cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2553
Views
0
Helpful
10
Replies

Unable to Ping ISP Default Gateway from 2911/K9

shimabuku
Level 1
Level 1

I am unable to ping my ISP default gateway from the 2911/K9. I have verifed the ISP connection by directly connecting the cable to my laptop with static ip addresses. Here is the running config and show version. Any help is greatly appreciated. Thanks!

Current configuration : 1468 bytes

!

! Last configuration change at 19:14:59 UTC Mon Sep 9 2013

!

version 15.0

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Router

!

boot-start-marker

boot-end-marker

!

! card type command needed for slot/vwic-slot 0/0

no logging console

!

no aaa new-model

!

!

!

!

no ipv6 cef

ip source-route

ip cef

!

!

!

!

ip name-server 24.xxx.xxx.xxx

ip name-server 209.xxx.xxx.xxx

ip name-server 8.8.8.8

!

multilink bundle-name authenticated

!

!

!

voice-card 0

!

!

!

!

!

!

license udi pid CISCO2911/K9 sn FTX1453AHDA

license accept end user agreement

license boot module c2900 technology-package securityk9

license boot module c2900 technology-package uck9

license boot module c2900 technology-package datak9

!

!

vtp domain cisco

vtp mode transparent

vtp version 2

!

redundancy

!

!

interface Loopback0

ip address 10.0.99.1 255.255.255.0

!

!

interface GigabitEthernet0/0

ip address xxx.xxx.xxx.114 255.255.255.252

duplex auto

speed auto

no cdp enable

!

!

interface GigabitEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

!

interface GigabitEthernet0/2

no ip address

shutdown

duplex auto

speed auto

!

!

!

ip forward-protocol nd

!

no ip http server

no ip http secure-server

!

ip route 0.0.0.0 0.0.0.0 xxx.xxx.xxx.113

!

control-plane

!

gatekeeper

shutdown

!

!

line con 0

line aux 0

line vty 0 4

login

!

scheduler allocate 20000 1000

end

Router# show ver

Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M), Version 15.0(1)M4, RELEASE SOFTWARE (fc1)

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 1986-2010 by Cisco Systems, Inc.

Compiled Thu 28-Oct-10 18:32 by prod_rel_team

ROM: System Bootstrap, Version 15.0(1r)M9, RELEASE SOFTWARE (fc1)

Router uptime is 1 hour, 18 minutes

System returned to ROM by power-on

System image file is "flash0:c2900-universalk9-mz.SPA.150-1.M4.bin"

Last reload type: Normal Reload

This product contains cryptographic features and is subject to United

States and local country laws governing import, export, transfer and

use. Delivery of Cisco cryptographic products does not imply

third-party authority to import, export, distribute or use encryption.

Importers, exporters, distributors and users are responsible for

compliance with U.S. and local country laws. By using this product you

agree to comply with applicable laws and regulations. If you are unable

to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:

http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to

export@cisco.com.

Cisco CISCO2911/K9 (revision 1.0) with 483328K/40960K bytes of memory.

Processor board ID FTX1453AHDA

3 Gigabit Ethernet interfaces

2 Channelized (E1 or T1)/PRI ports

1 Virtual Private Network (VPN) Module

DRAM configuration is 64 bits wide with parity enabled.

255K bytes of non-volatile configuration memory.

254464K bytes of ATA System CompactFlash 0 (Read/Write)

License Info:

License UDI:

-------------------------------------------------

Device#   PID                   SN

-------------------------------------------------

*0        CISCO2911/K9          FTX1453AHDA

Technology Package License Information for Module:'c2900'

----------------------------------------------------------------

Technology    Technology-package          Technology-package

              Current       Type          Next reboot

-----------------------------------------------------------------

ipbase        ipbasek9      Permanent     ipbasek9

security      securityk9    Evaluation    securityk9

uc            uck9          Evaluation    uck9

data          datak9        Evaluation    datak9

Configuration register is 0x2102

10 Replies 10

shimabuku
Level 1
Level 1

and show ip route

Gateway of last resort is xxx.xxx.xxx.113 to network 0.0.0.0

S*    0.0.0.0/0 [1/0] via 24.43.239.113

      10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks

C        10.0.99.0/24 is directly connected, Loopback0

L        10.0.99.1/32 is directly connected, Loopback0

      xxx.0.0.0/8 is variably subnetted, 2 subnets, 2 masks

C        xxx.xxx.xxx.112/30 is directly connected, GigabitEthernet0/0

L        xxx.xxx.xxx.114/32 is directly connected, GigabitEthernet0/0

Hi,

Nothing seems to be visibly wrong in your current configuration. So you're saying when you ping 24.43.239.113 directly from the router, you get no reponses (i.e. dots, no exclamation marks)? Strange. When you do show ip arp, do you see the MAC address of the default gateway listed? If not, there must be some elementary issue why the router is not capable of communicating with a device on its own directly connected network. If the MAC address of the default gateway is resolved but the gateway still does not respond, would it be possible that it blocks pings? Would you be able in that case to ping another IP, say, 8.8.8.8, or perhaps telnet to an outside TCP port?

Best regards,

Peter

Router#show ip arp

Protocol  Address          Age (min)  Hardware Addr   Type   Interface

Internet  24.43.239.113          39   0013.f75e.1b9c  ARPA   GigabitEthernet0/0

Internet  24.43.239.114           -   503d.e533.2bd0  ARPA   GigabitEthernet0/0

Router#ping 24.43.239.113

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 24.43.239.113, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

Router#ping 8.8.8.8

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

Hi,

This is very interesting. Are you saying that if you connect a PC instead of the router, and configure the PC with identical IP settings as the router, the PC is able to ping both the gateway address and any address outside?

If yes, let's try one thing. On the router, try entering the following command in the global configuration mode:

no ip cef

This command will deactivate an accelerated mechanism of packet forwarding called CEF on Cisco routers. While deactivating it is highly discouraged, the CEF has sometimes shown glitches that caused symptoms very similar to yours. So try deactivating the CEF using the command above, and then try pinging the gateway again. After the experiment, reactivate the CEF using the ip cef global configuration command.

Best regards,

Peter

This is very interesting. Are you saying that if you connect a PC instead of the router, and configure the PC with identical IP settings as the router, the PC is able to ping both the gateway address and any address outside?

Yes.

I have disabled CEF thru global config mode and still cannot ping the gateway. Maybe there is an issue with this particular IOS image?

Hi,

I do not believe this is an IOS issue at this point. Such a grave error would be detected soon.

Reactivate the CEF, please, and let's try one more experiment. Try configuring your laptop with the IP address 24.43.239.113/30 and connect it to your router's Gi0/0 port instead of the ISP. Then try pinging the router from the laptop, and the laptop from the router (you may want to temporarily disable the Windows firewall on the laptop that like to skew the results). If this ping works then the router is not faulty, and we have to focus on the ISP connection. If the ping between the router and the laptop does not work from either side, there is something very fishy going on.

Best regards,

Peter

Unable to configure laptop with that particular ip address and mask. I get an error "You entered an invlaid subnet mask. The subnet mask has to be contiguous. Please enter a valid mask."

I have attached a WS-C3550-48-EMI to G0/1 on the router and enabled ip routing on the switch.

interface GigabitEthernet0/1

ip address 10.0.0.1 255.255.255.252

duplex auto

speed auto

interface FastEthernet0/48

no switchport

ip address 10.0.0.2 255.255.255.252

Unable to ping from switch to router and vice versa. Also disabled/enabled CEF on the router and switch.

Also unable to see it as a cdp neighbor on both sides.

Hi,

Regarding the configuration of your laptop, you must have made a typo in the netmask you were configuring - this is what it meant by saying "the subnet mask has to be contiguous". I am sure the address of 24.43.239.113 and netmask 255.255.255.252 is a usable combination.

Regarding the inability to ping between your router and the C3550, I am confused. There is either a very elementary error we're doing, or the router is a brick.

Can you at least ping your own IP addresses on the router? Are the interfaces on the router and switch in the up/up state?

Best regards,

Peter

Hi,

for the router to ISP gateway ping failure(as well as ping to 8.8.8.8),can you get the MAC address of the working laptop NIC with ipconfig/all then go to the router and on the interface connected to the ISP gateway issue this command:

int g0/0

mac-address xxxx.xxxx.xxxx where xxxx.xxxx.xxxx is the MAC you discovered with the ipconfig/all on the working PC.

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco