Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Cisco 2600 Config Issue: Not able to see all network devices

Status
Not open for further replies.
stech1

stech1

MIS
Oct 16, 2003
63
US
Thanks to the help of others I am slowly but surely building up my network for CCNA Testing. Faithless was a big help and recently got my DNS server up and running. Since then I have introduced a Cisco 2600 Router into my network.

Network Description:

Network 192.168.0.0:
DLink DI 604 connected to the Internet(192.168.0.1)
Windows 2003 Server(192.168.0.2)
Workstation(IP is Dynamically Assigned)
Cisco interface 0/0(192.168.0.3)

Network 192.168.1.0
Cisco Interface 0/1(192.168.1.1)
Windows 2000 Server(192.168.1.2)

The default Gateway on the Cisco Router is 192.168.0.1

The issue is that some of the network devices cant be seen on the other side of the Router.

The Firewall and Workstation can only ping devices in the 192.168.0.0 network.

The Windows 2003 Server(192.168.0.2) can ping everything on both sides of the Router. The default gateway is set to the cisco router(192.168.0.3) and can access the internet through the router.

The windows 2000 Server(192.168.1.2) can ping both interfaces on the Router and the Windows 2003 Server(192.168.0.2) but not the workstation or the firewall.

The Cisco Router can ping all devices.

If it is helpful, I can give a printout of the Cisco running config. Whats frustrating is that the windows 2000 Server can see the the windows 2003 Server but not the Workstation or Firewall. It just doesnt make any sense to me.

Id appreciate any input as to what may be causing the problem.

Thanks







 
Sort by date Sort by votes
You may want to check that you have a default gateway set on the workstation and FW. If they are in 192.168.0.0, then their default GW should be 192.168.0.3

You may want to see how the firewall is configure in your network. Does it sit between the workstation and server? Is it blocking traffic between devices? Post your router config so we can have a look, though the routing appears to be in place if one server can ping the other server on the other subnet.

JimmyZ
 
Upvote 0 Downvote
The firewall is between the Cisco Router and the internet.

Here is the Running Config on the Cisco Router:

Current configuration : 665 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname BoomTown
!
enable secret 5 $1$EIf.$m1ChsIr9GA/wbNDLhbgb11
enable password trance
!
memory-size iomem 10
ip subnet-zero
!
!
!
!
!
!
!
interface Ethernet0/0
ip address 192.168.0.3 255.255.255.0
half-duplex
!
interface Serial0/0
no ip address
shutdown
!
interface Ethernet0/1
ip address 192.168.1.1 255.255.255.0
half-duplex
!
ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.0.1
!
!
snmp-server community public RO
snmp-server enable traps tty
!
line con 0
line aux 0
line vty 0 4
password trance
login
!
!
!
end

Good call on the Workstation, The scope was pointing to the Firewall(192.168.0.1) instead of the Cisco Router(192.168.0.3). Now the Workstation can see the Windows 2000 Server(192.168.1.2) and vice versa.

Maybe I have the network configured wrong but here is what I am trying to do. The Networks are connected to the internet by the Firewall(192.168.0.1). To Access the internet you have to go through the firewall. I tried to configure the Cisco Router to point to the firewall and then set the default GW on the 2 servers to the cisco router. Theoretically, the path to the internet for both servers should be server to cisco router to firewall to internet.

Now the only real issue left is why cant the Windows 2000 server(192.168.1.2) with a default GW pointing to the Cisco Router(192.168.1.1), ping the Firewall and go through the firewall and access the internet?

Thanks for the help on figuring out the Workstation
 
Upvote 0 Downvote
stech1,
As you have no access-list on your router, I would guess the problem lies on your firewall. It may be preventing icmp packets for ping. Also to access the internet, are you doing NAT on your firewall? You may want to look at the fw config further.

JimmyZ
 
Upvote 0 Downvote
Although the windows 2000 server(192.168.1.2) cant ping the firewall(192.168.0.1) or access the internet, the windows 2003 Server(192.168.0.2) and the router can ping the firewall and everything in the 192.168.0.0 network has access to the internet. I think I have something not configured correctly in the router or on the windows 2000 server but dont know enough about cisco ios to know what to change.
 
Upvote 0 Downvote
Your win 2003 server is in the same subnet as the firewall (192.168.0.x). Hence it does not need to go through the router to ping the firewall.

Your router has a basic config, interfaces into each network; 192.168.1.x & 192.168.0.x, and a default route via the firewall. Nothing complex about it, so I don't think the problem is with the cisco router.

As I said, the problem would appear to be on the firewall. Does the fw have a route to the 192.168.1.x network? Try to ping to a 192.168.1.x device from the firewall. If the fw does not know how to get to 192.168.1.x, then a ping response will not return to the host.

JimmyZ
 
Upvote 0 Downvote
Jimmyzz,

The Firewall cannot ping anything in the 192.168.1.0 Network and it appears that my DLink DI 604 does not have a way to configure a route back to the Cisco Router. I have a netgear firewall laying around - I will see if that can be configureed. If not, do you have any reccomendations on inexpensive routers\firewalls that can be configured to work with the Cisco Router?

Thanks for helping me out

STech1
 
Upvote 0 Downvote
stech1
The cheapest FW solution would be to get an old PC with 2x network cards and run linux. Everyone has a PC lying around and linux is "free". But unless you've got some good linux skills or have the desire to learn it (which is not as hard a you think) then you may need to acquire a small appliance firewall. There a plenty out there (ie. netscreen, sonicwall, watchguard etc. - check out the firewall forum and discuss with the experts there) I haven't used any of these as I usually work with cisco products such as the PIX.

Alternatively you can run an IOS Firewall on your cisco router, but you would need to buy/download the firewall IOS feature set, which may be around the same cost of a soho appliance firewall.

JimmyZ
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

B
  • Locked
  • Question
Cisco IP phone 7841 8851 unable to forward all to external number
Replies
0
Views
388
badwolf1686
B
jobsp90
  • Locked
  • Question
I have a issue in my office hospital network regarding using IPPBX software.
Replies
2
Views
501
DavetheChef
DavetheChef
Blackybear
  • Locked
  • Question
Cisco RV042G router
Replies
0
Views
304
Blackybear
Blackybear
CPM86
  • Locked
  • Question
Cisco isr 4331 with IOS and sip busy fail over to 2nd sip number on pbx?
Replies
0
Views
539
CPM86
CPM86
Luzbel
  • Locked
  • Question
Connecting HVAC controller to network
Replies
0
Views
560
Luzbel
Luzbel

Part and Inventory Search

Sponsor

Back
Top