secure-server
!
ip route 11.11.11.0 255.255.255.0 172.16.0.1 permanent
!
I've attached the full configs.
Thank you,
Catalin
11-06-2012 06:34 AM
Hello Ditu,
Please remove the 'ip tcp adjust-mss 1360' from both the tunnels and also set the ip mtu as 1500..
regards
Harish
11-06-2012 07:02 AM
Thanks for your reply Harish.
I removed the adjust-mss and set the mtu to 1500 but still nothing.
In wireshark I see the packets coming on stations and the reply also, but for a strage reason they do not appear in windows console. There I get an request time out.
11-06-2012 12:03 PM
Hi guys,
I've used ospf but the problem is still there.
I use sharkwire on pc's in networks 10.10.10.0 or 11.11.11.0 and I can see the icmp packets arriving(in both networks).
But apparently only the pc from 11.11.11.0 network. Ping works only one way, and the funny thing is that if I start a ping from the other network, this ping affects the other working ping, and it transforms to `Request time out`.
Any help is appreciated because tomorrow these sites must be connected somehow.
Router1
==========
interface Tunnel0
ip address 172.16.0.1 255.255.255.0
ip ospf mtu-ignore
keepalive 3 2
tunnel source GigabitEthernet0/1
tunnel destination zzz.xxx.116.45
tunnel path-mtu-discovery
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
ip address 11.11.11.1 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet0/1
ip address zzz.xxx.116.49 255.255.255.224
duplex auto
speed auto
!
router ospf 123
network 11.11.11.0 0.0.0.255 area 0
network 172.16.0.0 0.0.0.255 area 0
!
ip forward-protocol nd
!
ip http server
ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 zzz.xxx.116.33
Router2
==========
!
interface Tunnel0
ip address 172.16.0.2 255.255.255.0
ip ospf mtu-ignore
keepalive 3 2
tunnel source GigabitEthernet0/1
tunnel destination zzz.xxx.116.49
tunnel path-mtu-discovery
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description $ETH-LAN$
ip address 10.10.10.1 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet0/1
description $ES_LAN$$ETH-WAN$
ip address zzz.xxx.116.45 255.255.255.224
duplex auto
speed auto
!
router ospf 123
network 10.10.10.0 0.0.0.255 area 0
network 172.16.0.0 0.0.0.255 area 0
!
ip forward-protocol nd
!
ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 zzz.xxx.116.33
!
11-06-2012 02:50 PM
Hi, remove the default route & and add host route on each router to reach the gre tunnel destination, another thing are you learning OSPF routers?
Sent from Cisco Technical Support iPhone App
11-06-2012 03:24 PM
Hi,
I tried to make use of ospf in my last attempt,
I've also tried with and without the default route.
I've also deleted the `ip default-gateway zzz.xxx.116.33?`
Can it be an issue the fact that both location have the same isp gateway?
It's the same provider and the locations are very close to each other (couple of streets apart).
I use sharkwire on pc's in networks 10.10.10.0 or 11.11.11.0 and I can see the icmp packets arriving(in both sides).
But windows doesn't seem to respond/generate a packet back on 10.10.10.10, only the from 11.11.11.11 (both 10.10.10.10 and 11.11.11.11 are test pc's inside each network).
Sometimes the ping works one way, and the strange thing is that if I start a ping from the other pc, this ping `brakes` the ping from the other one.
Here is the output of show ip route on both routers
Gateway of last resort is zzz.xxx.116.33 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via zzz.xxx.116.33
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.10.10.0/24 is directly connected, GigabitEthernet0/0
L 10.10.10.1/32 is directly connected, GigabitEthernet0/0
11.0.0.0/24 is subnetted, 1 subnets
O 11.11.11.0 [110/1001] via 172.16.0.1, 00:12:05, Tunnel0
zzz.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C zzz.xxx.116.32/27 is directly connected, GigabitEthernet0/1
L zzz.xxx.116.45/32 is directly connected, GigabitEthernet0/1
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.16.0.0/24 is directly connected, Tunnel0
L 172.16.0.2/32 is directly connected, Tunnel0
Gateway of last resort is zzz.xxx.116.33 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via zzz.xxx.116.33
10.0.0.0/24 is subnetted, 1 subnets
O 10.10.10.0 [110/1001] via 172.16.0.2, 00:03:10, Tunnel0
11.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 11.11.11.0/24 is directly connected, GigabitEthernet0/0
L 11.11.11.1/32 is directly connected, GigabitEthernet0/0
zzz.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C zzz.xxx.116.32/27 is directly connected, GigabitEthernet0/1
L zzz.xxx.116.49/32 is directly connected, GigabitEthernet0/1
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.16.0.0/24 is directly connected, Tunnel0
L 172.16.0.1/32 is directly connected, Tunnel0
Thank you
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide