Solved

DMVPN routing problem

Posted on 2011-03-03
2
835 Views
Last Modified: 2012-05-11
I have set up a Cisco 881 as a hub that connects directly to our LAN router that is configured for static routing only.  The hub router is connected via a VLAN and has a currently pingable ip address assigned.  I have spoke that is successfully able to connect to the hub.  The hub can ping anything in the spokes LAN, but the spoke only goes as far as ping the hubs LAN ip address.  It will not ping anything beyond the hub.  I have set up eigrp on both the hub and the spoke and redistributed the static routes from the hub into EIGRP which can be seen on the spoke.
Not sure what else I have to add to get the traffic routing from the Tunnel to the hubs LAN.  Here is the hub config:

Current configuration : 2100 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname CAM-HUB
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
enable secret 5 $1$06RN$Ar1ebwjhzejsH6nY5rQcu0
!
no aaa new-model
!
!
ip source-route
!
!
!
!
ip cef
!
no ipv6 cef
!
multilink bundle-name authenticated
license boot module c880-data level advipservices
!
!
!
no spanning-tree vlan 1
username admin privilege 15 secret 5 $1$plKb$.GApNCGhmE5wQki9jam4H0
!
!
crypto isakmp policy 10
 hash md5
 authentication pre-share
crypto isakmp key cisco address 0.0.0.0 0.0.0.0
!
!
crypto ipsec transform-set strong esp-3des esp-md5-hmac
!
crypto ipsec profile cisco
 set security-association lifetime seconds 120
 set transform-set strong
!
!
archive
 log config
  hidekeys
!
!
!
!
!
interface Tunnel0
 ip address 172.16.9.1 255.255.255.0
 no ip redirects
 ip mtu 1440
 no ip next-hop-self eigrp 90
 ip nhrp authentication cisco
 ip nhrp map multicast dynamic
 ip nhrp network-id 1
 no ip split-horizon eigrp 90
 tunnel source FastEthernet4
 tunnel mode gre multipoint
 tunnel key 0
 tunnel protection ipsec profile cisco
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
 ip address 12.1.1.2 255.255.255.0
 duplex auto
 speed auto
!
interface Vlan1
 ip address 172.31.191.233 255.255.255.0
!
router eigrp 90
 redistribute static
 network 172.16.9.0 0.0.0.255
 network 172.31.191.0 0.0.0.255
 no auto-summary
!
ip default-gateway 172.31.191.1
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 12.1.1.1
ip route 172.31.0.0 255.255.0.0 172.31.191.1
ip route 172.31.191.0 255.255.255.0 172.31.191.1
ip route 172.31.191.0 255.255.255.0 Vlan1
ip route 172.31.225.0 255.255.255.224 172.16.10.2
no ip http server
no ip http secure-server
!
!
!
!
!
!
!
!
control-plane
!
!
line con 0
 password 7 0944410A12000E515F5E
 login local
 no modem enable
line aux 0
line vty 0 4
 password 7 020E0B5800031662181C
 login local
!
scheduler max-task-time 5000
end
0
Comment
Question by:Camarillo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 16

Accepted Solution

by:
SteveJ earned 500 total points
ID: 35040123
What's the source address that the spoke uses to ping stuff?

Good luck,
SteveJ
0
 

Author Closing Comment

by:Camarillo
ID: 35194062
Asked a good question that helped but didn't directly provide answer.
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read about achieving the basic levels of HRIS security in the workplace.
Keystroke loggers have been around for a very long time. While the threat is old, some of the remedies are new!
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question