Dinosaurs won't route
in [Cisco]
|
Prev: WTB: I NEED TO BUY LIST OF TELECOM, NETWORKING, SOFTWARE, CISCO, MICROSOFT, NORTEL, LUCENT, ALCATEL & MORE
Next: IPSec VPN with c2600 router
From: RoverDrover on 10 Apr 2008 21:20 You guys, I hate having to ask something so simple, but I"m stuck. I was away from the old Cisco access routers for a couple of years, and now all of a sudden I'm needing to use existing equipment to set up very simple routing tasks -- a local LAN and a gateway router, nothing more. I have configured a 4500, a 2621 and a 2514 and at times I get them to route from PCs on the LAN, out to the Internet but when I do get it it's dumb luck. A 2514 and a 2621 for just in case, were working great in my lab and when I took them to the client they just by God would not route. With everybody watching over my shoulder wouldn't you know.... Testing everything in sight, it is clear that is it my configuration that's wrong, and I do not know where the problem is. Has to be simple. May I please post this 2514 sh ru and ask if someone would look at it -- I think the problem will probably just leap out at somebody who is fresh with this stuff. Thanks Guys, Bob W ***********************************************sh ru***************************************** ya-raheem#sh ru Building configuration... Current configuration: ! version 11.1 service udp-small-servers service tcp-small-servers ! hostname ya-raheem ! enable secret 5 $1$YOuB$SaUwSA6QAcU3JwtG66NT60 enable password cisco ! ! interface Ethernet0 ip address 200.200.200.1 255.255.255.0 ! interface Ethernet1 ip address 192.168.0.79 255.255.255.0 ! interface Serial0 no ip address shutdown ! interface Serial1 no ip address shutdown ! router rip version 2 network 200.200.200.0 network 192.168.0.0 no auto-summary ! ip default-gateway 192.168.0.1 ip name-server 4.2.2.2 ip name-server 128.32.206.9 no ip classless ip route 0.0.0.0 0.0.0.0 Ethernet1 logging buffered ! line con 0 line aux 0 line vty 0 4 password hamudi10 login ! end *************************************sh ip int*************************************************** ya-raheem#sh ip int Ethernet0 is up, line protocol is up Internet address is 200.200.200.1/24 Broadcast address is 255.255.255.255 Address determined by non-volatile memory MTU is 1500 bytes Helper address is not set Directed broadcast forwarding is enabled Multicast reserved groups joined: 224.0.0.9 Outgoing access list is not set Inbound access list is not set Proxy ARP is enabled Security level is default Split horizon is enabled ICMP redirects are always sent ICMP unreachables are always sent ICMP mask replies are never sent IP fast switching is enabled IP fast switching on the same interface is disabled IP multicast fast switching is enabled Router Discovery is disabled IP output packet accounting is disabled IP access violation accounting is disabled TCP/IP header compression is disabled Probe proxy name replies are disabled Gateway Discovery is disabled Policy routing is disabled Ethernet1 is up, line protocol is up Internet address is 192.168.0.79/24 Broadcast address is 255.255.255.255 Address determined by setup command MTU is 1500 bytes Helper address is not set Directed broadcast forwarding is enabled Multicast reserved groups joined: 224.0.0.9 Outgoing access list is not set Inbound access list is not set Proxy ARP is enabled Security level is default Split horizon is enabled ICMP redirects are always sent ICMP unreachables are always sent ICMP mask replies are never sent IP fast switching is enabled IP fast switching on the same interface is disabled IP multicast fast switching is enabled Router Discovery is disabled IP output packet accounting is disabled IP access violation accounting is disabled TCP/IP header compression is disabled Probe proxy name replies are disabled Gateway Discovery is disabled Policy routing is disabled Serial0 is administratively down, line protocol is down Internet protocol processing disabled Serial1 is administratively down, line protocol is down Internet protocol processing disabled
From: Merv on 10 Apr 2008 21:53 If default routing is not working then try: ip classless no ip default-gateway 192.168.0.1 no ip route 0.0.0.0 0.0.0.0 Ethernet1 ip route 0.0.0.0 0.0.0.0 192.168.0.1
From: RoverDrover on 10 Apr 2008 22:39 On Apr 10, 8:53 pm, Merv <merv.hr...(a)rogers.com> wrote: > If default routing is not working then try: > > ip classless > no ip default-gateway 192.168.0.1 > no ip route 0.0.0.0 0.0.0.0 Ethernet1 > ip route 0.0.0.0 0.0.0.0 192.168.0.1 Thanks, Merv. It still not working. I can ping both router interfaces from either side, and I can ping everything in both directions from within the router, but I still can't ping through. A PC with the address 200.200.200.3, GW 200.200.200.1, can't ping 192.168.0.1... Here's what I show after making the changes you suggested: ! router rip version 2 network 200.200.200.0 network 192.168.0.0 no auto-summary ! ip name-server 4.2.2.2 ip name-server 128.32.206.9 ip classless ip route 0.0.0.0 0.0.0.0 192.168.0.1 logging buffered !
From: Doan on 10 Apr 2008 23:08 You cannot and should not route RFC1918 addresses to the internet. Either use NAT or use public addresses. Doan On Thu, 10 Apr 2008, RoverDrover wrote: > You guys, I hate having to ask something so simple, but I"m stuck. I > was away from the old Cisco access routers for a couple of years, and > now all of a sudden I'm needing to use existing equipment to set up > very simple routing tasks -- a local LAN and a gateway router, nothing > more. > > I have configured a 4500, a 2621 and a 2514 and at times I get them to > route from PCs on the LAN, out to the Internet but when I do get it > it's dumb luck. A 2514 and a 2621 for just in case, were working > great in my lab and when I took them to the client they just by God > would not route. With everybody watching over my shoulder wouldn't > you know.... Testing everything in sight, it is clear that is it my > configuration that's wrong, and I do not know where the problem is. > Has to be simple. > > May I please post this 2514 sh ru and ask if someone would look at it > -- I think the problem will probably just leap out at somebody who is > fresh with this stuff. > > Thanks Guys, > > Bob W > > ***********************************************sh > ru***************************************** > ya-raheem#sh ru > > Building configuration... > > Current configuration: > ! > version 11.1 > service udp-small-servers > service tcp-small-servers > ! > hostname ya-raheem > ! > enable secret 5 $1$YOuB$SaUwSA6QAcU3JwtG66NT60 > enable password cisco > ! > ! > interface Ethernet0 > ip address 200.200.200.1 255.255.255.0 > ! > interface Ethernet1 > ip address 192.168.0.79 255.255.255.0 > ! > interface Serial0 > no ip address > shutdown > ! > interface Serial1 > no ip address > shutdown > ! > router rip > version 2 > network 200.200.200.0 > network 192.168.0.0 > no auto-summary > ! > ip default-gateway 192.168.0.1 > ip name-server 4.2.2.2 > ip name-server 128.32.206.9 > no ip classless > ip route 0.0.0.0 0.0.0.0 Ethernet1 > logging buffered > ! > line con 0 > line aux 0 > line vty 0 4 > password hamudi10 > login > ! > end > > *************************************sh ip > int*************************************************** > ya-raheem#sh ip int > > Ethernet0 is up, line protocol is up > Internet address is 200.200.200.1/24 > Broadcast address is 255.255.255.255 > Address determined by non-volatile memory > MTU is 1500 bytes > Helper address is not set > Directed broadcast forwarding is enabled > Multicast reserved groups joined: 224.0.0.9 > Outgoing access list is not set > Inbound access list is not set > Proxy ARP is enabled > Security level is default > Split horizon is enabled > ICMP redirects are always sent > ICMP unreachables are always sent > ICMP mask replies are never sent > IP fast switching is enabled > IP fast switching on the same interface is disabled > IP multicast fast switching is enabled > Router Discovery is disabled > IP output packet accounting is disabled > IP access violation accounting is disabled > TCP/IP header compression is disabled > Probe proxy name replies are disabled > Gateway Discovery is disabled > Policy routing is disabled > Ethernet1 is up, line protocol is up > Internet address is 192.168.0.79/24 > Broadcast address is 255.255.255.255 > Address determined by setup command > MTU is 1500 bytes > Helper address is not set > Directed broadcast forwarding is enabled > Multicast reserved groups joined: 224.0.0.9 > Outgoing access list is not set > Inbound access list is not set > Proxy ARP is enabled > Security level is default > Split horizon is enabled > ICMP redirects are always sent > ICMP unreachables are always sent > ICMP mask replies are never sent > IP fast switching is enabled > IP fast switching on the same interface is disabled > IP multicast fast switching is enabled > Router Discovery is disabled > IP output packet accounting is disabled > IP access violation accounting is disabled > TCP/IP header compression is disabled > Probe proxy name replies are disabled > Gateway Discovery is disabled > Policy routing is disabled > Serial0 is administratively down, line protocol is down > Internet protocol processing disabled > Serial1 is administratively down, line protocol is down > Internet protocol processing disabled >
From: RoverDrover on 10 Apr 2008 23:59
On Apr 10, 10:08 pm, Doan <d...(a)usc.edu> wrote: > You cannot and should not route RFC1918 addresses to the internet. Either > use NAT or use public addresses. > > Doan > > Yesssss! I took a LinkSys and gave the LAN side of it 64.183.221.241 / 29 and the WAN side to the 192.168.0.0 network. And the Cisco E1 is 64.183.221.242 /29, GW .241 This duplicates the addressing on both sides of the router at the client's site. And Cisco E0 is 200.200.200.1 and I have a laptop on that subnet. The laptop will now ping pravda.ru or lemonde.fr and get a reply. The only thing that bothers me though, is that I had it working this way last week (though not with the config changes Merv suggested) on the 2514 and also on a 2621 for a backup, and they pinged all the way through... and when I took them to Dallas and set them up with identical addressing, with no change at all, they would not route through. I"m hoping Merv's fix will do the trick, and I wouldn't have found out if not for you reminding me about the private addressing, Doan. Thanks to both of you. Bob W. |