Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

cannot ping across router

Status
Not open for further replies.
silks101

silks101

Technical User
Apr 28, 2003
64
GB
I should know how to resolve this but it is causing a lot of hassle.

int ethernet 0 I have a 3com switch when pinging from a pc to the e0 ip address it works fine

atm0 (dialer1) is the wan port and I can ping from here to most places on the corporate network

the problem is when I ping from the ethernet port to a device on the corporate network it just times out and vice versa.

all interfaces are up and have ip address allocated to them.

any ideas?

regards
silks101
 
Sort by date Sort by votes
Have u got a Routing Protocol?

Pls also post full config.

AJ

===

Fatman Superstar (Andrew James)

CCNA, CCAI
 
Upvote 0 Downvote
here is the full config - the branch is on IP stream which authenticates on an ACS server. the ACS server assigns dialer 1 with an ip address (which I can ping from)



sh run
Building configuration...

Current configuration : 5452 bytes
!
! Last configuration change at 16:55:06 GMT Wed Jan 5 2005
! NVRAM config last updated at 16:55:09 GMT Wed Jan 5 2005
!
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname LeightonB
!
boot-start-marker
boot-end-marker
!
memory-size iomem 5
enable secret
!
username xxxxx password 0 xxxxx
clock timezone GMT 0
clock save interval 8
no aaa new-model
ip subnet-zero
no ip domain lookup
ip domain name xxxxxx
ip host caserver1 xxxxx
ip dhcp excluded-address xx.1 xx.99
ip dhcp excluded-address xx.120 xx.254
!
ip dhcp pool BranchDHCP
network xx.0 255.255.255.0
dns-server xx.201 xx.202
default-router xx.254
domain-name info.net
!
!
ip inspect name fwinspect udp
ip inspect name fwinspect smtp
ip inspect name fwinspect cuseeme
ip inspect name fwinspect ftp
ip inspect name fwinspect h323
ip inspect name fwinspect rcmd
ip inspect name fwinspect realaudio
ip inspect name fwinspect streamworks
ip inspect name fwinspect vdolive
ip inspect name fwinspect sqlnet
ip inspect name fwinspect tftp
ip inspect name fwinspect icmp
ip inspect name fwinspect http
ip audit po max-events 100
no ftp-server write-enable
!
crypto pki trustpoint caserver1
enrollment mode ra
enrollment url xxxxxxx
serial-number
revocation-check none
auto-enroll
!
!
!
!
!
crypto isakmp policy 10
encr 3des
group 2
crypto isakmp keepalive 10 5
!
!
crypto ipsec transform-set 3dessha esp-3des esp-sha-hmac
mode transport
!
crypto ipsec profile xxxxvpn
set transform-set 3dessha
!
!
!
!
interface Tunnel1
bandwidth 1000
ip address xxxx5 255.255.255.0
ip mtu 1416
ip nhrp authentication secret
ip nhrp map xxxx.1 xxxx.2
ip nhrp network-id 1001
ip nhrp holdtime 300
ip nhrp nhs xxxx.1
delay 1000
tunnel source Dialer1
tunnel destination xxxx.2
tunnel key 1001
tunnel protection ipsec profile xxxxvpn
!
interface Tunnel2
bandwidth 1000
ip address xxxx5 255.255.255.0
ip mtu 1416
ip nhrp authentication secret
ip nhrp map xxxx.1 xxxx.3
ip nhrp network-id 1002
ip nhrp holdtime 300
ip nhrp nhs xxxxx.1
delay 1500
tunnel source Dialer1
tunnel destination xxxx.3
tunnel key 1002
tunnel protection ipsec profile xxxxvpn
!
interface Loopback0
ip address xxxx.5 255.255.255.255
!
interface Ethernet0
ip address xxxx.254 255.255.255.0
ip tcp adjust-mss 1300
hold-queue 100 out
!
interface ATM0
mtu 1458
no ip address
no ip mroute-cache
no atm ilmi-keepalive
dsl operating-mode auto
hold-queue 224 in
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface Dialer1
mtu 1458
ip address negotiated
ip access-group 199 in
encapsulation ppp
dialer pool 1
dialer idle-timeout 2147483
dialer-group 1
ppp authentication chap callin
ppp chap hostname xxxx
ppp chap password xxxx
!
router eigrp 100
offset-list 1 out 12800 Tunnel2
network xxxx0 0.0.0.255
network xxxx.5 0.0.0.0
network xxxx.0 0.0.0.255
network xxxx.0 0.0.0.255
distribute-list 1 out
no auto-summary
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
no ip http server
no ip http secure-server
!
!
access-list 1 permit xxxx.0
access-list 1 permit xxxx.5
!
!
dialer-list 1 protocol ip permit
snmp-server community CONNSNMP RW
snmp-server enable traps tty
!
control-plane
!
!
line con 0
no modem enable
transport preferred all
transport output all
line aux 0
transport preferred all
transport output all
line vty 0 4
login local
transport preferred all
transport input all
transport output all
!
scheduler max-task-time 5000
sntp server xxxx1
!
end

Steve Lindley
CCNA
 
Upvote 0 Downvote
the access lists form part of the distribution in EIGRP as to what networks to advertise.

I figured it out any way - the ACS box used to authenticate IPStream routers was not passing on the av-pair attribute for the site network address.

thanks for your help

Steve Lindley
CCNA
 
Upvote 0 Downvote
Silks101

Hello and just a quick question, reading your post I would just like to know if you can express what "not passing on the av-pair attribute for site network address" really means.. I am learning about ATM interfaces and routers.. just curious if you had a moment to explain..

thanks
gman[morning]
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Tariq Habaybeh
  • Locked
  • Question
Cisco 881WD-E-K9 router configuration
Replies
1
Views
285
burtsbees
burtsbees
Zia khan
  • Locked
  • Question
Cisco: 2811 Router
Replies
1
Views
271
CASSBusinessSystems
CASSBusinessSystems
kjhg
  • Locked
  • Question
2811 ROUTER
Replies
3
Views
361
iggsterman
iggsterman
siggyb
  • Locked
  • Question
Router on a stick, router pings internet but sitch does not
Replies
1
Views
231
ADB100
ADB100
ths0210
  • Locked
  • Question
Cisco 4G LTE Router - WiFi Issues
Replies
0
Views
187
ths0210
ths0210

Part and Inventory Search

Sponsor

Back
Top