?
Solved

Cannot ping through Cisco 1841 - why?

Posted on 2008-11-03
5
Medium Priority
?
1,144 Views
Last Modified: 2012-06-27
We just activated a new frame relay circuit.  We set up a test network but we cannot ping through
our router.  There are no firewalls at this time.

Question 1:  Any ideas on why we cannot ping from A to D?  There are some default commands under
int F0/0 which I do not recognize.

Question 2:  In browsing the whole config listing are there any changes you would recommend to
improve this config setup?

Point A is my laptop connected through a switch to our router.
Point B is Ether port and point C is serial frame relay port.
Point D is our suppliers router.

Laptop                              F0/0                         S0/0/0              Extranet
192.168.177.5 <--> 192.168.177.1 <--> 192.168.151.86 <--> 192.168.151.85
    A                                   B                                 C                          D

From A we can ping B and C but not D (this is what we are trying to fix).
From the router console port we can ping A,B,D but not C.
From telnet to B we can ping A and D but not C.
From telnet to C we can ping A, B and D.
Telnet is done using laptop at point A.

Below is an ip route listing followed by a config listing.

frcnty1841#sho ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 192.168.151.85 to network 0.0.0.0

     192.168.151.0/30 is subnetted, 1 subnets
C       192.168.151.84 is directly connected, Serial0/0/0
     192.168.177.0/28 is subnetted, 1 subnets
C       192.168.177.0 is directly connected, FastEthernet0/0
S*   0.0.0.0/0 [1/0] via 192.168.151.85

**********************************************************************

frcnty1841#sho start
Using 2141 out of 196600 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname frcnty1841
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200 debugging
logging console critical
enable secret 5 xxxxxxx
!
no aaa new-model

resource policy

clock timezone PSTime -8
clock summer-time PDT recurring
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
no ip source-route
ip cef
!
!
ip tcp synwait-time 10
!
!
no ip bootp server
no ip domain lookup
ip domain name shra.org
ip name-server 10.10.120.60
!
username root privilege 15 secret 5 xxxxxxxxxxx
!
!
!
interface FastEthernet0/0
 description Inside link facing ASA
 ip address 192.168.177.1 255.255.255.240
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip route-cache flow
 duplex auto
 speed auto
 no mop enabled
!
interface FastEthernet0/1
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip route-cache flow
 shutdown
 duplex auto
 speed auto
 no mop enabled
!
interface Serial0/0/0
 ip address 192.168.151.86 255.255.255.252
 encapsulation frame-relay IETF
 frame-relay map ip 192.168.151.85 16 IETF
 frame-relay interface-dlci 16
 frame-relay lmi-type cisco
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.151.85
!
no ip http server
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
!
logging trap debugging
no cdp run
!
control-plane
!
banner login ^CAuthorized access only!
 Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
 password 7 xxxx
 login
 transport output telnet
line aux 0
 password 7 xxxx
 login
 transport output telnet
line vty 0 4
 password 7 xxxx
 private
 login
 transport input telnet
line vty 5 15
 privilege level 15
 no login
 transport input telnet
!
scheduler allocate 4000 1000
end

frcnty1841#
0
Comment
Question by:dalva
  • 2
  • 2
5 Comments
 
LVL 10

Expert Comment

by:kyleb84
ID: 22871845

From A we can ping B and C but not D (this is what we are trying to fix).
- D must know about the route back to A, make sure it has a:
-- ip route 192.168.177.0 0.0.0.240 192.168.151.86

Your other results are just weird, like not being able to ping the router's own s0/0/0 int.... yet you can telnet to it...

Weird.

I'd do a:

conf t
int s0/0/0
shut
no shut
wr me
reload

0
 
LVL 2

Expert Comment

by:jcs5003
ID: 22872018
Just a stab in the dark, I don't see any router protocols running.
RIP
RIPv2
IGRP
EIGRP
0
 
LVL 1

Author Comment

by:dalva
ID: 22880283
Well, the ping problem was solved with a cold boot.  I was too close to the problem to see the obvious.

I am still interested in getting answers to Question 2.   300 easy points to be split for all good suggestions.
0
 
LVL 2

Accepted Solution

by:
jcs5003 earned 1200 total points
ID: 22889457
Everything looks pretty straight forward, therefore simple configs. I would suggest using ssh instead of telnet for security reasons.

If your entire network doesn't need access across (what looks to be a frame), you might want an ACL in there restricting who can send / receive data across the WAN.
Other than that looks good.
0
 
LVL 1

Author Closing Comment

by:dalva
ID: 31512883
Thanks for taking the time to review and comment on the config settings.
0

Featured Post

The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While it is possible to put two routes in place with the secondary having a higher metric, this may not always work. In the event of a failure that does not bring down the physical interface on the router the primary route is not removed. There is a…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

601 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question