Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

VPN cisco677

Status
Not open for further replies.
Guest_imported

Guest_imported

New member
Joined
Jan 1, 1970
Messages
0
PROBLEM:
A=cisco677 with ip adress a.b.c.d
B=cisco677 with ip address d.e.f.g
a vpn between A and B
adsl connection.
A's gw is a cisco6400 router
there was an image upgrade on the 6400 three days ago.
so,
A is ok, but B can access only local sites,from .xy domain

a traceroute from our isp to B is ok:
1.gw(6400)
2.ip address a.b.c.d
3.d.e.f.g

traceroute from outside(from a route-server for example):

...
x
x
x
23.ip address a.b.c.d
24.gw(6400)
25.ip address a.b.c.d
26.gw(6400)
27.ip address a.b.c.d
28.gw(6400)
29.ip address a.b.c.d
30.gw(6400)
and so on...


What could it be?
 
Sort by date Sort by votes
Hi

I'm no expert on these routers, but from what you write it seems like you got a routing loop. Check the routing tables on each router. Check whatevere dynamic routing protocols you're running. Find which route is missing and why, and correct the problem.

The relase documents of the new software image on the 6400 may give you a clue. Maybe they've changed some default values?

-katamann
 
Upvote 0 Downvote
about the routing loop:
this client CAN access sites from .xy domain,so he makes taraffic there;the routes are ok since it work for .xy domain.
but i wonder how that ciso 677 knows when the traffic is from outside(that traceroute from a route server) so he turns it back to the 6400.
it's like he knows: if the traffic is from .xy then it's ok and if it is from else where it's not ok with him,and there appears that routing loop.



 
Upvote 0 Downvote
The router has a routing table.
So if it has a route for the .xy that can work, but it may not have a route to other ip's. There is no way for anyone to resolve this problem without more information of what routes, what routing protocols and more on the config on each route. From what you're saying the router probably has these routes. What domain each router can reach is irrellevant. Router work on layer three of the OSI model, and doesn't care about hostnames, but IP addresses. Post the routers ip's and routing table, and maybe someone could help you.

-katamann

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

quazimotto
  • Locked
  • Question Question
Cisco ASA_5505 VPN to Juniper_SRX210 VPN IS UP_ No Traffic!!!!!!
Replies
0
Views
316
quazimotto
quazimotto
tviman
  • Locked
  • Question Question
Same subnet on each side of a VPN
Replies
2
Views
365
tviman
tviman
DigitalG
  • Locked
  • Question Question
cisco rv180 vpn tunnel between a rv130
Replies
0
Views
257
DigitalG
DigitalG
napoleao
  • Locked
  • Question Question
IPSec VPN
Replies
3
Views
426
napoleao
napoleao
whatwhatwhatwhat
  • Locked
  • Question Question
VPN problem. Please help!
Replies
2
Views
323
ngtri
ngtri

Part and Inventory Search

Sponsor

Back
Top