static route ping problems

Unanswered Question
Mar 10th, 2008
User Badges:

Please check the attached topology.


Well I have two vlan in the switch. And the switch is connected to route '1''s fa 0/0 using 'dot1q' encapsulation. And the two pc there can ping each other. Router 1 is a border router linking to a wan router(Honolulu) witch is also connected to another wan router(sanjose) via frame-relay. That is not the problem


The problem is that I can not ping from the Pc's to the 'next hop' router (Honolulu).

Router 1 and router (Honolulu) can ping each other as they are directly connected. Honolulu (next-hop-interface) serial ip address is 172.16.1.1/24 and router one is 172.16.1.2/24.

On router 1, I placed a default route to Honolulu as

Ip route 0.0.0.0 0.0.0.0 172.16.1.1


The two networks in my vlans are 192.168.10.1/24 and 192.168.20.1/24 so i place two static routes on Honolulu as follows


Ip route 192.168.10.0 255.255.255.0 172.16.1.2

Ip route 192.168.20.0 255.255.255.0 172.16.1.2


So Honolulu router can ping all pcs on the remote Ethernet of router 1 but the pc on the Ethernet of router 1 can not ping beyond the outer(serial connected to wan) interface of the LAN. I need the pcs to ping the remote router but my configs failed me : - (

PLEASE WHAT COULD BE THE PROBLEM. IF ANYBODY NEEDS MORE INFO PLEASE SAY.




Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Mon, 03/10/2008 - 21:03
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi


Do you have an access-lists on any of the routers that may be filtering the icmp's from the client PC's.


If you do an extended ping from router1 with the source IP address of one of the fa0/0 interface addresses does this work or not ?


Jon

Sarg . Tue, 03/11/2008 - 04:19
User Badges:

no i have no access list. The configuration on the topology is fresh:i have only gone this far. yes i can ping from both router to all ethernet pcs. i can even ping the remote network (honolulu)from the ethernet switch interface.

thanks

milan.kulik Tue, 03/11/2008 - 04:45
User Badges:
  • Red, 2250 points or more

Hi,


does "So Honolulu router can ping all pcs on the remote Ethernet of router 1 but the pc on the Ethernet of router 1 can not ping beyond the outer(serial connected to wan) interface of the LAN." mean you are able to Ping to the PC from the Honolulu router but not to the Honolulu router from the PC?


99% of Ping working only one direction are caused by some FW involved.

Isn't there personal FW enabled on the PCs some strange way?

If you try to traceroute from your PC to the Honolulu router, what is the last IP responding?


BR,

Milan

Sarg . Tue, 03/11/2008 - 11:56
User Badges:

ye,Honolulu can ping anything. the pc can ping amoung themselves and up the the outside interfaca of is local router (172.16.1.2)but does not make it to the outside serial interface of the next-hop remote destination router (172.16.1.1) . i have turned off all security. i can also ping honolulu from the switch which is using: 192.168.1.2 as 'ip defualt-gateway' on config mode. and i have 'native vlan' ip address 192.168.1.254 255.255.255.0


Thanks

Rick Morris Thu, 03/13/2008 - 11:29
User Badges:
  • Silver, 250 points or more

Please forgive me I am trying to follow here.


Router 1 can ping Honolulu?

Switch 1 can ping Honolulu?

PC's cannot ping Honolulu?

Honolulu can ping PC's?


Is all of that correct?

If you do a tracert from a PC where does the trace die?


Can PC's ping switch and Router 1?



Rick Morris Thu, 03/13/2008 - 11:31
User Badges:
  • Silver, 250 points or more

What are the IP's on the Router's, Router 1 and Honolulu?

Actions

This Discussion