Hi All...
I've been beating my head against the wall for about 5 hours on this one. I'm not a Cisco junkie by any means, but I've learned quite a bit from just playing around. Here's my situation.
I've got a Point to Point T1 between two offices:
Main Office - 10.8.11.0/24
Remote Office - 10.8.10.0/24
I have two Cisco 1721 routers connected to the T1. I can succesfully ping interfaces on the routers from the opposite ends, however I cannot ping any HOSTS from the CLI.
Here are my configs. Please note they may be a bit messy, from all of the different things I have tried.
MAIN SITE:
----------
version 12.4
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname bct1ptp
!
boot-start-marker
boot-end-marker
!
enable password xxxxxxxx
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip cef
!
!
!
!
no ip domain lookup
ip name-server 10.8.11.4
!
!
!
!
!
!
interface FastEthernet0
ip address 10.8.11.254 255.255.255.0
speed auto
no cdp enable
!
interface Serial0
description Bay City T1 to Midland Link
ip address 10.0.0.1 255.255.255.252
ip access-group ptp in
ip access-group ptp out
no cdp enable
!
router eigrp 10
network 10.0.0.0 0.0.0.255
network 10.8.10.0 0.0.0.255
network 10.8.11.0 0.0.0.255
auto-summary
!
ip route 0.0.0.0 0.0.0.0 10.8.11.10
ip route 10.8.10.0 255.255.255.0 10.0.0.2
!
ip http server
no ip http secure-server
!
ip access-list standard ptp
permit any
!
access-list 5 permit 10.8.10.0 0.0.0.255
access-list 5 permit 10.0.0.0 0.0.0.7
access-list 5 permit 10.8.11.0 0.0.0.255
no cdp run
!
control-plane
!
!
line con 0
line aux 0
line vty 0 5
password xxxxxx
login
!
end
bct1ptp#
REMOTE SITE:
------------
version 12.4
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname midt1ptp
!
boot-start-marker
boot-end-marker
!
enable password xxxxxxx
!
no aaa new-model
!
resource policy
!
memory-size iomem 25
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip cef
!
!
!
!
no ip domain lookup
ip name-server 10.8.10.2
!
!
!
!
!
!
interface FastEthernet0
ip address 10.8.10.254 255.255.255.0
speed auto
no cdp enable
!
interface Serial0
description Midland T1 to Bay City Point-to-Point
ip address 10.0.0.2 255.255.255.252
ip access-group ptp in
ip access-group ptp out
!
router eigrp 10
network 10.0.0.0 0.0.0.255
network 10.8.10.0 0.0.0.255
network 10.8.11.0 0.0.0.255
auto-summary
!
ip route 0.0.0.0 0.0.0.0 10.8.11.10
ip route 10.8.11.0 255.255.255.0 10.0.0.1
!
ip http server
no ip http secure-server
!
ip access-list standard ptp
permit any
!
no cdp run
!
control-plane
!
!
line con 0
line aux 0
password xxxxx
login
line vty 0 4
password xxxxx
login
!
end
midt1ptp#
Now, as said..I can ping the other end's router interfaces:
bct1ptp#ping 10.8.10.254
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.8.10.254, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/8/12 ms
bct1ptp#ping 10.0.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/8/8 ms
But cannot ping hosts:
bct1ptp#ping 10.8.10.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.8.10.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
I maybe should also note that the default gateway to the internet (as well as NAT) is handled by a PIX at 10.8.11.10. This is just a straight T1 between two subnets. I'm thinking it's an ACL issue??? Any tips would be greatly appreciated!!
I've been beating my head against the wall for about 5 hours on this one. I'm not a Cisco junkie by any means, but I've learned quite a bit from just playing around. Here's my situation.
I've got a Point to Point T1 between two offices:
Main Office - 10.8.11.0/24
Remote Office - 10.8.10.0/24
I have two Cisco 1721 routers connected to the T1. I can succesfully ping interfaces on the routers from the opposite ends, however I cannot ping any HOSTS from the CLI.
Here are my configs. Please note they may be a bit messy, from all of the different things I have tried.
MAIN SITE:
----------
version 12.4
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname bct1ptp
!
boot-start-marker
boot-end-marker
!
enable password xxxxxxxx
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip cef
!
!
!
!
no ip domain lookup
ip name-server 10.8.11.4
!
!
!
!
!
!
interface FastEthernet0
ip address 10.8.11.254 255.255.255.0
speed auto
no cdp enable
!
interface Serial0
description Bay City T1 to Midland Link
ip address 10.0.0.1 255.255.255.252
ip access-group ptp in
ip access-group ptp out
no cdp enable
!
router eigrp 10
network 10.0.0.0 0.0.0.255
network 10.8.10.0 0.0.0.255
network 10.8.11.0 0.0.0.255
auto-summary
!
ip route 0.0.0.0 0.0.0.0 10.8.11.10
ip route 10.8.10.0 255.255.255.0 10.0.0.2
!
ip http server
no ip http secure-server
!
ip access-list standard ptp
permit any
!
access-list 5 permit 10.8.10.0 0.0.0.255
access-list 5 permit 10.0.0.0 0.0.0.7
access-list 5 permit 10.8.11.0 0.0.0.255
no cdp run
!
control-plane
!
!
line con 0
line aux 0
line vty 0 5
password xxxxxx
login
!
end
bct1ptp#
REMOTE SITE:
------------
version 12.4
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname midt1ptp
!
boot-start-marker
boot-end-marker
!
enable password xxxxxxx
!
no aaa new-model
!
resource policy
!
memory-size iomem 25
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip cef
!
!
!
!
no ip domain lookup
ip name-server 10.8.10.2
!
!
!
!
!
!
interface FastEthernet0
ip address 10.8.10.254 255.255.255.0
speed auto
no cdp enable
!
interface Serial0
description Midland T1 to Bay City Point-to-Point
ip address 10.0.0.2 255.255.255.252
ip access-group ptp in
ip access-group ptp out
!
router eigrp 10
network 10.0.0.0 0.0.0.255
network 10.8.10.0 0.0.0.255
network 10.8.11.0 0.0.0.255
auto-summary
!
ip route 0.0.0.0 0.0.0.0 10.8.11.10
ip route 10.8.11.0 255.255.255.0 10.0.0.1
!
ip http server
no ip http secure-server
!
ip access-list standard ptp
permit any
!
no cdp run
!
control-plane
!
!
line con 0
line aux 0
password xxxxx
login
line vty 0 4
password xxxxx
login
!
end
midt1ptp#
Now, as said..I can ping the other end's router interfaces:
bct1ptp#ping 10.8.10.254
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.8.10.254, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/8/12 ms
bct1ptp#ping 10.0.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/8/8 ms
But cannot ping hosts:
bct1ptp#ping 10.8.10.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.8.10.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
I maybe should also note that the default gateway to the internet (as well as NAT) is handled by a PIX at 10.8.11.10. This is just a straight T1 between two subnets. I'm thinking it's an ACL issue??? Any tips would be greatly appreciated!!
![[americanflag]](/data/assets/smilies/americanflag.gif "[americanflag] [americanflag]")
