Re: 110001: No route to - Page 2

fredericmoitie · ‎06-17-2009

Hello,

first time, sorry for my english.

so i explain my problem.

i have An ipsec vpn with 2 pix 515 and a router on 1 of this site.

lan_a-->Pix_a--ISP--Pix_b<--Lan_b<--router<--Lan_b2

traffic for lan_a and lan_b, no problem.

traffic for lan_b and lan_b2, no problem

but traffic lan_b2 and lan_a don't work,

i have a route inside in my pix_b.

but i have a stange comportement, because ping was work,

but other traffic don't work, example, when i want telnet on port 25 in lan_a since lan_b2, i have an error in pix_b log

anyone can help me ?

tahnks

fredericmoitie · ‎06-22-2009

Hello,

Yes, it's work for ping

1) From mail server 172.22.57.16 can you ping 10.10.30.38 ?

PING OK

2) From 10.10.30.38 can you ping 172.22.57.16 ?

PING OK

Frederic

Jon Marshall · ‎06-22-2009

Frederic

Do you have telnet running on the mail server ?

If not when you telnet from 10.10.30.38 to 172.22.57.16 try to telnet using port 25 and see what happens.

Jon

fredericmoitie · ‎06-22-2009

Jon,

Yes telnet was open,

is port 25 i try to telnet.

but don't work.

in lan_b, i have a cisco router (gateway of network)

i have make a test,

look

Router_b#ping 172.22.57.16 source fastEthernet 0/1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.22.57.16, timeout is 2 seconds:

Packet sent with a source address of 10.10.30.254

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 36/57/100 ms

Router_b#

Router_b#telnet 172.22.57.16 smtp /source-interface f0/1

Trying 172.22.57.16, 25 ...

% Connection timed out; remote host not responding

Deleting login session

Router_b#

Router_b#telnet 172.22.57.16 smtp /source-interface f0/0.1

Trying 172.22.57.16, 25 ... Open

220 welcome.xxx.com ESMTP Service (Lotus Domino Release 7.0.2FP2) ready at Mon, 22 Jun 2009 14:59:59 +0200

interface FastEthernet0/0.1

encapsulation dot1Q 1 native

ip address 172.22.56.1 255.255.255.0

!

interface FastEthernet0/1

ip address 10.10.30.254 255.255.255.0

!

Frederic

fredericmoitie · ‎06-22-2009

Hello Jon,

As you see ?

dcambron · ‎06-24-2009

Hey Frederic could you give us the output of a packet-tracer?

dcambron · ‎06-24-2009

Packet-tracer in your PixB from 10.10.30.38 to 172.22.57.16 using port 25

...packet-tracer input tcp 10.10.30.38 1025 172.22.57.16 25 det

fredericmoitie · ‎06-24-2009

Hello dcambron,

thanks for your help.

i don't know how i can use packet tracer.

in log of PixB i have just this when i want send telnet with port 25

Jun 24 2009 18:16:57: %PIX-6-110001: No route to 10.10.30.38 from 172.22.57.16

while in my configuration of PixB i have

route inside 10.10.30.0 255.255.255.0 172.22.56.1 1

regards

frederic

dcambron · ‎06-24-2009

This is the command but it works in version 8.0o later.

packet-tracer input tcp 10.10.30.38 1025 172.22.57.16 25 det

fredericmoitie · ‎06-24-2009

ok, but PixB it's a Cisco pix 515E version 6.3(5)

frederic