Why can't I do an internal ping to ethernet0? 1

[itfellow]

Hi all,

I'm still a beginner with the Cisco routers. Here's my situation:

I have two offices which communicate over the internet using the VPN tunnel between two Cisco 1721 routers. One office is out in the middle of nowhere, and just recently we were able to get DSL service to replace the old ISDN line. I purchased a WIC-1ENET module to use with a DSL modem to get the service going on the remote site.

I've installed teh WIC-1ENET module in the router (with the ISDN module still in), and I know there will be some configuring to get the interface working with the DSL, but at present I can't even get an internal ping to work on the ethernet0 interface just to verify that the module is functional. If I telnet into the router, either onthe ISDN interface (BRI0) or the FastEthernet interface, log in as enable, then ping the IP address that I assigned to the ethernet0 interface, I get 0/5 response, even though the "show interface" says the module is OK and the status is "up".

Here is the "show ip int brief":

Interface IP-Address OK? Method Status Protocol
FastEthernet0 192.168.0.254 YES NVRAM up up
Virtual-Access1 unassigned YES unset up up
BRI0 x6.x1.x5.142 YES NVRAM up up
BRI0:1 unassigned YES unset up up
BRI0:2 unassigned YES unset up up
Ethernet0 192.168.2.253 YES manual up down

I'm using the non-routable address just for test purposes at the moment.

Here is the config:

Current configuration : 3587 bytes
!
version 12.3
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname MYROUTER
!
boot-start-marker
boot-end-marker
!
no logging console
enable secret 5 XXXXXXXX
!
username XXXXXX password 7 XXXXXXXXXX
clock timezone Pacific -8
clock summer-time PDT recurring
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
aaa new-model
!
!
aaa authentication login userauth local
aaa authorization network groupauth local
aaa session-id common
ip subnet-zero
!
!
ip domain name XXXXX.org
ip name-server XXX.XXX.174.17
!
ip cef
ip audit notify log
ip audit po max-events 100
no ftp-server write-enable
isdn switch-type basic-5ess
!
!
!
!
crypto isakmp policy 50
encr 3des
hash md5
authentication pre-share
group 2
crypto isakmp key XXXXXXX address XX.XX.XXX.148 no-xauth
crypto isakmp keepalive 10 5
!
!
crypto ipsec transform-set mytransform esp-3des esp-md5-hmac
!
crypto map mytunnelrsa 10 ipsec-isakmp
set peer XX.XX.XXX.148
set transform-set mytransform
match address 116
!
!
!
!
interface BRI0
description ISDN Line # XXXXXXX
ip address XX.XX.XX.142 255.255.255.252
ip access-group 101 in
ip nat outside
encapsulation ppp
no ip route-cache cef
no ip mroute-cache
load-interval 60
dialer string XXXXXXXXX
dialer string XXXXX
dialer load-threshold 2 either
dialer-group 1
isdn switch-type basic-dms100
isdn spid1 XXXXXXXXX
isdn spid2 XXXXXXXXX
ppp authentication pap callin
ppp pap sent-username MYROUTER password 7 XXXXXX
ppp multilink
crypto map mytunnelrsa
!
interface Ethernet0
ip address 192.168.2.253 255.255.255.0
full-duplex
!
interface FastEthernet0
ip address 192.168.0.254 255.255.255.0
ip nat inside
no ip route-cache cef
no ip mroute-cache
speed auto
!
ip local pool ippool 10.1.1.1 10.1.1.254
ip nat pool my XX.XX.XX.142 XX.XX.XX.142 prefix-length 29
ip nat inside source route-map nonat interface BRI0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 BRI0
no ip http server
no ip http secure-server
!
!
logging trap notifications
access-list 2 permit 192.168.1.0 0.0.0.255
access-list 2 permit 192.168.0.0 0.0.0.255
access-list 10 permit 192.168.0.0 0.0.0.255
access-list 10 permit 192.168.1.0 0.0.0.255
access-list 90 permit any log
access-list 101 deny tcp any eq 445 any
access-list 112 deny ip 192.168.0.0 0.0.0.255 10.1.1.0 0.0.0.255
access-list 112 deny ip 192.168.0.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 112 permit ip 192.168.0.0 0.0.0.255 any
access-list 116 permit ip 192.168.0.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 145 permit ip 192.168.0.0 0.0.0.255 192.168.0.0 0.0.0.255
access-list 190 permit ip 192.168.1.0 0.0.0.255 10.1.1.0 0.0.0.255
dialer-list 1 protocol ip permit
!
route-map nonat permit 10
match ip address 112
!
alias exec sr show ip route
!
line con 0
line aux 0
line vty 0 4
access-class 90 in
!
!
end


So, I telnet into the router, log in as enable, type "ping 192.168.2.253" and get "Success rate is 0 percent (0/5)". Shouldn't I be able to ping this interface, just so I know it is functioning?

Thanks for any help you guys might be able to give.

 

[burtsbees]

Not until the line protocol is up. It's not like a loopback address---the line protocol will come up if there is a cable plugged into it, and the other end into a switch or something. Then you would be able to ping it, but not until then.

Burt

 

[itfellow]

burtsbees,

I actually have the cat-5 cable plugged into the ethernet module (from the DSL modem) and I have a link light. I just haven't attempted to sync up the ethernet module settings with the DSL stuff yet. Would that be enough to expect a successful ping?

 

[burtsbees]

No---both ends have to be up in order for the line protocol to be up. Plug the modem in, and do this on the ethernet interface...
router>en
router#conf t
router(config)#int e0
router(config-if)#no ip add
router(config-if)#ip add dhcp
router(config-if)#duplex auto

ALWAYS set the duplex and speed to auto, by the way---it is best practice. This should give you what you need to be able to ping the ethernet interface.

Burt

 

[itfellow]

The WIC-1ENET module only does 10mbs, so there is no speed option. There is also no duplex auto option. I tried both half duplex and full duplex just to be sure, but neither works.

I don't think I mentioned that the IP address from my ISP is static (that is necessary for my VPN tunnel). I verified that the service works by plugging the modem ethernet into a PC and setting the PC IP to the static IP, along with the assigned gateway IP. THe service worked fine.

As another test, instead of plugging the router ethernet directly into the DSL modem, I plugged it into a 10/100 hub. I also plugged the DSL modem ethernet into the hub. I get a link light for the router, but I still show protocol down and cannot ping the interface internally. If I do a shutdown and a no shutdown on the ehternet0 interface, the protocol shows as up for a few seconds, then goes back down.

How much of a connection does the ethernet0 need before it will show protocol up? And return a ping? Either I am missing something really obvious here, or the module is defective.

 

[burtsbees]

Are you using a crossover cable or straight through? You need a crossover for a hub or straight to the modem, but a straight through cable for a switch to the router.
As far as changing the duplex setting, try this...

router>en
router#conf t
router(config)#int e0
router(config-if)#duplex auto
or
router(config-if)#auto-duplex
or if those don't work, try a question mark...
router(config-if)#?
But it really should be set to auto. I don't think this is why you are having problems...it could be the wrong cable, or the WIC-1ENET is bad. Try the cable first, then try this...
router>en
router#test int e0
That only works on some routers, so it may not work on yours. Also, make sure the ip address is set to dhcp on the ethernet interface of the router---the modem should give it a private IP address, which is different than your static public IP.

Burt

 

[plshlpme]

typically if your interfacing with a dsl or cable modem your speed should be 10 half..

it wouldnt hurt to plug it back into your pc though to see for sure what it syncs up at.

i do have a couple dsl modems that will not do 10 mb.. thye only connect at 100mb so plugging them into a wic-1enet was a no go...

 

[itfellow]

I used the same cable for the router that I did when connecting directly to the PC, which is, I suppose, a straight-through cable. I'm not sure why the crossover would be necessary, unless the WIC-1ENET is designed that way?

Anyway, there is no duplex auto option. There is only duplex full and duplex half, and I have tried them both. The purpose of my plugging the router into the 10/100 hub was just in case the ethernet port on the DSL modem was 100 only, while the ethernet0 is 10 only, but that didn't work either. I also thought that simply having the ethernet0 interface connected to a 10mbs hub would provide me with the "protocol up" so at least I would know that it works, but couldn't get it to come up.

The "test int ethernet0" resulted in this: "Failed - not connected problem", but I have the router plugged into the DSL modem directly now.

I'm not sure how else to test this thing out, or whether I should come to the conclusion that the module is defective. Any suggestions?

 

[burtsbees]

Crossover because Cisco routers do not autosense.

Burt

 

[plshlpme]

the cable between the modem and the router should be a straight cable..

when you plugged the modem into the pc.. did you say it came up at 10 half?

i use a 1760 router.. with a wic-1enet

and here is my config

interface Ethernet0/0
description ADSL WAN Interface
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache policy
ip route-cache flow
load-interval 30
half-duplex
pppoe enable group global
pppoe-client dial-pool-number 1
no cdp enable
end

here is a show int for good measure

Ethernet0/0 is up, line protocol is up
Hardware is PQUICC Ethernet, address is 0004.dd0c.ea55 (bia 0004.dd0c.ea55)
Description: ADSL WAN Interface
MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
reliability 255/255, txload 17/255, rxload 13/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Half-duplex, 10BaseT
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
30 second input rate 527000 bits/sec, 84 packets/sec
30 second output rate 673000 bits/sec, 101 packets/sec
4309562 packets input, 57387887 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 input packets with dribble condition detected
3156216 packets output, 735354364 bytes, 0 underruns
0 output errors, 187811 collisions, 0 interface resets
0 babbles, 0 late collision, 1150907 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
router#

 

[itfellow]

Well, I finally found the problem. Of all things in the world, it turned out to be a bad ethernet cable from the router to the dsl modem/hub. There was no visible damage anywhere, but as soon as I swapped it out, the line protocol for the ethernet0 came online and I was able to ping the interface internally to my hearts content.

The interface works fine with the DSL modem and static IP at 10mbps and half-duplex. I set the default route to point toward the gateway address and everything popped up immediately.

Thanks to you guys for all of your help.

 

[asdk]

Cisco WIC-1ENET, all about it...

Cisco WIC-1ENET is set to
half-duplex mode by default, and it does not auto-sense. If you set the Cisco WIC-1ENET to full-duplex
operation, you must also set the device to which the port is attached to full-duplex mode.

http://www.cisco.com/en/US/products/hw/routers/ps221/products_data_sheet09186a0080088714.html