Cisco Router w/ 2 connections - can ping one but not the other

Help a cisco newbie.

I hooked up a replacement 2801 to our network after pre-configuring it to replace a 1600.  When I hooked it up several things went well:

-I could connect to the router from my local network
-I could ping the other end of one connection, and it's network and points beyond from the console

And serveral things wen't bad:

-I could NOT ping the same network from a PC that I was able to ping from the console
-The second connection showed as "UP" but not able to ping the other side of it or any networks past that point

I triple checked the following:

-The IP addresses of the interfaces connecting to each other
-The line protocol is HDLC all the way around

Any ideas what could be going wrong?  I set up my replacement 2801s in a lab and connected them by creating my own RJ48 cables and everything worked great.  When I try to incorporate the new router in with WAN connections (point to point) using older routers things get funny.  I just put the old 1600 back until I could figure out what I am doing wrong.

Please help.
chronolithAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

phylaxictCommented:
Sounds like a NAT problem, could u post your configuration? And if its not a nat issue, are u sure u have used the same "external" ip address for this router as the router you are replacing? Cause if u didnt u might get some routing issues from the next hop not knowing where to send the traffic back to. If you are using a dynamic routing protocol, like RIP or OSPF... Well it can be many things hehe, maybe u should post the vital parts of your configuration in here with a little network drawing to get a more professional reply from our side ;)
chronolithAuthor Commented:
NAT is not configured on either the new or the old router.  I mirrored the interface configs in every way, checking the subnets also.  The old router does use RIP (v2) but I did not set it up on the replacement since I am explicitly static routing everything.  I will grab some configs and post.

BTW, when I set up my router lab, I did not use any ACLs on the interfaces and things went well.  The old router does have some ACLs, but I don't know why replacing the router would cause one of the WAN links to not ping through.

Thanks.
grsteedCommented:
Along with the configs, can you post the results of "show ip route" and let us know which network you can't ping from the PC?

Gary
C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

miloudiCommented:
I could NOT ping the same network from a PC that I was able to ping from the console
  How about from another PC?
  Can you ping that PC from the console?
  What is DHCP?
 
-The second connection showed as "UP" but not able to ping the other side of it or any networks past that point
  Can you ping its own IP?
  Is the cable connected to it fine?

A show config will help....

rsivanandanCommented:
I believe you don't have routing enabled on the router ? By default it won't be enabled. Go to the config mode and put in the command 'ip routing' and see if that helps.

One way to find that out is by issuing a 'sh ip route' and see if there are any entries.

Cheers,
Rajesh
chronolithAuthor Commented:
Routing is enabled.  As I mentioned, I set up my new routers in a lab enviroment and connected the t-1 WICs with RJ48 crossover cables to verify that things were working.  When I moved the 2801 over to the production network, then my problems started.

That being said, I am a newbie here and I will verify that the routing is turned on.

Thanks again.  Configs tomorrow...
JacksonQuanCommented:
at the console, type "show run"
paste the cofiguration. We will try to analyst for you. Thk.

If you want to analyst yourself, you may compare the old 1600 and new 2801 running-configuration.
chronolithAuthor Commented:
Configs from both routers:

-------------------------------------

First, the old router I am tryin to replace -


!
version 12.3
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname Lawrence
!
boot-start-marker
boot-end-marker
!
enable password 7 XXXXXXXXXXXXXXXX
!
no aaa new-model
ip subnet-zero
ip cef
!
!
no ip domain lookup
!
!
!
!
 class-map match-all voice
  match access-group 102
!
!
 policy-map voice-policy
  class voice
   priority percent 25
  class class-default
   fair-queue
!
!
!
interface Ethernet0/0
 description connected to EthernetLAN
 ip address 172.19.1.1 255.255.0.0
 full-duplex
!
interface Serial0/0
 description connection to Chatam
 ip address 192.168.103.1 255.255.255.0
 ip nbar protocol-discovery
!
interface Serial0/1
 description connected to wilson
 ip address 192.168.100.2 255.255.255.0
 ip access-group 101 in
 ip access-group 101 out
 ip nbar protocol-discovery
 service-policy output voice-policy
!
router rip
 version 2
 network 172.19.0.0
 network 192.168.100.0
 network 192.168.103.0
 neighbor 192.168.100.1
 neighbor 192.168.103.2
!
no ip http server
ip classless
ip default-network 172.18.0.0
ip route 10.129.120.210 255.255.255.255 192.168.100.1
ip route 10.129.120.212 255.255.255.255 192.168.103.2
!
!
access-list 10 permit 172.19.2.160
access-list 99 permit 172.18.1.205
access-list 99 permit 172.18.1.57
access-list 99 permit 172.18.1.56
access-list 101 permit ip any any
access-list 101 permit icmp any any
access-list 102 permit udp host 172.19.1.26 any
snmp-server community XXXXXXXXXXXXXXXX RO
snmp-server community XXXXXXXXXXXXXXXX RO 99
snmp-server location XXXXXXXXXXXXXXXX
snmp-server contact XXXXXXXXXXXXXXXX
snmp-server enable traps tty
!
line con 0
 exec-timeout 0 0
 password 7 XXXXXXXXXXXXXXXX
 login
line aux 0
line vty 0 4
 password 7 XXXXXXXXXXXXXXXX
 login
!
!
!
end



----------------------------

Second, the new router with the problems -


!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Lawrence
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip cef
!
!
!
!
ip domain name yourdomain.com
ip name-server 172.19.1.50
ip name-server 172.19.1.51
ip name-server 172.18.1.57
ip multicast-routing
!
username administrator privilege 15 secret 5 XXXXXXXXXXXXXXXX
!
!
!
interface FastEthernet0/0
 description $ETH-SW-LAUNCH$$INTF-INFO-FE 0$$ETH-LAN$
 ip address 172.19.1.2 255.255.0.0
 ip information-reply
 delay 100
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 delay 1000
 shutdown
 duplex auto
 speed auto
!
interface Serial0/1/0
 ip address 192.168.100.2 255.255.255.0
 delay 2000
!
interface Serial0/2/0
 ip address 192.168.103.1 255.255.255.0
!
interface Serial0/3/0
 ip address 192.168.104.2 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 192.168.100.1
ip route 10.129.120.210 255.255.255.255 192.168.100.1
ip route 10.129.120.212 255.255.255.255 192.168.103.2
ip route 172.18.0.0 255.255.0.0 192.168.100.1
ip route 172.20.0.0 255.255.0.0 192.168.100.1
ip route 172.21.0.0 255.255.0.0 192.168.104.1
ip route 172.22.0.0 255.255.0.0 192.168.103.2
ip route 192.168.12.0 255.255.255.0 192.168.100.1
!
ip http server
ip http authentication local
ip http timeout-policy idle 600 life 86400 requests 10000
!
!
control-plane
!
!
line con 0
 login local
line aux 0
 login local
line vty 0 4
 privilege level 15
 login local
 transport input telnet
line vty 5 15
 privilege level 15
 login local
 transport input telnet
!
end

-----------------------------

Thanks!
grsteedCommented:
Just a quick look shows you have the following on the old and not the new.

router rip
 version 2
 network 172.19.0.0
 network 192.168.100.0
 network 192.168.103.0
 neighbor 192.168.100.1
 neighbor 192.168.103.2

ip classless
ip default-network 172.18.0.0

This can affect routing behavior.  Can you post the results of "show ip route"

Gary
chronolithAuthor Commented:
The new router is not connected to anything right now because the old router must maintain the connections.  Result from the old router (currently in production) is this:

Lawrence#sho ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 192.168.100.1 to network 172.18.0.0

R    192.168.12.0/24 [120/2] via 192.168.100.1, 00:00:18, Serial0/1
R    201.201.201.0/24 [120/2] via 192.168.100.1, 00:00:18, Serial0/1
C    172.19.0.0/16 is directly connected, Ethernet0/0
R*   172.18.0.0/16 [120/1] via 192.168.100.1, 00:00:18, Serial0/1
R    172.20.0.0/16 [120/2] via 192.168.100.1, 00:00:18, Serial0/1
R    172.22.0.0/16 [120/1] via 192.168.103.2, 00:00:11, Serial0/0
     10.0.0.0/32 is subnetted, 2 subnets
S       10.129.120.210 [1/0] via 192.168.100.1
S       10.129.120.212 [1/0] via 192.168.103.2
R    192.168.102.0/24 [120/2] via 192.168.100.1, 00:00:18, Serial0/1
                      [120/2] via 192.168.103.2, 00:00:12, Serial0/0
C    192.168.103.0/24 is directly connected, Serial0/0
C    192.168.100.0/24 is directly connected, Serial0/1
R    192.168.101.0/24 [120/1] via 192.168.100.1, 00:00:18, Serial0/1

Stupid question from before - Do I need to enable RIP?
grsteedCommented:
I would say Yes, since there are 7 networks that were discovered by RIP. It's easier to let the routing protocol do it's job rather than maintaining a bunch of static entries.

One net that you don't have a static route for is

R    201.201.201.0/24 [120/2] via 192.168.100.1, 00:00:18, Serial0/1


Gary
 

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
chronolithAuthor Commented:
That 201 network I have been told is a relic from years ago.  No longer used.

I will enable RIP but I still don't understand why that would affect my install the way it did.  One interface came up well and I could ping the other side and even the network one hop beyond.  The other interface (reaching out to 192.168.100.1) just would not respond, even though sho int serial0/1/0 showed the interface and line protocols as "up".

Thanks everybody so far...
grsteedCommented:
I would add these lines along with RIP.

ip classless
ip default-network 172.18.0.0

IP Classless will affect the routing behavior if you have routes that don't fall on classful boundries such as these.

     10.0.0.0/32 is subnetted, 2 subnets
S       10.129.120.210 [1/0] via 192.168.100.1
S       10.129.120.212 [1/0] via 192.168.103.2

Also you say the 201 net is nolong being used. It was found by RIP so it's still configured somewhere in your network.

Gary
chronolithAuthor Commented:
OK.  I have configged as suggested and I hope to test it tonight or tomorrow.

Question - Do I need to remove the 0.0.0.0 route since I now have a default-network entry in the config?
grsteedCommented:
> Do I need to remove the 0.0.0.0 route

I would. They both efectively do the same thing

Gary
grsteedCommented:
Thanks for the points!!

It sounds like you were sucessful.  Glad I could help.

Gary
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking

From novice to tech pro — start learning today.