Connect two networks over cisco 876

Answered Question
Oct 6th, 2009
User Badges:

Hi,


I am wondering can I connect two networks over Cisco 876 router?


I have set Vlan 1 with ip address and made command “access switch vlan 1” on FastEthernet 2.

I have set Vlan 2 with ip address and made command “access switch vlan 2” on FastEthernet 3.

On “sh run” I can see only on port FastEthernet3 “access switch port vlan 2”, but not on FastEthernet2.

I have placed laptops on ports upper-mentioned, one receives IP address from DHCP that I have also configured on router and the other one I have configured with static IP.

But the problem is I can't ping laptop to laptop, can't ping laptops even from the router. But I can ping IP addresses that I have assigned to VLAN 1 and VLAN 2 from both laptops.


I don't need any firewall, neither access lists I just want two networks to talk to each other.


Any help?

Correct Answer by Peter Paluch about 7 years 9 months ago

Hello,


Do not confuse the PING request with PING response. The Windows firewall by default drops PING requests but accepts PING responses. That may be the reason why you could ping the IP address of the VLAN interface from your laptop.


In any case, I would try using Wireshark to sniff the packets on your laptops and see whether the PING packets sent from one laptop arrive at the second laptop. And possibly, I would try booting some Linux from a live CD on the laptops and try using the Linux to ping between the laptops. I just don't trust the WinXP networking when it goes to troubleshooting networks.


Best regards,

Peter


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Peter Paluch Tue, 10/06/2009 - 10:53
User Badges:
  • Cisco Employee,

Hello,


Please be so kind to post the complete configuration of your router. It should not be a problem configuring your 876 to route between a couple of networks.


Best regards,

Peter


Dusan Sladojevic Tue, 10/06/2009 - 11:04
User Badges:

Ok here is the configuration:



Router#sh run

Building configuration...


Current configuration : 1215 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Router

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

!

resource policy

!

ip cef

!

!

no ip dhcp use vrf connected

ip dhcp excluded-address 10.80.248.1 10.80.248.31

!

ip dhcp pool FJ099230

network 10.80.248.0 255.255.255.192

bootfile pxelinux.0

next-server 10.80.248.1

dns-server 192.168.85.3 192.168.85.1

default-router 10.80.248.30

lease 1 2

!

!

!

!

!

!

!

!

!

!

!

interface BRI0

no ip address

encapsulation hdlc

shutdown

!

interface ATM0

no ip address

shutdown

no atm ilmi-keepalive

dsl operating-mode auto

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

switchport access vlan 2

!

interface Vlan1

ip address 192.168.85.217 255.255.255.0

!

interface Vlan2

ip address 10.80.248.30 255.255.255.192

!

interface Vlan3

no ip address

!

!

!

no ip http server

no ip http secure-server

!

!

!

!

!

control-plane

!

!

line con 0

no modem enable

line aux 0

line vty 0 4

login

!

scheduler max-task-time 5000

!

webvpn context Default_context

ssl authenticate verify all

!

no inservice

!

end

Peter Paluch Tue, 10/06/2009 - 11:28
User Badges:
  • Cisco Employee,

Hello,


Your configuration seems to be just fine. The missing line "switchport access vlan 1" from FastEthernet2 is OK - it is the default setting so it is not displayed explicitely in the configuration. Is it possible that it is the configuration of the firewall on your laptops that causes you trouble with pinging? Assuming that you are using Windows, their embedded firewall drops PING requests by default. Try disabling the Windows firewall altogether and try pinging the laptops again.


Best regards,

Peter


Dusan Sladojevic Tue, 10/06/2009 - 11:48
User Badges:

My firewall was turned on, but as I could ping both Ip addresses that I have assigned to VLANs that is not the issue. But I have turned of firewall - still same problem.

And yes it's win xp.

I tried to tracert from one laptop to other and I saw that goes through it's gateway (IP address of VLAN on router).

But still no ping.

Do you have maybe anything more, you could help with?

Correct Answer
Peter Paluch Tue, 10/06/2009 - 11:58
User Badges:
  • Cisco Employee,

Hello,


Do not confuse the PING request with PING response. The Windows firewall by default drops PING requests but accepts PING responses. That may be the reason why you could ping the IP address of the VLAN interface from your laptop.


In any case, I would try using Wireshark to sniff the packets on your laptops and see whether the PING packets sent from one laptop arrive at the second laptop. And possibly, I would try booting some Linux from a live CD on the laptops and try using the Linux to ping between the laptops. I just don't trust the WinXP networking when it goes to troubleshooting networks.


Best regards,

Peter


Dusan Sladojevic Tue, 10/06/2009 - 13:11
User Badges:

Hi Peter,


Thank you very much for your support!


I have connected one win xp and linux machine at my own home and it worked from first.


Those two laptops were from my work, but I guess it's up one of those group policies. Tommorow they are going on to deep expection :)


Thanks again on very quick support - wish you all the best!

Actions

This Discussion