09-26-2013 10:03 AM - edited 03-07-2019 03:41 PM
I am trying to use remote desktop to remotely connect my computer to a host computer on another network with two cisco routers in between I have a Cisco 2911 router with two ports active on one end. GigabitEthernet 0/0 (ip address 10.0.8.1 255.255.255.240) and GigabitEthernet 0/1 ( ip address 10.0.8.33 255.255.255.252)
On the other end there is a Cisco 3954 also with only 2 ports active. GgiabitEthernet 0/1 ( ip address 10.0.8.34 255.255.255.252) and GigabitEthernet 0/1 ( ip address 10.0.22.1255.255.255.0). I can pass traffic between the two GigabitEthernet 0/1's no problem because they are on the same network. Where I am having trouble is convincing the 0/0's to talk to the 0/1's. I understand that this is probably a pretty basic problem, but I am a radio guy trying to fix a network problem and I am beating my h
09-26-2013 03:08 PM
Can you post the configs?
09-27-2013 03:26 AM
Here are the configs sorry about that.
ROUTER A
interface Loopback0
description Loopback OSPF Router ID 10.0.8.61
ip address 10.0.8.61 255.255.255.252
ip pim sparse-dense-mode
ip ospf authentication-key efjohnso
!
interface Embedded-Service-Engine0/0
no ip address
!
interface GigabitEthernet0/0
description Not Used
no ip address
shutdown
duplex auto
speed auto
no cdp enable
!
interface GigabitEthernet0/1
description Rptr Port for Single Channel Site
ip address 10.0.8.1 255.255.255.240
ip pim sparse-dense-mode
duplex auto
speed 10
no cdp enable
!
interface GigabitEthernet0/2
description Tech Port
no ip address
no ip proxy-arp
duplex auto
speed auto
no cdp enable
!
interface GigabitEthernet0/1/0
description Trunk For Dot1q
no ip address
ip access-group 199 in
ip pim sparse-dense-mode
no cdp enable
!
interface GigabitEthernet0/1/0.1739
description Dot1Q Vlan 1739 to HQ 3945C
encapsulation dot1Q 1739
ip address 10.0.8.33 255.255.255.252
ip pim sparse-dense-mode
ip ospf authentication-key efjohnso
ip ospf network point-to-point
no cdp enable
!
interface GigabitEthernet0/0/0
description Not Used
no ip address
shutdown
no cdp enable
!
interface GigabitEthernet0/0/1
description Not Used
no ip address
shutdown
no cdp enable
!
interface GigabitEthernet0/0/2
description Not Used
no ip address
shutdown
no cdp enable
!
interface GigabitEthernet0/0/3
description Not Used
no ip address
shutdown
no cdp enable
!
interface Vlan1
description Not Used
no ip address
shutdown
!
router ospf 100
area 4.4.4.4 authentication
passive-interface GigabitEthernet0/1
network 10.0.8.0 0.0.0.15 area 4.4.4.4
network 10.0.8.32 0.0.0.3 area 4.4.4.4
network 10.0.8.60 0.0.0.3 area 4.4.4.4
!
no ip classless
ip forward-protocol nd
!
ip pim accept-rp auto-rp
ip pim send-rp-announce GigabitEthernet0/1/0.1739 scope 2
ip pim send-rp-announce GigabitEthernet0/1 scope 4
ip pim send-rp-discovery scope 4
no ip http server
no ip http secure-server
!
!
logging history size 200
logging history notifications
logging trap notifications
access-list 199 permit icmp host 10.0.8.2 any
access-list 199 permit igmp host 10.0.8.2 any
access-list 199 permit udp host 10.0.8.2 any
access-list 199 permit tcp host 10.0.8.2 any
access-list 199 permit ip host 10.0.8.2 any
access-list 199 permit tcp host 10.0.8.3 any
access-list 199 permit ip host 10.0.8.3 any
access-list 199 permit icmp host 10.0.8.3 any
access-list 199 permit igmp host 10.0.8.3 any
access-list 199 permit udp host 10.0.8.3 any
access-list 199 permit tcp host 10.0.8.4 any
access-list 199 permit ip host 10.0.8.4 any
access-list 199 permit icmp host 10.0.8.4 any
access-list 199 permit udp host 10.0.8.4 any
access-list 199 permit icmp host 10.0.8.5 any
access-list 199 permit igmp host 10.0.8.5 any
access-list 199 permit udp host 10.0.8.5 any
access-list 199 permit tcp host 10.0.8.5 any
access-list 199 permit ip host 10.0.8.5 any
access-list 199 permit tcp host 10.0.8.6 any
access-list 199 permit ip host 10.0.8.6 any
access-list 199 permit icmp host 10.0.8.6 any
access-list 199 permit igmp host 10.0.8.6 any
access-list 199 permit udp host 10.0.8.6 any
access-list 199 permit tcp host 10.0.8.7 any
access-list 199 permit ip host 10.0.8.7 any
access-list 199 permit icmp host 10.0.8.7 any
access-list 199 permit udp host 10.0.8.7 any
access-list 199 permit icmp host 10.0.8.8 any
access-list 199 permit igmp host 10.0.8.8 any
access-list 199 permit udp host 10.0.8.8 any
access-list 199 permit tcp host 10.0.8.8 any
access-list 199 permit ip host 10.0.8.8 any
access-list 199 permit tcp host 10.0.8.9 any
access-list 199 permit ip host 10.0.8.9 any
access-list 199 permit icmp host 10.0.8.9 any
access-list 199 permit igmp host 10.0.8.9 any
access-list 199 permit udp host 10.0.8.9 any
access-list 199 permit tcp host 10.0.8.11 any
access-list 199 permit ip host 10.0.8.11 any
access-list 199 permit icmp host 10.0.8.11 any
access-list 199 permit udp host 10.0.8.11 any
access-list 199 permit tcp host 10.0.8.12 any
access-list 199 permit ip host 10.0.8.12 any
access-list 199 permit icmp host 10.0.8.12 any
access-list 199 permit udp host 10.0.8.12 any
access-list 199 permit tcp host 10.0.8.13 any
access-list 199 permit ip host 10.0.8.13 any
access-list 199 permit icmp host 10.0.8.13 any
access-list 199 permit udp host 10.0.8.13 any
access-list 199 permit tcp host 10.0.8.14 any
access-list 199 permit ip host 10.0.8.14 any
access-list 199 permit icmp host 10.0.8.14 any
access-list 199 permit udp host 10.0.8.14 any
access-list 199 deny ip any any
access-list 199 permit icmp host 10.0.8.1 any
access-list 199 permit igmp host 10.0.8.1 any
access-list 199 permit udp host 10.0.8.1 any
access-list 199 permit tcp host 10.0.8.1 any
access-list 199 permit ip host 10.0.8.1 any
access-list 199 permit udp any any
access-list 199 permit pim any any
access-list 199 permit igmp any any
access-list 199 permit icmp any any
access-list 199 permit tcp any any
access-list 199 permit ospf any any
access-list 199 permit udp host 10.0.8.33 any
access-list 199 permit icmp host 10.0.8.33 any
access-list 199 permit igmp host 10.0.8.33 any
access-list 199 permit tcp host 10.0.8.33 any
access-list 199 permit ip host 10.0.8.33 any
Router B
interface Loopback0
description OSPF Router ID 10.0.23.61
ip address 10.0.23.53 255.255.255.252
ip pim sparse-dense-mode
ip ospf authentication-key efjohnso
!
interface GigabitEthernet0/0
description IGMP Group %3% Connection Area 1.1.1.1
ip address 10.0.22.3 255.255.255.0
ip access-group 199 in
no ip proxy-arp
ip pim sparse-dense-mode
rate-limit input access-group 101 8000 1500 2000 conform-action transmit exceed-action drop
rate-limit input access-group 102 64000 8000 16000 conform-action transmit exceed-action drop
ip ospf authentication-key efjohnso
duplex full
speed 100
no cdp enable
!
interface GigabitEthernet0/1
description Area 0.0.0.0
ip address 10.0.23.19 255.255.255.240
ip access-group 198 in
no ip proxy-arp
ip pim sparse-dense-mode
ip ospf authentication-key efjohnso
ip ospf cost 100
duplex full
speed 100
no cdp enable
!
interface GigabitEthernet0/2
description Trunk for Dot1q
no ip address
duplex full
speed 1000
no cdp enable
!
interface GigabitEthernet0/2.1424
description Trunk to ND1
encapsulation dot1Q 1424
ip address 10.0.9.34 255.255.255.252
ip pim sparse-dense-mode
ip ospf authentication-key efjohnso
ip ospf network point-to-point
no cdp enable
!
interface GigabitEthernet0/2.1426
description Trunk to Gloucester
encapsulation dot1Q 1426
ip address 10.0.10.34 255.255.255.252
ip pim sparse-dense-mode
ip ospf authentication-key efjohnso
ip ospf network point-to-point
no cdp enable
!
interface GigabitEthernet0/2.1739
description Trunk to Dulles
encapsulation dot1Q 1739
ip address 10.0.8.34 255.255.255.252
ip pim sparse-dense-mode
ip ospf authentication-key efjohnso
ip ospf network point-to-point
no cdp enable
!
interface GigabitEthernet0/0/0
switchport access vlan 23
duplex full
speed 100
no cdp enable
!
interface GigabitEthernet0/0/1
switchport access vlan 24
duplex full
speed 100
no cdp enable
!
interface GigabitEthernet0/0/2
description Not Used
shutdown
no cdp enable
!
interface GigabitEthernet0/0/3
description Not Used
shutdown
no cdp enable
!
interface Serial0/1/0:0
description Former Point-to-Point to Dulles
no ip address
ip pim sparse-dense-mode
ip ospf authentication-key efjohnso
ip ospf network point-to-point
shutdown
no fair-queue
no cdp enable
!
interface Serial0/1/1:0
description Not Used
no ip address
shutdown
no cdp enable
!
interface Serial0/1/2:0
description Former Point-to-Point to ND1
no ip address
ip pim sparse-dense-mode
ip ospf authentication-key efjohnso
ip ospf network point-to-point
shutdown
no fair-queue
no cdp enable
!
interface Serial0/1/3:0
description Former Point-to-Point to Gloucester
no ip address
ip pim sparse-dense-mode
ip ospf authentication-key efjohnso
ip ospf network point-to-point
shutdown
no fair-queue
no cdp enable
!
interface Vlan1
description Not Used
no ip address
shutdown
!
interface Vlan23
description Backup Area 0.0.0.0
ip address 10.0.23.90 255.255.255.252
no ip proxy-arp
ip ospf authentication-key efjohnso
ip ospf cost 125
!
interface Vlan24
description Backup Area 0.0.0.0
ip address 10.0.23.93 255.255.255.252
no ip proxy-arp
ip ospf authentication-key efjohnso
ip ospf cost 125
!
!
router ospf 100
area 0.0.0.0 authentication
area 1.1.1.1 authentication
area 4.4.4.4 authentication
network 10.0.8.32 0.0.0.3 area 4.4.4.4
network 10.0.9.32 0.0.0.3 area 4.4.4.4
network 10.0.10.32 0.0.0.3 area 4.4.4.4
network 10.0.22.0 0.0.0.255 area 1.1.1.1
network 10.0.23.16 0.0.0.15 area 0.0.0.0
network 10.0.23.52 0.0.0.3 area 0.0.0.0
network 10.0.23.88 0.0.0.3 area 0.0.0.0
network 10.0.23.92 0.0.0.3 area 0.0.0.0
!
no ip classless
no ip forward-protocol nd
!
ip pim accept-rp auto-rp
ip pim send-rp-announce GigabitEthernet0/0 scope 4
ip pim send-rp-announce GigabitEthernet0/1 scope 4
ip pim send-rp-announce Serial0/1/0:0 scope 2
ip pim send-rp-announce GigabitEthernet0/2.1424 scope 2
ip pim send-rp-announce GigabitEthernet0/2.1426 scope 2
ip pim send-rp-announce GigabitEthernet0/2.1739 scope 2
ip pim send-rp-discovery scope 4
no ip http server
no ip http secure-server
!
ip ospf name-lookup
!
logging esm config
logging history size 400
logging history notifications
logging trap notifications
access-list 101 permit tcp host 10.0.22.10 any
access-list 101 permit tcp host 10.0.22.11 any
access-list 101 permit tcp host 10.0.22.111 any
access-list 102 permit tcp host 10.0.22.9 any
access-list 102 permit udp host 10.0.22.9 any
access-list 198 permit ip host 10.0.23.17 any
access-list 198 permit ip host 10.0.23.18 any
access-list 198 permit ip host 10.0.23.20 any
access-list 198 permit ip host 10.0.23.21 any
access-list 198 permit ip host 10.0.23.30 any
access-list 198 permit pim any any
access-list 198 permit icmp any any
access-list 198 permit igmp any any
access-list 198 permit udp any any
access-list 198 permit tcp any any
access-list 198 permit ospf any any
access-list 198 deny ip any any
access-list 199 permit ip host 10.0.22.1 any
access-list 199 permit ip host 10.0.22.2 any
access-list 199 permit ip host 10.0.22.4 any
access-list 199 permit ip host 10.0.22.5 any
access-list 199 permit ip host 10.0.22.8 any
access-list 199 permit ip host 10.0.22.9 any
access-list 199 permit ip host 10.0.22.10 any
access-list 199 permit ip host 10.0.22.11 any
access-list 199 permit ip host 10.0.22.12 any
access-list 199 permit ip host 10.0.22.13 any
access-list 199 permit ip host 10.0.22.14 any
access-list 199 permit ip host 10.0.22.111 any
access-list 199 permit udp any any
access-list 199 permit pim any any
access-list 199 permit igmp any any
access-list 199 permit icmp any any
access-list 199 permit tcp any any
access-list 199 permit ospf any any
access-list 199 deny ip any any
!
no cdp run
09-27-2013 04:18 AM
From what I see, it looks like the acl could be blocking your traffic. What is the ip address of the server that you want to rdp to?
HTH,
John
*** Please rate all useful posts ***
09-27-2013 05:07 AM
i thought of that. That is why for the time being i got rid of the ACL and just left it with permit any any on all the protocols. The host computer that i'm trying to reach is 10.0.22.111. I think I have a NAT problem. Because my ROUTER A GigabitEthernet port 0/0 10.0.8.1 255.255.255.240 and GigabitEthernet0/1/0.1739 10.0.8.33 255.255.255.252 are on differant sebnets i'm not able to pass traffic. I've been trying to NAT them with little success. I can use the Cisco CLI to ping everything in my network so i know my VLAN works. I just can't get the damn ports to talk.
09-27-2013 05:22 AM
Can you ping the host that you can't rdp to?
Can you post "sho ip ro 10.0.22.111"?
We may need a diagram if possible.
HTH,
John
*** Please rate all useful posts ***
09-27-2013 05:55 AM
i can use the Cisco CLI to ping the host 10.0.22.111 but i can't ping it from cmd prompt if i plug it into my router The host computer is at my primary site and my ROUTER A is located at a remote site. And my office that I'm at is at another site. So in order to get the sh ip int br and other info i'd have to go out there (about an hour drive). All i have on hand are the configs. Sorry
09-27-2013 07:37 AM
Please post a diagram...
Which router are you getting into that you can ping the 10.0.22.111? From what I'm seeing in your configs, you may not need nat which is why I ask.
HTH,
John
*** Please rate all useful posts ***
09-27-2013 09:02 AM
Host computer 10.0.22.111 is connected to ROUTER B. When I can CLI to the host computer I am connected to the remote ROUTER A. Is there a network drawing tool on the Cisco website that I can use.
09-27-2013 09:14 AM
09-30-2013 11:23 AM
Go it working. Thanks.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: