routing

Unanswered Question
Feb 26th, 2009
User Badges:

a quick help, what config must i add to my 1700series router. i want to be able to ping my lan interface from remote router, the wan interface is reachable from the remote, am a novice, tho familiar with cisco commands

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
connect2world Fri, 02/27/2009 - 00:37
User Badges:

Make sure you have default gateway configure. I think is probable already setup since you said you can ping from remote. When you try to ping the LAN interface from, need to specify the source you are ping from.ie the LAN ip of the router:


Eg.

Remote_Router#ping

Protocol [ip]:

Target IP address:10.224.1.1

Repeat count [5]:

Datagram size [100]:

Timeout in seconds [2]:

Extended commands [n]: y

Source address or interface:10.231.7.1

Type of service [0]:

Set DF bit in IP header? [no]:

Validate reply data? [no]:

Data pattern [0xABCD]:

Loose, Strict, Record, Timestamp, Verbose[none]:

Sweep range of sizes [n]:

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.224.1.1, timeout is 2 seconds:

Packet sent with a source address of 10.231.7.1

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 576/581/588 ms



adamclarkuk_2 Fri, 02/27/2009 - 00:38
User Badges:
  • Silver, 250 points or more

I'm assuming this is a private WAN and the internet is not involved.

If that is the case, then it will most likely be a case of ACL's denying the ICMP packets (which you can check by either looking at the ACL in the config, or if you are not comfortable with that, add a deny any to the end with a log and if you have logging buffered enabled you will see a syslog message telling you it has been denied when you do show log). Or it's as simple as you have forgotten to put a default route pointing back out of the WAN interface, if you don't use default then you will need an entry for the network that sourced the ICMP back out of the WAN.

shiva_ial Fri, 02/27/2009 - 00:45
User Badges:

hi,


step 1: enter the config mode of the router you want to make reachable from remote router.


cisco>enable (to enter enable mode)

cisco#config t (to enter config mode)


step 2: enter the ethernet interface


cisco#int eth XXX


step 3: assign ip address to the ethernet interface in interface mode

with command ip addresss x.x.x.x x.x.x.x


now enable static routing on router to make the subnet assigned reachable when you ping from remote router.


ip route x.x.x.x. x.x.x.x next hop




rgds/shiva


rate if it helps







da3angwenyi Fri, 02/27/2009 - 00:57
User Badges:

The network is a private WAN there is a default static route to the gateway in my case the satellite modem.

Fastethernet port connected to modem 172.32.1.5 the ethernet port connects to my LAN 172.31.1.5. from remote am reaching the wan port...there is no ACLs in my router, i think its a route i need to add but cannt figure it out..thank for the coming ideas

adamclarkuk_2 Fri, 02/27/2009 - 01:11
User Badges:
  • Silver, 250 points or more

In that case, as the ICMP is directed at the LAN interface you will be able to run a debug ip packet against an ACL.


Create an ACL matching the protocol icmp and the source and dst then do debug ip packet detail then the ACL number. This will show you the packet entering the router, if you dont see anything, it didn't make it and the issue is downstream.


Forgot to mention if you are connected via vty, then you will need to do :-


term mon


to view the output of the debug


Actions

This Discussion