shifka_75
asked on
Routing problem
I am in the process of configuring the router for the first time. The router is 2651 with two fastethernet interfaces. I have configured the following ip addresses for the interfaces. Fastethernet0/0 ipaddress 192.168.0.254, Fastethernet0/1 ipaddress 192.168.1.254. The routing RIP is enabled for both networks. Now I sit on a PC 192.168.1.1 and try to ping 192.168.0.1 computer, I cannot. I have set the default gateway for the PC as IP address of the router interface. I can ping both IP addresses of the interfaces but not any other address on other network.
funny thing is that ip routing is usually DISABLED by default when you first configure a router. It's one of the gotchas, you do need to explicitly enable it as pseudocyber has described.
ASKER
Thanks a lot for your comments.... I typed ip routing command. As you mentioned. I can only ping 192.168.0.2 computer on the other network from PC 192.168.1.1 and vice versa. But I cannot ping any other computer on this network 192.168.0.0 from 192.168.1.0 network and vice versa.
For testing purposes I have attached one router interface to the computer directly 192.168.1.1, and other interface to the switch 192.168.0.0 network with around 40 computers. Only 192.168.0.2 can access other network and vice versa
Any suggestions!!! Thanks
For testing purposes I have attached one router interface to the computer directly 192.168.1.1, and other interface to the switch 192.168.0.0 network with around 40 computers. Only 192.168.0.2 can access other network and vice versa
Any suggestions!!! Thanks
OK, let me get this correct, you have:
PC1 - 192.168.0.1
PC2 - 192.168.1.1
Fa0/0 - 192.168.0.254
Fa0/1 - 192.168.1.254
To debug this, you need to work out where the problem is.
1. From PC1, ping Fa0/0
2. From PC1, ping Fa0/1
3. From PC1, ping PC2
4. From router, ping PC1
5. From router, ping PC2
6. From PC2, ping Fa0/1
7. From PC2, ping Fa0/0
8. From PC2, ping PC1
and the results are ?
As requested by pseudo, can you post the output from the router command "show ip route". Can you also post the output from the router command "sho ip int brief". It would also be helpful if you can post the config of the router (use "show run").
PC1 - 192.168.0.1
PC2 - 192.168.1.1
Fa0/0 - 192.168.0.254
Fa0/1 - 192.168.1.254
To debug this, you need to work out where the problem is.
1. From PC1, ping Fa0/0
2. From PC1, ping Fa0/1
3. From PC1, ping PC2
4. From router, ping PC1
5. From router, ping PC2
6. From PC2, ping Fa0/1
7. From PC2, ping Fa0/0
8. From PC2, ping PC1
and the results are ?
As requested by pseudo, can you post the output from the router command "show ip route". Can you also post the output from the router command "sho ip int brief". It would also be helpful if you can post the config of the router (use "show run").
oops, I just reread your comment, are you saying that from PC 192.168.1.1 you CAN ping 192.168.0.2 ? If so, then it looks like your router may be working as expected.
If so, then I would check that the rest of the PC's on the 192.168.0.0 network have the default gateway set correctly to 192.168.0.254.
If so, then I would check that the rest of the PC's on the 192.168.0.0 network have the default gateway set correctly to 192.168.0.254.
Also, make sure all subnet masks are set correctly.
2 things you can try that will point you to where the promlem is.
1. Do a tracert from a pc on one side of the router to a pc on the other? where does it start timing out.
2. From the router itself and do an extended ping to a pc using the opposite side router interface.
If you need help with extended ping let me know.
1. Do a tracert from a pc on one side of the router to a pc on the other? where does it start timing out.
2. From the router itself and do an extended ping to a pc using the opposite side router interface.
If you need help with extended ping let me know.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks a lot for such informative comments. Now my problem is solved, I am able to ping the other network and vice versa.
Now another problem, I can ping 192.168.0.2 machine from 192.168.1.1 machine across router and vice versa. My 192.168.0.2 machine in the domain controller with DNS and DHCP running on this machine.
I want that my computer 192.168.1.1 should now get the ip address from this DHCP server, and also use this as DNS. When I write the command ipconfig/renew (after selecting the option "obtain ip address automatically"), it says cannot connect to DHCP, similarly NSLOOKUP doesnot work from other network 192.168.1 .
Although I tried to add this computer 192.168.1.1 to domain (192.168.0.2 domain controller), it worked and I can login using my domain account.
PLease help me out of it.
Now another problem, I can ping 192.168.0.2 machine from 192.168.1.1 machine across router and vice versa. My 192.168.0.2 machine in the domain controller with DNS and DHCP running on this machine.
I want that my computer 192.168.1.1 should now get the ip address from this DHCP server, and also use this as DNS. When I write the command ipconfig/renew (after selecting the option "obtain ip address automatically"), it says cannot connect to DHCP, similarly NSLOOKUP doesnot work from other network 192.168.1 .
Although I tried to add this computer 192.168.1.1 to domain (192.168.0.2 domain controller), it worked and I can login using my domain account.
PLease help me out of it.
Use the IP Helper command on the Cisco router to point one subnet to the other for DHCP.
Yes, on the 192.168.1.0 interface, type
ip helper-address 192.168.0.2
and you should be good to go
ip helper-address 192.168.0.2
and you should be good to go
ASKER
Thanks a lot for your suggestions. Now everything is setup and next step is applying the access lists. What I want is that
1) Any user on the network 192.168.1.0 can login to the server 192.168.0.2 with his domain account in active directory,
2) Same server to be used as DNS and DHCP for 192.168.1.0 Network.
3) The users should not have any access to computers or or files etc on 192.168.0.0 Network
4) The users on 192.168.1.0 Network can access the Web services (IIS) from 192.168.0.3 computer
5) The users on 192.168.1.0 Network can access the Microsoft exchange server with Ip address 192.168.0.5
6) The users on 192.168.1.0 Network should be able to access the file server 192.168.0.6 only for saving their data.
7) The users in 192.168.1.0 Network should be able tyo access the Database server with Ip address 192.168.0.4
8) The users in 192.168.1.0 Network should be able to access the ISA proxy server with Ip address 192.168.0.1 for Internet access.
Any other access is restricted
Waiting for your suggestions
Thanks a lot!!
1) Any user on the network 192.168.1.0 can login to the server 192.168.0.2 with his domain account in active directory,
2) Same server to be used as DNS and DHCP for 192.168.1.0 Network.
3) The users should not have any access to computers or or files etc on 192.168.0.0 Network
4) The users on 192.168.1.0 Network can access the Web services (IIS) from 192.168.0.3 computer
5) The users on 192.168.1.0 Network can access the Microsoft exchange server with Ip address 192.168.0.5
6) The users on 192.168.1.0 Network should be able to access the file server 192.168.0.6 only for saving their data.
7) The users in 192.168.1.0 Network should be able tyo access the Database server with Ip address 192.168.0.4
8) The users in 192.168.1.0 Network should be able to access the ISA proxy server with Ip address 192.168.0.1 for Internet access.
Any other access is restricted
Waiting for your suggestions
Thanks a lot!!
Well, this question has really gotten involved for only 50 points - but you did get it answered.
If you want help configuring your access lists, I'd suggest opening a new question for more points.
If you want help configuring your access lists, I'd suggest opening a new question for more points.
I assume you haven't turned of IP routing with "no ip routing". You might want to type "ip routing" just for the halibut.
You might want to type "show ip route" from global exec mode to examine the routing table. All interfaces up? You could type "show ip int" and examine them.