01-17-2008 06:30 PM - edited 03-03-2019 08:18 PM
I inherited a network with a 3640 router. I created a console session to check the router configuration. The serial and Ethernet interfaces are up and up. However when I try to ping the interface I get a destination unreachable (u.u.u) response. I am able to ping out of the network on the WAN side. There is no ACL that prohibits my pinging the interfaces from within the router. What am I overlooking. Thanks for any help
01-17-2008 06:54 PM
Joseph
Is your WAN interface a multipoint Frame Relay interface? Not being able to ping the local interface is a common symptom on multipoint Frame Relay unless you manually configure a Frame Relay map for the local interface.
Perhaps some configuration details about the router would help us figure this out.
HTH
Rick
01-17-2008 07:14 PM
Thanks for the quick reply. It is a basic system one multilink WAN port and one fastethernet LAN port. I am enclosing a sanitized copy of the config file. The only ethernet port not shutdown is Fastether 0/0. I left the entire config most of it is trash that I have not cleaned out until I understand what is happening.
show run
Building configuration...
Current configuration:
!
! Last configuration change at 12:16:29 Arizona Wed Oct 31 2007
! NVRAM config last updated at 15:17:02 Arizona Wed Jan 2 2008
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname XXX
!
enable secret xxx
enable password
!
!
!
!
!
clock timezone Arizona -7
ip subnet-zero
ip host XXX XX.XX.XX.XX (host name and IP address
name-server 207.108.112.1
ip dhcp excluded-address 192.168.1.254
ip dhcp excluded-address 192.168.1.253
ip dhcp excluded-address 192.168.1.252
ip dhcp excluded-address 192.168.1.251
ip dhcp excluded-address 192.168.1.250
ip dhcp excluded-address 192.168.1.249
ip dhcp excluded-address 192.168.1.245
ip dhcp excluded-address 192.168.1.244
ip dhcp excluded-address 192.168.1.248
ip dhcp excluded-address 192.168.1.247
ip dhcp excluded-address 192.168.1.246
!
ip dhcp pool pubinternet
network 192.168.1.128 255.255.255.128
default-router 192.168.1.254
dns-server 207.108.112.1
!
ip dhcp pool PUBLIC
network 192.168.69.0 255.255.255.0
default-router 192.168.69.1
dns-server 207.108.112.1
!
!
!
interface Multilink1
ip address yy.yyy.yyyy.yyy 255.255.255.252
ip nat outside
no cdp enable
ppp multilink
ppp multilink fragment-delay 500
no ppp multilink fragmentation
multilink-group 1
!
interface FastEthernet0/0
ip address XX.XX.XX.XX 255.255.255.0
speed auto
full-duplex
!
interface Serial0/0
bandwidth 1544
no ip address
encapsulation ppp
no fair-queue
ppp multilink
multilink-group 1
!
interface FastEthernet0/1
description Wireless Link to Ranch
ip address 192.168.1.254 255.255.255.128
shutdown
ip nat inside
duplex auto
speed auto
!
interface Serial0/1
no ip address
encapsulation ppp
no fair-queue
ppp multilink
multilink-group 1
!
interface FastEthernet1/0
description Wireless to Home
ip address 192.168.1.1 255.255.255.128
shutdown
ip nat inside
duplex auto
speed auto
!
interface FastEthernet1/1
ip address 192.168.69.1 255.255.255.0
shutdown
ip nat inside
duplex auto
speed auto
!
router eigrp 1
network 192.168.69.0
!
ip nat inside source list 1 interface Multilink1 overload
ip nat inside source static 192.168.1.4 67.128.196.1
ip nat inside source static 192.168.1.244 65.125.116.238
ip classless
ip route 0.0.0.0 0.0.0.0 Multilink1
no ip http server
!
access-list 1 permit any
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 1 permit 192.168.169.0 0.0.0.255
access-list 1 permit 192.168.69.0 0.0.0.255
!
line con 0
transport input none
ine aux 0
line vty 0 4
password
login
!
ntp clock-period 17179939
ntp source Serial0/0
ntp server 128.105.38.11
end
Thsi has me stumped.
01-17-2008 08:26 PM
Joseph
Thanks for posting the additional information. Clearly the issue is not a Frame Relay mapping issue as I had wondered about.
My guess at this point is that the issue is the Network Address Translation that is configured. In particular I think that the access list with permit any may be causing the problem. I suggest that you rewrite the access list to avoid using any and specify the source addresses that you want to translate.
I wonder if what is happening is that when you attempt to ping the local interface the ping is sent out the multilink interface and since any source address matches the access list it is attempting to translate the address - to itself. Configure the access list so that sources addresses from any LAN interface (or any subnet that may be connected to any LAN interface) is translated but that the serial address is not translated.
HTH
Rick
01-18-2008 04:55 AM
Rick;
Thanks, I discounted the Access List since it was not directed at the interfaces I was concerned with. The ACL is not needed I will delete and see what happens
01-18-2008 07:53 AM
Have you checked routing table of router?
Please post the sh ip route output.
Also kindly mention to which interface you are pinging , ethernet or serial
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: