09-15-2008 03:33 AM
I have applied the below confgs on two remote cisco routers connected to internet,the tunnel status is up up but I cant ping the tunnel ip address,what might be the problem??
Router1:
int tunnel 1
tunnel source s0/0
tunnel destination x.x.x.x (f0/0 of R2)
Router2:
int tunnel 1
tunnel source f0/0 (real ip)
tunnel dest x.x.x.x (s0/0 of R1)
Thanks
09-15-2008 05:20 AM
do u have routing protocol configured?
have u included the tunel interfaces in ur routing
also put the tunnel mode
god luck
09-15-2008 07:05 PM
I dont have routing protocol also I use the default tunnel mode
09-16-2008 04:10 AM
You need to have a valid route for the tunnel destination in the routing tables for it to come up try:-
HTH>
09-16-2008 04:13 AM
the tunnel stat is up up but I cant ping the other end??for the route I have a default route on both routers.....
09-16-2008 04:17 AM
OK - what is the topology between the 2 devices?
09-16-2008 04:20 AM
the two routers connected to service provider routers (internet connection)
09-16-2008 04:22 AM
Are there any other devices in between the routers - firewalls, VPN's etc??
09-16-2008 04:24 AM
really I dont know ,it is the service provider network>>>how can I make sure that the tunnel is working properly....???
09-16-2008 04:29 AM
To be honest - you need to know this.
As you will be using RFC1918 internal IP addresses. So you will NAT or your provider might NAT for you - you need a routable source and destination for the tunnel to work. You also need to know if there any devices in between the connection between the 2 sites that could be blocking the runnel. What is the connection to the internet?? MPLS? Frame-Relay? ADSL ??
Right now you don't have enought information - you need to do some digging.
HTH>
09-17-2008 06:52 AM
one of them has dedicated E1 connection and the other one connected to a second router in possession of our service provider and then to internet...
R1--->E1
R2--->service provider Router --->internet
09-17-2008 07:48 AM
The issue will either be - a NAT problem or a device at either end or both ends it blocking protocol 47 - GRE, or a routing issue
Check your NAT and filtering rules, and your routing.
HTH>
09-17-2008 12:07 PM
the tunnel stat is up up >>>what this implies??
09-17-2008 12:23 PM
it implies nothing really, only the interface that is the source is know and up/up and that the router has a valid "live" route in it's routing table for the destination.
Just for you - configure your end with the following:-
int tun1
keepalive 1 3
Then close the tunnel and re-open it....does it come back up/up ????
At the end of the day you can trick a tunnel into being up/up if you have the time and a spare router with 1 ethernet interface do this:-
do not connect any cables to the ethernet interface.
Give the interface an ip address of 192.168.1.1/24
create a tunnel 1
tunnel source <
tunnel destination 192.168.2.1
ip route 192.168.2.1 255.255.255.255 <
and here is the magic - in the ethernet interface configure "no keepalive" this tricks the interface to come up/up - the there wiull be a connected interface in the routing table of 192.168.1.0/24
As you have a configured static route 192.168.2.1 out of the ethernet interface - there will be a static route in the routing table. As the tunnel can see a valid route - without keepalives, it will bring the tunnel up!
Try it out - great fun.
Your issue is still the path from 1 site to the other site and going over the internet I presume, you have nat issues, blocking issues or just plain connectivity/routing issues.
HTH>
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide