Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

not able to communicate other end router Cisco 851 using Cisco 1941 or viceversa

We have established new IPLC link ( Point to Point ) from A to B ( Location using some service provider), A is having Cisco 1941, B is having Cisco 851, but when ever we try to ping from A to B or B to A there is lot of packet drops, some times it pings sometimes not( out of 1000 response only 50 or 100 packets are through ), @ Location A we connected dfferent make router i.e techroute, from this router we were able to ping B location & viceversa ( no packet loss ).

In IPLC only 2 ip's exists, 1 is A location interface & another B location interface, I have to communicate using Cisco device only.

I have no idea wat's wrong. since its working fine from other router its not service provider problem.

Please find A locaiton config details

A_locaitona#sh run
Building configuration...

Current configuration : 4880 bytes
!
! Last configuration change at 07:39:24 UTC Thu Oct 28 2010 by admin
!
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname A_locaiton
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
no ipv6 cef
ip source-route
ip cef
!
!
!
!
multilink bundle-name authenticated
!
!
crypto pki trustpoint TP-self-signed-1625738334
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1625738334
revocation-check none
rsakeypair TP-self-signed-1625738334
!
!
crypto pki certificate chain TP-self-signed-1625738334
certificate self-signed 01
  3082024F 308201B8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 31363235 37333833 3334301E 170D3130 30383031 30323333
  34365A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 36323537
  33383333 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100D5DE 5FBBAFCB 096A31A3 EAED58A1 D96E060A 9D0575C6 A9808960 8E3E94CD
  4C9406A6 F23346BD F96F99D1 25BD8027 FF052621 14F5BBB4 C3FF271E B0E57A9E
  832CEB12 CD5B4855 31680DAB 03E784F6 B6A2C0F6 0BEF3CC6 C8CF8B73 7DC3BC92
  392C8045 CAD8E3A2 56234CFB 80C10A04 882BC133 01E3D040 7C4B40BE 468065AC
  FFD70203 010001A3 77307530 0F060355 1D130101 FF040530 030101FF 30220603
  551D1104 1B301982 17796F75 726E616D 652E796F 7572646F 6D61696E 2E636F6D
  301F0603 551D2304 18301680 1477EEBE 9477FDDB 891CABD3 B42F66FE F701BF0D
  2E301D06 03551D0E 04160414 77EEBE94 77FDDB89 1CABD3B4 2F66FEF7 01BF0D2E
  300D0609 2A864886 F70D0101 04050003 818100B6 E72D3AE4 0731AD4E 8FC04911
  9C6AAE22 CE83CE48 5E926E68 6CBBEE9F A94D3F09 EA5FE59A B1D4A524 2753F1A4
  73AF18A3 2517B236 7E8C3129 9AEB12A7 EE89CF8D DDA56DCF 9C4C6AC3 30350848
  1728DA2F B6437314 C1DD958E 9966DA3E B832D0CE DBD4653F F3690DA5 D98E947D
  FA10A19C E179E998 8D7B2092 ECFD209A 8BFEB6
        quit
license udi pid CISCO1941/K9 sn FHK143175QC
!
!
username admin privilege 15 secret 5 $1$Y.aA$qYxgpjXhGWBOIbFunIAr.1
!
!
!
!
!
!
interface GigabitEthernet0/0
description **********Reliance Interface**********
ip address 10.254.25.61 255.255.255.252
duplex full
speed 100
!
interface GigabitEthernet0/1
description **********A Location**********
ip address 10.7.29.251 255.255.255.0
duplex auto
speed auto
!
no ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 10.254.25.62
ip route 10.7.29.0 255.255.255.0 10.7.29.1
ip route 192.168.178.150 255.255.255.255 10.7.29.1
ip route 192.168.248.111 255.255.255.255 10.7.29.1
ip route 192.168.248.167 255.255.255.255 10.7.29.1
!
!
!
!
control-plane
!
banner exec ^C
% Password expiration warning.
-----------------------------------------------------------------------

Cisco Configuration Professional (Cisco CP) is installed on this device
and it provides the default username "cisco" for  one-time use. If you have
already used the username "cisco" to login to the router and your IOS image
supports the "one-time" user option, then this username has already expired.
You will not be able to login to the router with this username after you exit
this session.

It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.

username <myuser> privilege 15 secret 0 <mypassword>

Replace <myuser> and <mypassword> with the username and password you want to
use.

-----------------------------------------------------------------------
^C
banner login ^C
-----------------------------------------------------------------------
Cisco Configuration Professional (Cisco CP) is installed on this device.
This feature requires the one-time use of the username "cisco" with the
password "cisco". These default credentials have a privilege level of 15.

YOU MUST USE CISCO CP or the CISCO IOS CLI TO CHANGE THESE  PUBLICLY-KNOWN
CREDENTIALS

Here are the Cisco IOS commands.

username <myuser>  privilege 15 secret 0 <mypassword>
no username cisco

Replace <myuser> and <mypassword> with the username and password you want
to use.

IF YOU DO NOT CHANGE THE PUBLICLY-KNOWN CREDENTIALS, YOU WILL NOT BE ABLE
TO LOG INTO THE DEVICE AGAIN AFTER YOU HAVE LOGGED OFF.

For more information about Cisco CP please follow the instructions in the
QUICK START GUIDE for your router or go to http://www.cisco.com/go/ciscocp
-----------------------------------------------------------------------
^C
!
line con 0
login local
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
end

Please find B location router configuration


!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname B_location
!
boot-start-marker
boot-end-marker
!
no logging buffered
enable secret 5 $1$0rDY$TFAOXAvXewtJ.IKGq8J9t1
!
no aaa new-model
clock timezone Paris 1
clock summer-time Paris date Mar 30 2003 2:00 Oct 26 2003 3:00
!
crypto pki trustpoint TP-self-signed-2838018537
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2838018537
revocation-check none
rsakeypair TP-self-signed-2838018537
!
!
crypto pki certificate chain TP-self-signed-2838018537
certificate self-signed 01
  30820245 308201AE A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 32383338 30313835 3337301E 170D3032 30333031 30303232
  31305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 38333830
  31383533 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  81009E6B 6533AFD6 C88073A9 3AA0FC19 2D70FB7F 1EDD46C9 0933FB64 0863E51D
  A0026D37 CFFEE1E9 1B0CF106 98F10503 FE9E50BC 7B2B6A3A FDFD0DED DBCCC408
  63491032 904D02DA B45BAE50 A39AA5B8 4162AEAE 09C067D5 ACEF08B0 A7A1210C
  81FA3B16 FD563E0F 2D6826BF E8E0A194 0E46A220 B86C9029 FCE53F65 308D64C8
  35D50203 010001A3 6D306B30 0F060355 1D130101 FF040530 030101FF 30180603
  551D1104 11300F82 0D426173 74696F6E 2D4C616E 6454301F 0603551D 23041830
  1680146A 8A0CD079 C424D6FF 7D9646A4 8311B3D2 6CDA2A30 1D060355 1D0E0416
  04146A8A 0CD079C4 24D6FF7D 9646A483 11B3D26C DA2A300D 06092A86 4886F70D
  01010405 00038181 007366D9 C6BFB838 1ACB1D48 F29317CC 8F97F6FF 4BC32963
  A36C2E60 6B8954C7 351A5E1D A8928315 9A3856ED 2A7EFAFA B686A539 80C5AEE0
  CECA5FBA 8A3E9168 F0A4560B ED950471 E9177190 8ACAEE4D AC8C63CC F1722F35
  F45AE68F 66C8CC27 D5ADF3DF E27E2346 0DE635AD A5B78A72 58EF1D16 EEB4CA69
  D8B4800A 198CF2C9 BE
      quit
dot11 syslog
!
!
ip cef
!
!
!
username akka privilege 15 secret 5 $1$RE5.$po8OWcBoHFo.7n6B50nPf.
!
!
archive
log config
  hidekeys
!
!
ip tftp source-interface Vlan1
!
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
description *****B Location ****
ip address 10.254.25.62 255.255.255.252
no ip route-cache cef
no ip route-cache
speed 100
full-duplex
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 10.168.200.10 255.255.255.0
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 10.254.25.61
ip route 172.25.31.0 255.255.255.0 10.168.200.58
ip route 192.168.2.0 255.255.255.0 10.168.200.92
!
no ip http server
ip http access-class 2
ip http secure-server
!
access-list 2 permit 10.168.200.0 0.0.0.255
access-list 2 permit 172.25.31.0 0.0.0.255
access-list 100 permit ip any any
access-list 120 permit ip any any
access-list 150 permit ip any any
!
control-plane
!
!
line con 0
exec-timeout 59 0
logging synchronous
login local
no modem enable
line aux 0
line vty 0 4
access-class 2 in
exec-timeout 59 0
logging synchronous
login local
length 0
transport input ssh
!
scheduler max-task-time 5000
end

Everyone's tags (1)
9 REPLIES
Hall of Fame Super Gold

Re: not able to communicate other end router Cisco 851 using Cis

Likely faulty circuit, complain to SP.

New Member

Re: not able to communicate other end router Cisco 851 using Cis

but same works with non cisco device i.e. Techroute.

Re: not able to communicate other end router Cisco 851 using Cis

Hi anil,

Your config looks ok as there is no more stuff except ip at both end. Moreover your duplex/speed setting
also look good (forcefully set to 100/full). To know the exact reason you have to go step-by-step


like

> Disconnect one 851 router and attach techroute and then see the results
> If result is ok you can do same thing with 1941 router.
> also check the power parameter...is there any earth leakage at your site.
> In addition you can try changing speed/duplex parameter to auto/auto..need to change at provider end also
> if you can paste output of sh int from both end will be more useful

hope this is helpful

Regards

Mahesh

Hall of Fame Super Gold

Re: not able to communicate other end router Cisco 851 using Cis

Your config looks ok as there is no more stuff except ip at both end. Moreover your duplex/speed setting

also look good (forcefully set to 100/full). To know the exact reason you have to go step-by-step

Harcoding is not always good. if the other side is hardcoded half-duplex, it will have be excessive colisions and packet drops.

New Member

Re: not able to communicate other end router Cisco 851 using Cis

duplex & speed is suggested by service provider. we tried changing to auto also but it didn't work.

we tried connecting Foundary L3 in that also we had same issue, then we created vlan on L3 then it worked perfectly.

How to create Vlan on Cisco Router & assign vlan to interface ? seems like some broadcast is creating issue if so how to stop the same

Find other end interface

The interface

Bastion-LandT#sh interfaces FastEthernet 4
FastEthernet4 is up, line protocol is up
  Hardware is PQUICC_FEC, address is a8b1.d4c2.82ec (bia a8b1.d4c2.82ec)
  Description: $ETH-WAN$
  Internet address is 10.254.25.62/30
  MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Full-duplex, 100Mb/s, 100BaseTX/FX
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 21:13:18, output 00:00:54, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     51905 packets input, 15561314 bytes
     Received 43 broadcasts, 0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog
     0 input packets with dribble condition detected
     53326 packets output, 16018495 bytes, 0 underruns
     0 output errors, 0 collisions, 6 interface resets
     0 unknown protocol drops
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier
     0 output buffer failures, 0 output buffers swapped out

New Member

Re: not able to communicate other end router Cisco 851 using Cis

I hope for security purposes that you plan on changing your PKI key, username and pass to your router. It shouldn't be pertinent to advertise that detail of configuration.

New Member

Re: not able to communicate other end router Cisco 851 using Cis

Also, when you did the router swap. Does the replacement router also have a GigE interface? Even though the speed is set to 100 with full duplex, I wonder if the interface is still sending a Gig worth of traffic and the ISP is dropping it because it is exceeding your committed rate? What link do you have with your ISP? Is it actually a 100Mb point to point link? Or is your traffice dumpped into the internet?

Have you considered rate limiting the Gig interface to slow down output?

New Member

Re: not able to communicate other end router Cisco 851 using Cis

other end interface is fastethernet...service provider is Reliance 4Mbps...even on other end duplex full & speed is 100..even service provider is having same speed.

even swapped 4 routers , 2 is of cisco 1841 & 2 of cisco 1941

New Member

Re: not able to communicate other end router Cisco 851 using Cis

Problem was from service provider end. He changed few settings @ his end, then started working fine from Cisco Router 1941 & even 1841

Thanks for all who tried to help me.

1474
Views
0
Helpful
9
Replies
CreatePlease to create content