Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

805 routing woes

Hi all

I have 2 cisco 805s connceted by leased line using PPP.

I can telnet into each of them no problem, but cannot do anything else!

No ping, no network connection on my user PCs nothing.

Anybody want to have a look at these 2 confs and see where Im going wrong.

Home:

version 12.0

no service pad

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname KFRouterA

!

enable password 7 0215114B0E140D

!

!

!

!

!

ip subnet-zero

no ip source-route

!

no ip domain-lookup

cns event-service server

!

!

!

!

!

interface Ethernet0

description connected to KF Network

ip address 192.168.91.199 255.255.255.0

ip access-group 121 in

no ip directed-broadcast

no ip proxy-arp

!

interface Serial0

description connected to AWAY

bandwidth 64

ip address 192.168.200.1 255.255.255.252

no ip directed-broadcast

encapsulation ppp

fair-queue 64 128 0

!

router rip

version 2

network 192.168.91.0

network 192.168.200.0

no auto-summary

!

no ip http server

ip classless

ip route 0.0.0.0 0.0.0.0 Serial0

!

access-list 121 permit ip any any

access-list 900 permit any

snmp-server engineID local 00000009020000024B7D62CA

!

line con 0

exec-timeout 0 0

password 7 071C345C4B1B1B

login

transport input none

stopbits 1

line vty 0 4

password 7 071C345C4B1B1B

login

!

end

Away:

Current configuration:

!

version 12.0

no service pad

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname WH1Router

!

enable password 7 06151A31495C0B

!

!

!

!

!

ip subnet-zero

!

no ip domain-lookup

cns event-service server

!

!

!

!

!

interface Ethernet0

description connected to EthernetLAN

ip address 192.168.199.1 255.255.255.0

no ip directed-broadcast

!

interface Serial0

description connected to KFRouterA

ip address 192.168.200.2 255.255.255.0

no ip directed-broadcast

encapsulation ppp

no ip mroute-cache

!

router rip

version 2

network 192.168.199.0

network 192.168.200.0

no auto-summary

!

no ip http server

ip classless

!

snmp-server engineID local 00000009020000024B7D6307

snmp-server community public RO

!

line con 0

exec-timeout 0 0

password 7 111A0C15120009

login

transport input none

stopbits 1

line vty 0 4

password 7 111A0C15120009

login

!

end

Many thanks

21 REPLIES

Re: 805 routing woes

Did you check the gateway settings on your PCs ?? are they able to also ping their default gateways on their respective lans?

New Member

Re: 805 routing woes

Thanks for the prompt reply.

Yes (though I can't check it now). However we are trying to ping from home admin PCs through to away. Gateway on home PCs surely shouldn't matter?

Note there's a typo in the conf for home's serial network mask, .0, not .252!

This was all set up and working a few months ago in a test environment, but for IPX as well. We removed IPX (and obviously something else too), can't see any other differences, but the new line gets installed in the next week, so the 805s have to start earning a living.

To recap. If we telnet into 'home' we can ping or telnet out to anywhere. Ditto if we telnet into away. From a PC on the same network as home's e0 we can ping home's e0, but not s0 or anything over that port.

I suppose the question is 'what is missing from the 'home' conf?

New Member

Re: 805 routing woes

Can you post the output from show ip route?

bcbv

New Member

Re: 805 routing woes

Im no expert here but.

Would it matter that you dont have the line

ip route 0.0.0.0 0.0.0.0 Serial0

on the Away router ? Thats all i can think of.

Also you might want to have a look at NAT.

New Member

Re: 805 routing woes

On the away router as in the previous mail, you need to give ip route command, it doesnt know where to send the return traffic.

Also instead of specifying the outgoing interface, give the next hop ip address.

coz you are using a point to point link with static ip address. In this case, the next hop ip address need to be used in the ip rotue command. The outgoing interface is specified when the interface which is connected to outside has ip unnumbered.

Please try giving the next hop ip address in ip route command instead of serial 0

-Deepu

New Member

Re: 805 routing woes

As requested

(Home - KFRouter)

Gateway of last resort is 0.0.0.0 to network 0.0.0.0

C 192.168.91.0/24 is directly connected, Ethernet0

R 192.168.199.0/24 [120/1] via 192.168.200.2, 00:00:26, Serial0

192.168.200.0/24 is variably subnetted, 2 subnets, 2 masks

C 192.168.200.0/24 is directly connected, Serial0

C 192.168.200.2/32 is directly connected, Serial0

S* 0.0.0.0/0 is directly connected, Serial0

(Away - WH1Router)

Gateway of last resort is 0.0.0.0 to network 0.0.0.0

R 192.168.91.0/24 [120/1] via 192.168.200.1, 00:00:12, Serial0

C 192.168.199.0/24 is directly connected, Ethernet0

192.168.200.0/24 is variably subnetted, 2 subnets, 2 masks

C 192.168.200.0/24 is directly connected, Serial0

C 192.168.200.1/32 is directly connected, Serial0

S* 0.0.0.0/0 is directly connected, Serial0 (added as per Bena's suggestion)

Network Diagram (if it clarifies anything)

network & servers 192.168.91.x

||

||

Home e0: 192.168.91.199

Home s0: 192.168.200.1

||

|| Leased Line

||

Away s0: 192.168.200.2

Away e0: 192.168.199.1

||

||

Switch and Wyse boxes on 192.168.199.x

On the other response:-

If we replace the ip route command 0.0.0.0 0.0.0.0 serial0

in home with a 'next hop' variation will we be referring to the leased line network or the literal next destination?

ie:

ip route 192.168.200.1 0.0.0.0 192.168.200.0

or

ip route 192.168.200.1 0.0.0.0 192.168.199.0

Isn't the biggest clue here that a home pc cannot ping (or ping past) the s0 interface on the home router? (ie I can't ping 192.168.200.1 or anything past that)

Bronze

Re: 805 routing woes

All the talk about the static routes is irrelevent. RIP should be giving full connectivity to the far end. The fact that you cant ping the S0 interface on the same router whose ethernet you can ping makes it sound like the pc doesn't have its gateway or mask defined properly. Or that access-list 121 is not what it appears.

Re: 805 routing woes

I agree with Richard's post.

As I posted before, check your gateway settings on the PC.

New Member

Re: 805 routing woes

As priviously posted, the static routes don't need to be there because of RIP. You may want to remove them to minimize the confusion. If you are confident that the default gateway on the pc's is set correctly to the ip address of the ethernet port on the local router then take a look at your netwask, especially on the serial interfaces. According to the sh ip route you have /32 mask on those interfaces. Doesn't look right to me.

bcbv

New Member

Re: 805 routing woes

Thanks for all the help so far guys, I really appreciate it.

As I understand you...I had the gateways incorrect. I have changed them accordingly.

I can remove the - ip route 0.0.0.0 0.0.0.0 serial0 statements from both routers.

I then setup my WYSE boxes gateway to the e0 address of the router its attached to (WH1Router/192.168.199.1)

The mask used is 255.255.255.0 throughout. (Cant figure out why its listing /32 there)

Then try it...

On a side note, is there a command to reboot the router from within telnet ?

Bronze

Re: 805 routing woes

yes RELOAD

New Member

Re: 805 routing woes

Don't forget to "Write Mem" before you reload! ;=0

Re: 805 routing woes

Before reloading, make sure you save your configs.

New Member

Re: 805 routing woes

Thanks all.

This noob is learning stacks.

I seem to be getting somewhere at last. Have taken all suggestions into account, but have 1 small item that I still can't figure out.

Here is a ping list from configmaker.

KFRouterA, Ethernet 0 (192.168.91.199)... okay

KFRouterA, Async/Sync 0 (192.168.200.1)... okay

WH1Router, Ethernet 0 (192.168.199.1)... no response

WH1Router, Async/Sync 0 (192.168.200.2)... okay

Citrix Box, 10/100 Ethernet 0 (192.168.91.3)... okay

KF5, 10/100 Ethernet 0 (192.168.91.5)... okay

WYSE, 10/100 Ethernet 0 (192.168.199.2)... no response

Ping was partially successful.

Seems I now have access over the leased line, but thats where it stops. The Ethernet side and the WYSE box connected to it, I can't access.

I can confirm that the WYSE box has its gateway set at 192.168.199.1 and it can talk to the router. It doesn't seem to be able to hop over to the 192.168.200.x part to access our main network at 192.168.91.x

Any suggestions on what to try next.

Re: 805 routing woes

Is the configmaker pc on the 91.x network ?

New Member

Re: 805 routing woes

Yes - I should have mentioned that hey :)

Re: 805 routing woes

What are the response times for pings from a pc on 91.x network to 200.2 ip address ? Try increasing the time out for each ping packet send and see if you are getting response back from the the far end router's ethernet as well as from the WYSE box.

From a MSDOS shell, ping -w will be the command to adjust the timeout of each ping packet.

I dont see another reason why the far end router's ethernet and the WYSE box isnot responding back...

Last but least, I would prefer to see your current config, your current routing table at either ends, as well as to double check the default gateway settings (as last resort) once again.

HTH

New Member

Re: 805 routing woes

OK

After playing some more I realise that the first answers were in fact correct.

Gateways are my problem.

If I change the gateway on my PC (which is on 192.168.91.x) to the e0 address viz 192.168.91.199; I can ping the whole way through to the WYSE box at 192.168.199.2 - Which tells me the routers are working correctly.

The problem then arises that I cannot access the internet through my firewall (which is at 192.168.91.1)

If I change the gateway to what it was, the firewall, I cannot ping past the s0 on the away router, but I can access the internet.

I also have a static network route setup on the netware server that contains the following routes:

Deafult Route 192.168.91.1 (The firewall)

x.x.x.x 192.168.91.1 (Our ISPs DNS )

192.168.200.0 192.168.91.199

192.168.199.0 192.168.200.2

If you still need all the configs and routing tables I can supply them. They haven't changed significantly, I just took out the 2 commands - ip route 0.0.0.0 0.0.0.0 serial0 and removed all access-list commands.

Silver

Re: 805 routing woes

Try making the default route on your home router to point to 192.168.91.1 (which I believe is where your internet access is connected to).

Re: 805 routing woes

As per the above post, make a default route on home router pointing to 192.168.91.1 (firewall) and on the hosts on the 91.x network, set the default gateway as 192.168.91.199. This should solve all your problems.

Note : Initially all PCs accessing internet should go via the home router and then from home router to the firewall and out to the internet. Once the router finds that the firewall is also on the same lan, it should send a IP redirect to the PCs and from then on, PCs accessing internet will directly talk to the firewall.

New Member

Re: 805 routing woes

I'm obviously misleading you. The PCs (actually Wyse boxes) on network 192.168.199.x want to connect to a Citrix box on 192.168.91.3.

I don't want them going anywhere NEAR the internet . This is in fact a trial installation and there will be more such routers, each looking after a remote location via leased line (ain't telecom monopolies wunnerful?).

As my requirement is so fixed wouldn't I be better off dumping RIP and going to simple static routes?

216
Views
0
Helpful
21
Replies
CreatePlease to create content