Can not ping

Report Inappropriate Content · ‎07-23-2017

Hello

I can ping ip 10.10.10.10 but can not ping ip 10.10.10.16 from internet router?!

Jeddah#ping 10.10.10.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
Jeddah#ping 10.10.10.16
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.16, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
Jeddah#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override

Gateway of last resort is 10.100.100.1 to network 0.0.0.0

S* 0.0.0.0/0 is directly connected
is directly connected, GigabitEthernet0/0
1.0.0.0/24 is subnetted, 1 subnets
S 1.1.1.0 [1/0] via 10.100.100.1
10.0.0.0/8 is variably subnetted, 20 subnets, 3 masks
C 10.10.8.0/24 is directly connected, GigabitEthernet0/1.10
L 10.10.8.254/32 is directly connected, GigabitEthernet0/1.10
C 10.10.9.0/24 is directly connected, GigabitEthernet0/1.20
L 10.10.9.2/32 is directly connected, GigabitEthernet0/1.20
C 10.10.10.0/24 is directly connected, GigabitEthernet0/1.30
L 10.10.10.2/32 is directly connected, GigabitEthernet0/1.30
C 10.10.99.0/24 is directly connected, GigabitEthernet0/1.99
L 10.10.99.254/32 is directly connected, GigabitEthernet0/1.99
S 10.11.10.0/24 [1/0] via 10.100.100.1
C 10.11.12.1/32 is directly connected, Loopback0
S 10.12.10.0/24 [1/0] via 10.100.100.1
C 10.68.8.64/30 is directly connected, GigabitEthernet0/2
L 10.68.8.66/32 is directly connected, GigabitEthernet0/2
C 10.100.100.0/24 is directly connected, GigabitEthernet0/0
L 10.100.100.2/32 is directly connected, GigabitEthernet0/0
L 10.100.100.3/32 is directly connected, GigabitEthernet0/0
L 10.100.100.4/32 is directly connected, GigabitEthernet0/0
S 10.100.110.0/24 [1/0] via 10.100.100.1
S 10.100.120.0/24 [1/0] via 10.100.100.1
S 10.208.9.69/32 [1/0] via 10.68.8.65
11.0.0.0/24 is subnetted, 1 subnets
S 11.11.11.0 [1/0] via 10.100.100.1
172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
S 172.16.16.0/24 [1/0] via 10.10.10.1
C 172.16.32.0/24 is directly connected, GigabitEthernet0/1.50
L 172.16.32.2/32 is directly connected, GigabitEthernet0/1.50
Jeddah#

==============================================

Edge router

wafai#ping 10.10.10.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
wafai#ping 10.10.10.16
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.16, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
wafai#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override

Gateway of last resort is 185.51.204.29 to network 0.0.0.0

S* 0.0.0.0/0 [1/0] via 185.51.204.29
1.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 1.1.1.0/24 is directly connected, Tunnel0
L 1.1.1.1/32 is directly connected, Tunnel0
10.0.0.0/8 is variably subnetted, 8 subnets, 2 masks
S 10.10.9.0/24 [1/0] via 10.100.100.2
S 10.10.10.0/24 [1/0] via 10.100.100.2
S 10.11.10.0/24 [1/0] via 1.1.1.3
S 10.12.10.0/24 [1/0] via 1.1.1.2
C 10.100.100.0/24 is directly connected, Vlan1
L 10.100.100.1/32 is directly connected, Vlan1
S 10.100.110.0/24 [1/0] via 1.1.1.2
S 10.100.120.0/24 [1/0] via 1.1.1.3
172.16.0.0/24 is subnetted, 1 subnets
S 172.16.32.0 [1/0] via 10.100.100.2
185.51.0.0/16 is variably subnetted, 5 subnets, 3 masks
C 185.51.204.28/30 is directly connected, FastEthernet4
L 185.51.204.30/32 is directly connected, FastEthernet4
C 185.51.207.120/29 is directly connected, Vlan1
L 185.51.207.121/32 is directly connected, Vlan1
L 185.51.207.123/32 is directly connected, Vlan1
wafai#

kindly support me.....

Georg Pauwen · ‎07-23-2017

Hello,

hard to say without seeing the configurations of both routers, can you post those ?

Report Inappropriate Content · ‎07-23-2017

Thank you for your interested,

Please find attached file

From: Jeddah_internal-router => I can ping 10.10.10.10 and 10.10.10.16

From Wafai_Internet-router => I can ping 10.10.10.10 but can not ping 10.10.10.16

Jeddah_internal-router < === direct link 10.100.100.0/24 ===> wafai_internet-router

Thanks

Georg Pauwen · ‎07-24-2017

Hello,

from what I can tell, ICMP originating from 10.10.10.16 on the Jeddah router gets NATed to 10.100.100.4 (since you have specified that in extended access list BILLING). ICMP from 10.10.10.10 does get NATed to interface GigabitEthernet0/0. That might be the difference.

Try to take the below line out of access list BILLING:

ip access-list extended BILLING
permit tcp host 10.10.10.16 any eq www
permit tcp host 10.10.10.16 any eq 8080
--> no permit icmp host 10.10.10.16 any

Report Inappropriate Content · ‎07-24-2017

Hello

ip access-list extended BILLING
permit tcp host 10.10.10.16 any eq www
permit tcp host 10.10.10.16 any eq 8080

Still the same issue

Regards,

paul driver · ‎07-24-2017

Hello

FYI - Nat isnt being used here as the WAFI rtr have a static route back to 10.10.10.0/24 subnet via its vlan 1 interface

Can you try ping from WAFI again but this time

ping 10.10.10.10 source vlan 1
ping 10.10.10.16 source vlan 1

sh ip arp

res
Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Report Inappropriate Content · ‎07-24-2017

wafai#ping 10.10.10.10 source vlan 1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.10, timeout is 2 seconds:
Packet sent with a source address of 10.100.100.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
wafai#ping 10.10.10.16 source vlan 1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.16, timeout is 2 seconds:
Packet sent with a source address of 10.100.100.1
.....
Success rate is 0 percent (0/5)
wafai#show ip arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.100.100.1 - ecbd.1d60.afb8 ARPA Vlan1
Internet 10.100.100.2 1 0462.73ce.be20 ARPA Vlan1
Internet 10.100.100.3 144 0462.73ce.be20 ARPA Vlan1
Internet 10.100.100.4 152 0462.73ce.be20 ARPA Vlan1
Internet 185.51.204.29 178 0007.7d37.8282 ARPA FastEthernet4
Internet 185.51.204.30 - ecbd.1d60.afbc ARPA FastEthernet4
Internet 185.51.207.121 - ecbd.1d60.afb8 ARPA Vlan1
Internet 185.51.207.122 0 Incomplete ARPA
Internet 185.51.207.123 - ecbd.1d60.afb8 ARPA Vlan1
wafai#

paul driver · ‎07-24-2017

Hello

interrestng - its seem to suggest 10.10.10.16 doesn't know how to reply - can you confirm that host has a default-gateway

can you ping another host in that 10.10.10.x/24 from that rtr?

you could try 10.10.10.255 source vlan 1

res

paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Georg Pauwen · ‎07-24-2017

Hello,

on your 'wafai' router, you have configured:

ip nat inside source list 1 interface FastEthernet4 overload

and

access-list 10 permit 10.10.10.16

There is no access list 1 (at least not in the configuration you posted). Can you check that ?

Also, what is 10.10.10.16 ? 10.10.10.10 I assume is the CUCM server ?

paul driver · ‎07-24-2017

Hello Georg

Nat isn't.being initiated here as the static route back to 10,10,10,0/24 is being used. If nat was used then the OP would have to ping by the global outside address which is 10.100.100.x to communicate

There seems to.be a lot of ghost config on both rtrs not doing anything which is clouding the troubleshooting However to me ( i could be wrong) this is looking more like a possible host issue

if the OP can ping other hosts in that same subnet sourced from that vlan then we'll know for sure

res

Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Georg Pauwen · ‎07-24-2017

Paul,

it could be the host. It might be useful to see a schematic drawing including the physical devices and connections. With all the redundant config bits, it is indeed hard to troubleshoot.

Report Inappropriate Content · ‎07-25-2017

10.10.10.10 cucm

10.10.10.16 billing

Report Inappropriate Content · ‎07-25-2017

thank you

i changed server default gateway its working.

Regards,

paul driver · ‎07-26-2017

Hello

Glad to hear that-

If applicable, Can you please mark the post as correct so to possibly assist others in the future.

res
Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Georg Pauwen · ‎07-25-2017

So it was the default gateway indeed !