Unable to route packets

jason.tan · ‎09-20-2007

I am facing a routing problem. Refer to the attached document for network topology.

On the C2811 router (IOS 12.4), I can ping to any local VLAN segments. But I can't ping to remote 10.10.31.x/24., other than .254 host. But on the C1841 router itself, I can ping to 10.10.31.x/24.

On the C1841 router (IOS 12.4), I can ping to 172.26.10.x xecept for .2, .1 and other VLANs. When I do a traceroute (eg to 172.26.10.2), the hop stop at 192.168.10.2.

Any1 know what's goes wrong?

spremkumar · ‎09-20-2007

hi

can you post the config of the routers ?

regds

jason.tan · ‎09-20-2007

****** C2811 ************

sh run

Building configuration...

Current configuration : 1976 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname yourname

!

boot-start-marker

boot-end-marker

!

logging buffered 51200 warnings

enable secret xxx

!

no aaa new-model

!

ip cef

!

ip domain name yourdomain.com

--More-- !

username vendor privilege 15 secret xxx

!

interface FastEthernet0/0

description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0/0$$FW_INSIDE$

ip address 192.168.10.2 255.255.255.252

duplex auto

speed auto

!

interface FastEthernet0/1

description $FW_INSIDE$

ip address 172.x.x.254 255.255.255.0

duplex auto

speed auto

!

ip route 10.10.31.0 255.255.255.0 192.168.10.1

ip route 10.101.23.0 255.255.255.0 192.168.10.1

ip route 172.10.0.0 255.0.0.0 172.26.10.1

!

ip http server

--More-- ip http authentication local

ip http timeout-policy idle 60 life 86400 requests 10000

!

control-plane

!

^C

!

line con 0

login local

line aux 0

line vty 0 4

privilege level 15

login local

transport input telnet

line vty 5 15

privilege level 15

login local

transport input telnet

!

scheduler allocate 20000 1000

!

end

yourname#

***********************

********** C1841 ******************

Building configuration...

Current configuration : 1825 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Keppel

!

boot-start-marker

boot-end-marker

!

logging buffered 51200 warnings

!

no aaa new-model

ip cef

!

ip domain name yourdomain.com

username cisco privilege 15 secret 5

!

interface FastEthernet0/0

description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0$

ip address 192.168.100.2 255.255.255.252

duplex auto

speed auto

!

interface FastEthernet0/1

ip address 10.100.23.254 255.255.255.0

duplex auto

speed auto

!

ip http server

ip http access-class 23

ip http authentication local

ip http timeout-policy idle 60 life 86400 requests 10000

!

access-list 23 permit 10.10.10.0 0.0.0.7

!

control-plane

!

line con 0

login local

line aux 0

line vty 0 4

access-class 23 in

privilege level 15

login local

transport input telnet

line vty 5 15

access-class 23 in

privilege level 15

login local

transport input telnet

!

scheduler allocate 20000 1000

end

********************************

When I do a traceroute from C1841 router,

1 192.168.10.1 0 msec 0 msec 0 msec

2 192.168.10.2 8 msec 4 msec 0 msec

3 * * *

4 * * *

jason.tan · ‎09-20-2007

I do further troubelshooting and realised the remote router can't access the HQ switch's uplink port, which link back to core switch. But I can't find any fault in the core switch.

IanTarasevitsch1995 · ‎09-24-2007

Try a "show ip route" for the destinations you are trying to get to. I don't see any dynamic routing protocols, and I don't see enough static routes to get to the places you're trying to get to.

How are you crossing the VPN? Are you using a GRE tunnel or some other method to get to the other networks? Can you ping/trace to 192.168.100.1 or .2?