Sure. The client node is connected to an unmanaged dell powerconnect switch which plugs directly into GE0/1 (10.20.3.1). The 2821 has ip routing and OSPF enabled on it, so from what I understand with ip routing enabled, it should pass the packets directly to the GE0/0 interface (10.20.1.1) and then to the win2k3 server on that segment. To get out to the inet cloud, we go through a fortigate device that is doing NAT for the internal networks. Please let me know if I missed anything that could be helpfull. FYI, we have already replaced the switch with a new one to eliminate the switch being the issue.

Many Thanks

You mentioned the client was running out of IP addresses.

Could it be that you have duplicate IP addressing problems on that subnet ?

Could it be that you have incorrect subnet masks between your routing device and clients on that subnet ?

Having an unmanaged switch complicates the troubleshooting a bit.

When you have the problem again, telnet into the router and do a show arp to verify if the workstation having the problem is listed in the ARP table.

If listed, the IP address will have a corresponding MAC address, make sure it matches with the trouble device.

Currently, the router is doing DHCP for the segment on the top floor. The clients have no problem getting an IP address, and when they do, I can see the client mac address in the arp table on the router. The mac address registered does match the client workstation. One other thing that I should mention is that I am getting (2) IDS signature hits. The first one happens when the upstairs clients sends a DNS query. The second is one that states "impossible IP address"

nathan

There are a couple of things that I am not sure that I understand correctly. Your original post describes a customer who was running our of IP addresses. So you divided the network (top floor and bottom floor). Does this problem exist in both groups of clients or is just the top floor or just the bottom floor?

I wonder when you were dividing the network if some of the end stations might have gotten different IP addresses but not different gateway addresses? Or perhaps configured with an incorrect subnet mask?

HTH

Rick

Rick,

Currently, we are only having the problem on the top floor. The top floor has a network space of 10.20.3.0/24 where the bottom floor has a network space of 10.20.1.0/24. I can confirm that the clients are receiving the proper ip gateway address on the top floor. Something that I should point out is that the gw address for the bottom floor is 10.20.1.11. This is our firewall/nat device. However, the device does show an OSPF route to the upstairs network that seems to be working OK.

nathan

It is helpful to know that the problem seems to be limited to the top floor. You have described their connectivity as through a Dell switch to the router. Would I be correct in assuming that the connectivity for clients on the bottom floor is different? If so can you describe the connectivity for the bottom floor.

I am also interested in your mention of the IDS hits, especially the one about The second is one that states "impossible IP address". Does it give the address?

In your original post you gave a list of destinations that you ping. Would I be correct in assuming that you can ping any one of these and it is sufficient to bet the client connectivity going? And would I be correct in assuming that when you do this ping that at least the first ping packet fails or times out?

HTH

Rick