Link to home
Create AccountLog in
Avatar of Daenks
DaenksFlag for United States of America

asked on

Cisco 1841 wont route between connected subnets?

I have a brand new 1841 ISR. I have plugged it in, and plugged one cable into one of our subnets' swtiches (FE0/1 <---> 192.168.43.0) and one cable into the other subnets' switches (FE0/0 <---> 10.10.10.0)

My config is below.

Here is what i get from a "show ip route":

Gateway of last resort is 192.168.43.2 to network 0.0.0.0

C    192.168.43.0/24 is directly connected, FastEthernet0/1
     10.0.0.0/24 is subnetted, 1 subnets
C       10.10.10.0 is directly connected, FastEthernet0/0
S*   0.0.0.0/0 [1/0] via 192.168.43.2
               [1/0] via 10.10.10.1


here is my dilemma.

From a laptop on the 192 network (192.168.43.4) i can ping to any server on the 10 network (10.10.10.40 in this case) but no other traffic will pass.

ping 10.10.10.40:
Pinging 10.10.10.40 with 32 bytes of data:

Reply from 10.10.10.40: bytes=32 time<1ms TTL=128
Reply from 10.10.10.40: bytes=32 time<1ms TTL=128
Reply from 10.10.10.40: bytes=32 time<1ms TTL=128
Reply from 10.10.10.40: bytes=32 time<1ms TTL=128

nslookup:
DNS request timed out.
    timeout was 2 seconds.
*** Can't find server name for address 10.10.10.40: Timed out
DNS request timed out.
    timeout was 2 seconds.

telnet 10.10.10.40 3389: (to test if i can remote desktop)
Connecting To 10.10.10.40...Could not open connection to the host, on port 3389:
 Connect failed

All these work from a computer on the 10.10.10.0 network, there is no firewall on the server, and clients on the 192.168.43.0 network can access all of these services using the device i am trying to replace (a cisco ASA where traffic is natted, not routed)

I have run the ip routing command 100000x and i dont know what else to do. Isnt this da** thing just supposed to route between connected subnets automatically?



Current configuration : 941 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname PCG-Router1
!
boot-start-marker
boot-end-marker
!
enable password ***
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
ip cef
!
!
no ip dhcp use vrf connected
!
!
!
!
!
!
interface FastEthernet0/0
 ip address 10.10.10.254 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 192.168.43.3 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/0/0
!
interface FastEthernet0/0/1
!
interface FastEthernet0/0/2
!
interface FastEthernet0/0/3
!
interface Vlan1
 no ip address
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.10.10.1 permanent
ip route 0.0.0.0 0.0.0.0 192.168.43.2 permanent
!
ip http server
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
 password ***
 login
!
end

Open in new window

Avatar of vjlp
vjlp
Flag of United States of America image

you should not be having two default routes like how you have configured:

ip route 0.0.0.0 0.0.0.0 10.10.10.1 permanent
ip route 0.0.0.0 0.0.0.0 192.168.43.2 permanent

ideally, the default route on the router should point towards your internet router or firewall. If you dont have any .. (i.e..you only want communication between the two lan segments), then you can completely remove the default routes.
From priv mode, type 'ip routing enable' - by default, older Cisco routers are not configured to route traffic. This should have been corrected in the 1800 series but given hardware vendors' history, it's worth a try.
Avatar of Daenks

ASKER

the second default route is a temporary solution to allow both subnets to access the internet as the routing between the connected subnets isnt working. the true default router is 10.10.10.1

removing the line "ip route 0.0.0.0 0.0.0.0 192.168.43.2 permanent" has no effect on this issue.
try this

kill these 2 default routes

and make 2 static routes for the 2 subnets

ip route 192.168.43.0 255.255.255.0 192.168.43.3
ip route 10.10.10.0 255.255.255.0 10.10.10.254

this should work
Avatar of Daenks

ASKER

ip route 192.168.43.0 255.255.255.0 192.168.43.3
%Invalid next hop address (it's this router)
Avatar of Daenks

ASKER

so i tried this:

PCG-Router1(config)#ip route 192.168.43.0 255.255.255.0 FastEthernet0/1
PCG-Router1(config)#ip route 10.10.10.0 255.255.255.0 FastEthernet0/0

but i get the exact same result.
just one question what are the 2 ips you configured in your default routes ?
Avatar of Daenks

ASKER

Both of them are separate interfaces on an ASA, which currently NATs traffic between these two subnets.

this is what we are trying to do away with.
Step 1) install a router and make it the default gateway
Step 2) reconfigure the ASA to perform NAT for Internal <---> External Traffic only.

But this shouldnt matter i dont care about the internet connectivity, i need my 10.10.10.0 and 192.168.43.0 networks to talk to eachother using this router.
hm then try it with a dynamic routing protocoll

kill all static routes

type

(config)#router rip
(config-router)#network 192.168.43.0
(config-router)#network 10.0.0.0
ASKER CERTIFIED SOLUTION
Avatar of Daenks
Daenks
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
damn it :)