Solved

HSRP setup

Posted on 2010-11-24
6
715 Views
Last Modified: 2012-05-10
I am trying to get HSRP working on 2 Cisco 3640 routers running 12.4, but it only partially works.  When I ping an outside address I get this after disconnecting the WAN cable from 1 router:

Reply from 4.2.2.2: bytes=32 time=32ms TTL=54
Reply from 192.168.1.2: Destination host unreachable.
Reply from 4.2.2.2: bytes=32 time=33ms TTL=54
Reply from 192.168.1.2: Destination host unreachable.
Request timed out.
Reply from 192.168.1.2: Destination host unreachable.
Reply from 4.2.2.2: bytes=32 time=32ms TTL=54

Here is the config on the interfaces for both routers:
r1>
interface FastEthernet0/0
 description internal network
 ip address 192.168.1.3 255.255.255.0
 ip access-group 101 in
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
 standby 1 ip 192.168.1.4
 standby 1 priority 110
 standby 1 preempt
 standby 1 track FastEthernet1/0
!
interface FastEthernet1/0
 description internet
 ip address 173.x.x.13 255.255.255.248
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto

r2>
interface FastEthernet0/0
 description internal network
 ip address 192.168.1.2 255.255.255.0
 ip access-group 101 in
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
 standby 1 ip 192.168.1.4
 standby 1 preempt
 standby 1 track FastEthernet1/0

interface FastEthernet1/0
 description internet
 ip address 173.x.x.11 255.255.255.248
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto

Any ideas what may be causing the intermittent issue?
0
Comment
Question by:B1izzard
6 Comments
 
LVL 11

Expert Comment

by:diprajbasu
ID: 34210669
0
 
LVL 7

Expert Comment

by:expert1010
ID: 34211250
You have an acl 101 configured on the interface. You should allow the mc-address also. If you want to be specific you should allow 224.0.0.2 and udp port 1985.
0
 
LVL 7

Accepted Solution

by:
expert1010 earned 500 total points
ID: 34211467
This should do it.

access-list 101 permit udp any host 224.0.0.2 eq 1985
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 50

Expert Comment

by:Don Johnston
ID: 34212228
It would help to see the full configs from both routers.
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 34212238
Also, please post the output of a "show standby brief" from both routers when the WAN cable is connected.
0
 

Author Closing Comment

by:B1izzard
ID: 34213603
Nice.  You nailed it.  It is pinging properly.  I didn't think it was acl's at first because it was partially pinging, but now I'm guessing it was bouncing back and forth between r1 and r2 and causing the intermittent problem.  Thanks!
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

In a WLAN, anything you broadcast over the air can be intercepted.  By default a wireless network is wide open to all until security is configured. Even when security is configured information can still be intercepted! It is very important that you …
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now