ā10-17-2013 08:10 PM - edited ā03-04-2019 09:21 PM
Hi,
we routing problem between 2 location.
Pls. refer to the attachment diagram ROUTING
C4 is the main server.
C1, C2 and C3 desktop must access the C4 server vice-versa
Problem we cannot C1, C2 and C3 cannot ping C4
local cisco engineer configure R5 router static route, and R6, R9 & R10 default route or any/any
C4 must be access any location...
local cisco eng'r. ask us to add routes in our firewall
add routes R6, R9 and R10
we told them its not firewall related... base on the diagram its behind or inside firewall (pls. refer to attachment WAN)
They use Cisco 1941 (R5) and Cisco 1921 (R6, R9, R10)
as per our gns3 simulation is ok...
Hope you can help us....
ā10-18-2013 12:06 AM
Hi,
Some Windows OS won't accept to reply to pings from a different subnet due to their software firewall setting.
Could you try disabling software firewall of the server if it is a Windows one.
I think I replied too fast, should have taken a look at the pictures first
The subnet on BO(192.168.0.0/27) is overlapping with the one in Main office(192.168.0.0/24) so you would have to do dual NAT to get it working.
Regards
Alain
Don't forget to rate helpful posts.
ā10-18-2013 12:48 AM
Hi,
Thank you for the replay well noted
The subnet in BO is 192.168.10.0/27.
in our prepared setup BO will connect to MO to have internet/email access..
cisco local eng'r cannot do basic routing....
regarding dual NAT can you explain to me...
Thank you and best regards,
Lito
ā10-18-2013 04:27 AM
Hi,
Sorry I totally answered stupid. 192.168.0.0/24 and 192.168.10.0/27 are indeed in 2 different subnets.
I still wondering where my brain was when I replied such insanity.
So let's focus on the problem again, this time with a new brain in my head hopefully.
So my first idea of the windows software firewall denying the ping from a different subnet might well be the cause of the problem.
on the BO router can you ping the server sourcing from the LAN interface with following debug:
debug ip pack 100 det
access-list 100 permit icmp any any
Post output here.
Regards
Alain
Don't forget to rate helpful posts.
ā10-19-2013 10:21 AM
If you want to eliminate network routing start from the other direction. Ping from the server (or the hq switch if possible) down to that Mfp device at the branch. If that works you Need to concentrate on the server configs as Alain has suggested. If not, you may have a networking problem.
Sent from Cisco Technical Support iPad App
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide