cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4060
Views
5
Helpful
84
Replies

Lost

jlcarey1usa
Level 1
Level 1

Strange situation. Have a company with two physical sites connected via a point-to-point T1. On each end of the T1 are old Cisco 1602R routers. The problem is actually with Exchange servers failing to talk to each other properly. Site A is main office and Site B is branch office. Each site contains 1 Exchange server and the sites are supposed to talk over this p-t-p connection. I cannot use telnet to connect from site A to site B over port 25. I can however, connect from site B to site A over port 25.

Essentially, the communication between these Exchange servers is failing because messages cannot go from site A to site B, but can go from site B to site A.

The interesting thing is that I can use telnet from site A to site B using a different port, say 691 which is also used with Exchange and it works fine.

I can telnet into site B router and establish a telnet session to the Exchange server in site B.

The problem is router A. For some reason, it will not allow requests over port 25 to go through.

Any clue???

84 Replies 84

Richard Burts
Hall of Fame
Hall of Fame

James

When some traffic does work but traffic on a particular port does not work my first guess is that there is an access list that is blocking.

If you would post the config of both routers we would more likely be able to identify the problem.

HTH

Rick

HTH

Rick

OK. I am trying to clean up the previous admin's mess.

Site A: I think the problem is on this router.

Current configuration:

!

version 12.0

service timestamps debug uptime

service timestamps log uptime

service

password-encryption

!

hostname NY_router

!

enable password "xxxx"

!

!

ip subnet-zero

no ip domain-lookup

!

process-max-time 200

!

interface Ethernet0

description connected to NY_LAN

ip address 192.168.110.1 255.255.255.0

no ip directed-broadcast

no keepalive

!

interface Serial0

description 56k CSU/DSU NOT USED

no ip address

no ip directed-broadcast

encapsulation ppp

no fair-queue

service module 56k clock source line

service module 56k network-type dds

!

interface Serial1

description connected to GA router via t1

bandwidth 1120

ip address 10.1.2.1 255.255.255.0

no ip directed-broadcast

encapsulation ppp

no fair-queue

service-module t1 timeslots 1-20

service-module t1 remote-alarm-enable

!

no ip classless

ip route 0.0.0.0 0.0.0.0 192.168.110.6

ip route 192.168.120.0 255.255.255.0 10.1.2.2

no ip http server

!

!

line con 0

exec timeout 0 0

password "xxx"

login

transport input none

line vty 0 4

password "xxx"

login

!

end

192.168.110.6 is another gateway on the lan subnet that is connected to a sonicwall and then to the Internet.

Site B:

Current configuration:

!

version 12.0

service timestamps debug uptime

service timestamps log uptime

service password-encryption

no service udp-small-servers

no service tcp-small-servers

!

hostname GA-router

!

enable password "xxxx"

ip subnet-zero

no ip domain-lookup

!

interface Ethernet0

description connected to GA_LAN

ip address 192.168.120.1 255.255.255.0

no ip directed-broadcast

!

interface Serial0

description 56k CSU/DSU NOT USED

no ip address

no ip address directed-broadcast

encapsulation ppp

shutdown

service module 56k clock source internal

service module 56k network-type dds

!

interface Serial1

description connected to NY via t1

ip address 10.1.2.2 255.255.255.0

no ip address directed-broadcast

bandwidth 1120

service-module t1 timeslots 1-20

service-module t1 remote-alarm-enable

!

no ip classless

ip route 0.0.0.0 0.0.0.0 192.168.120.2

ip route 0.0.0.0 0.0.0.0 192.168.110.1 2

ip route 192.168.110.0 255.255.255.0 10.1.2.1

ip route 192.168.110.0 255.255.255.0 192.168.120.2 2

!

line con 0

exec-timeout 0 0

password "xxx"

login

transport input none

line vty 0 4

password "xxx"

login

!

end

192.168.120.2 is connected to a sonicwall and out to the Internet. This serves as a backup vpn between the offices.

I do not see anything in this router config that would produce the symptoms that you describe. Can you post the config of the other router?

I do see a couple of things in this config that I would question - though I do not believe that they are related to the symptoms that you describe:

- interface Ethernet 0 is configured with no keepalive. Why is this? It is generally best practice to have keepalive on LAN interfaces?

- no ip classless is configured. This is a very old practice and in general we are better off to configure ip classless. Though with 1 static default route and 1 static network route it probably does not have much impact either way.

HTH

Rick

HTH

Rick

James

You posted the config of the second router while I was making my prior response. Thanks for posting the other config.

I do not see anything in the second config that would produce the symptom that you describe. And I went back and re-read the entire thread. I wonder about this statement in the original post:

I can telnet into site B router and establish a telnet session to the Exchange server in site B.

When you telnet to site B and telnet to the Exchange server is that a normal telnet or a telnet on port 25?

HTH

Rick

HTH

Rick

port 25.

I just changed the port on the exchange server to port 30 and I can now connect to the exchange server on port 30 from site A.

Port 25 is being blocked on site A's router somehow. I have no idea how that could happen.

silly question that i presume youve already checked... though is there any chance you did a:

show startup

and not a:

show run

i suppose you could have a startup config thats not what youre actually running?

you could try a:

show access-lists

or

show interfaces

to see if there are indeed any active acls or acls applied to any interfaces

I did a show run!! good thought though.

But I will check the startup config and the access lists.

Here is the results from show access-lists and then show int

NY_router#show access-lists

NY_router#show int

Ethernet0 is up, line protocol is up

Hardware is QUICC Ethernet, address is 00d0.bae0.29ec (bia 00d0.bae0.29ec)

Description: connected to NY_LAN

Internet address is 192.168.110.1/24

MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set

Keepalive not set

ARP type: ARPA, ARP Timeout 04:00:00

Last input 00:00:00, output 00:00:00, output hang never

Last clearing of "show interface" counters never

Queueing strategy: fifo

Output queue 0/40, 5232 drops; input queue 0/75, 0 drops

5 minute input rate 13000 bits/sec, 11 packets/sec

5 minute output rate 11000 bits/sec, 7 packets/sec

25357744 packets input, 3623322221 bytes, 8 no buffer

Received 17250795 broadcasts, 0 runts, 0 giants, 138875 throttles

3767 input errors, 1 CRC, 3766 frame, 0 overrun, 0 ignored

0 input packets with dribble condition detected

9747530 packets output, 2071818853 bytes, 0 underruns

1098 output errors, 361077 collisions, 1 interface resets

0 babbles, 0 late collision, 129386 deferred

0 lost carrier, 0 no carrier

0 output buffer failures, 0 output buffers swapped out

Serial0 is down, line protocol is down

Hardware is QUICC Serial (with onboard CSU/DSU)

Description: 56k csu/dsu NOT USED

MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation PPP, loopback not set

Keepalive set (10 sec)

LCP Closed

Closed: CDPCP

Last input never, output never, output hang never

Last clearing of "show interface" counters 8w2d

Queueing strategy: fifo

Output queue 0/40, 0 drops; input queue 0/75, 0 drops

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

0 packets input, 0 bytes, 0 no buffer

Received 0 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort

0 packets output, 0 bytes, 0 underruns

0 output errors, 0 collisions, 1 interface resets

0 output buffer failures, 0 output buffers swapped out

0 carrier transitions

DCD=down DSR=down DTR=up RTS=up CTS=up

Serial1 is down, line protocol is down

Hardware is QUICC Serial (with FT1 CSU/DSU WIC)

Description: connected to GA router via t1

Internet address is 10.1.2.1/24

MTU 1500 bytes, BW 1120 Kbit, DLY 20000 usec,

reliability 202/255, txload 1/255, rxload 1/255

Encapsulation PPP, loopback not set

Keepalive set (10 sec)

LCP Closed

Closed: IPCP, CDPCP

Last input 8w1d, output 8w1d, output hang never

Last clearing of "show interface" counters 8w2d

Queueing strategy: fifo

Output queue 0/40, 0 drops; input queue 0/75, 0 drops

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

11752 packets input, 753596 bytes, 0 no buffer

Received 0 broadcasts, 0 runts, 0 giants, 0 throttles

7351 input errors, 27 CRC, 5803 frame, 0 overrun, 0 ignored, 1521 abort

7490 packets output, 104860 bytes, 0 underruns

0 output errors, 0 collisions, 683 interface resets

0 output buffer failures, 0 output buffers swapped out

3 carrier transitions

DCD=down DSR=up DTR=up RTS=up CTS=down

NY_router#

Here's another weird thing for you. On both routers, the serial1 interface shows that it is down. Yet I can get access both sites and ping, etc.

This is what I am seeing: serial1 is down, line protocol is down.?????

User Access Verification

Password:

NY_router>en

Password:

NY_router#sh int s1

Serial1 is down, line protocol is down

Hardware is QUICC Serial (with FT1 CSU/DSU WIC)

Description: connected to GA router via t1

Internet address is 10.1.2.1/24

MTU 1500 bytes, BW 1120 Kbit, DLY 20000 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation PPP, loopback not set

Keepalive set (10 sec)

LCP Closed

Closed: IPCP, CDPCP

Last input never, output never, output hang never

Last clearing of "show interface" counters 00:06:53

Queueing strategy: fifo

Output queue 0/40, 0 drops; input queue 0/75, 0 drops

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

0 packets input, 0 bytes, 0 no buffer

Received 0 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort

0 packets output, 0 bytes, 0 underruns

0 output errors, 0 collisions, 1 interface resets

0 output buffer failures, 0 output buffers swapped out

0 carrier transitions

DCD=down DSR=up DTR=up RTS=up CTS=down

James

I missed this clue in your earlier post. :(

I believe that it is quite helpful in understanding what the issue may be. The serial interface does show as down and that means that no data is flowing over the serial interface. Your earlier post indicates that there is a VPN connection which serves as a backup and I believe that data is flowing over that backup connection. There are several ways that you can verify this:

- do a show ip route on either or both routers and I believe that you will see that the route between the sites is over the backup.

- do a traceroute from NY to GA or from a host in NY to a host in GA. I believe that you will see that the responding interface is not the serial interface but is the VPN path.

This may also help explain the problem with port 25 in GA. If the data is passing through the sonicwall/VPN then there is a possibility that one of the sonicwall is denying that traffic.

HTH

Rick

HTH

Rick

OK. I did a show ip route on the ny router and this is what I get:

Does that confirm your statement?

User Access Verification

Password:

NY_router>en

Password:

NY_router#show ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area

* - candidate default, U - per-user static route, o - ODR

P - periodic downloaded static route

Gateway of last resort is 192.168.110.6 to network 0.0.0.0

C 192.168.110.0/24 is directly connected, Ethernet0

S* 0.0.0.0/0 [1/0] via 192.168.110.6

NY_router#

This is from the GA router:

User Access Verification

Password:

GA_router>en

Password:

GA_router#show ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default

U - per-user static route, o - ODR

Gateway of last resort is 192.168.120.2 to network 0.0.0.0

S 192.168.110.0/24 [2/0] via 192.168.120.2

C 192.168.120.0/24 is directly connected, Ethernet0

S* 0.0.0.0/0 [1/0] via 192.168.120.2

GA_router#

James

Yes this is exactly the confirmation that I thought we would get. Notice here that the route to 192.168.110.0/24 has 192.168.120.2 as its next hop. That is the sonicwall/VPN and not the serial link.

So the traffic is definitely flowing through the VPN and not over the serial.

And I think that makes the sonicwall the primary suspect in what is the problem with port 25.

If you find the problem with the serial link and fix it I suspect that the port 25 problem will go away.

HTH

Rick

HTH

Rick
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: