06-23-2007 04:14 AM - edited 03-03-2019 05:34 PM
Hi everyone,
I have given my router config below,
My case is :
as per ACL defined, I am able to communicate with the host/network, but my router is not able to communicate to another side client although the ACL allows the range of IP where router falls,
May I know from you all what is remaining in my configuration.
side A : 192.168.10.x/16 ( fa/0/0)
Side B : 192.168.20.x/16 ( fa/0/0 )
rotuer are on : 172.16.10.x/24
and routing the packets for communicating the hosts/LAN.
Thanks .
Router Config :
Building configuration...
Current configuration : 1888 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname SL
!
boot-start-marker
boot-end-marker
!
no logging console
enable secret 5 XXXXXXXXXXXXXXXXXXXXXXXXX
!
aaa new-model
!
!
!
aaa session-id common
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
ip cef
!
!
no ip dhcp use vrf connected
!
!
multilink virtual-template 1
!
username amar password 7 XXXXXXXXXXX
username sl password 7 XXXXXXXXXXX
!
!
!
interface FastEthernet0/0
ip address 192.168.10.6 255.255.0.0
ip access-group 101 in
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0/0
bandwidth 2048
no ip address
encapsulation ppp
pulse-time 3
ppp multilink
!
interface Serial0/1/0
bandwidth 2048
no ip address
encapsulation ppp
pulse-time 3
ppp multilink
!
interface Serial0/1/1
bandwidth 2048
no ip address
encapsulation ppp
pulse-time 3
ppp multilink
!
interface Virtual-Template1
ip address 172.16.10.1 255.255.255.0
ppp multilink
!
ip classless
ip route 192.168.20.0 255.255.255.0 172.16.10.2
ip route 192.168.60.0 255.255.255.0 172.16.10.2
!
ip http server
!
access-list 101 permit ip 192.168.10.0 0.0.0.255 192.168.20.0 0.0.0.255
access-list 101 permit ip host 192.168.10.1 192.168.60.0 0.0.0.255
access-list 101 permit ip host 192.168.10.3 192.168.60.0 0.0.0.255
access-list 101 permit ip host 192.168.10.4 192.168.60.0 0.0.0.255
access-list 101 permit ip host 192.168.10.8 192.168.60.0 0.0.0.255
access-list 101 permit ip 192.168.10.0 0.0.0.255 192.168.10.0 0.0.0.255
access-list 101 permit ip 192.168.10.0 0.0.0.255 172.16.10.0 0.0.0.255
!
control-plane
!
banner motd ^CINE "Welcome to SHUSHANT ^C
!
line con 0
line aux 0
line vty 0 4
password 7 XXXXXXXXXXX
!
warm-reboot
end
06-23-2007 04:49 AM
Hi
i dnot think that u need this long list of access-list.only the first and the last statement are enough.
Do u have any access-list placed at the other end.Remember the implicit deny statement at the end of the access-list.
The other end router config would provide more information.
Thanks
Mahmood
06-23-2007 05:41 AM
If you are trying to ping or telnet from the router. Your router will use the IP of the outbound interface. In this case 172.16.10.1. You will need this IP range in your config.
06-23-2007 05:42 AM
If you are trying to ping or telnet from the router. Your router will use the IP of the outbound interface. In this case 172.16.10.1. You will need this IP range in your ACL.
06-23-2007 05:48 AM
Thanks for your prompt reply, but see
from both side allowed LANs/Hosts are able to do all the operations, means routers are allowing the packets, but router itself is not able to ping clients of either side but they do for routers each other, is my implication.
06-23-2007 06:00 AM
The router will use the exiting interface IP as the source. If you do this, it will use the FA0/0 as the source.
Router A#ping
Protocol [ip]:
Target IP address: 192.168.20.X (client IP)
!--- The address to ping.
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 192.168.10.6
06-24-2007 04:11 AM
Amrendra
I can not understand clearly what is working (if anything) and what is not working. Can you clarify whether the router in 192.168.10.x can access the router in 192.168.20.x and whether the router in 192.168.10.x can access clients in 192.168.20.x? Also whether clients in 192.168.10.x can access the router in 192.168.20.x and can access clients in 192.168.20.x?
Based on what I think I understand about the symptoms my first guess would be that there might be a problem with configuration of default gateway on the end stations (it could be on either side or on both sides that there is a problem). Can you verify that the end stations have the correct default gateway configured?
Can you also verify that the multilink is working ok?
HTH
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide