Avatar of sanehpal
sanehpal asked on

Layer 2 Point to Point connection can ping but not anything else using cisco 2911

Hello all, i have a couple of questions,

I have a wan setup, 2 sites connected via a layer 2 point to point at COX.
 
network A can Ping everything on network B.  but that is it,  No rdp to the other servers. no telnet to the routers from A to B (or Vice Verse), nothing.
 
Are ACL's needed? Can I just allow everything through? all my static routes on the routers seem to be setup correctly.  and the firewalls on each side of the network have routes point to the other networks via point to point gateways(these are the 2911 on each prospective side)

 
What am I missing.  i can ping everything... but nothing else?  Please help:

Layout of the routers and pc's
RoutersNetwork ArchitectureCisco

Avatar of undefined
Last Comment
sanehpal

8/22/2022 - Mon
naderz

Please post scrubbed configs for the devices involved. To start with we need the 2911's and the Switch-PT
ASKER
sanehpal

the switch is a basic layer 2 switch, and I do not have access to the config.  It is at COX.

here are the configs for SiteA and SiteB

SITE A:
!
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname ANetwork2911
!
!
!
!
!
!
!
!
!
!
!
!
license udi pid CISCO2911/K9 sn FTX15246YYZ
!
!
!
!
!
spanning-tree mode pvst
!
!
!
!
interface GigabitEthernet0/0
 ip address 10.0.0.202 255.255.255.0
 duplex auto
 speed auto
!
interface GigabitEthernet0/1
 ip address 10.0.2.1 255.255.255.0
 duplex auto
 speed auto
!
interface GigabitEthernet0/2
 no ip address
 duplex auto
 speed auto
 shutdown
!
interface Vlan1
 no ip address
 shutdown
!
router rip
!
ip classless
ip route 10.0.3.0 255.255.255.0 10.0.2.3
ip route 10.0.4.0 255.255.255.0 10.0.2.4
!
!
!
!
!
!
!
line con 0
!
line aux 0
!
line vty 0 4
 login
!
!
!
end


SITE B:
!
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname BNetwork2911
!
!
!
!
!
!
!
!
!
!
!
!
license udi pid CISCO2911/K9 sn FTX1524ZT6E
!
!
!
!
!
spanning-tree mode pvst
!
!
!
!
interface GigabitEthernet0/0
 ip address 10.0.3.3 255.255.255.0
 duplex auto
 speed auto
!
interface GigabitEthernet0/1
 ip address 10.0.2.3 255.255.255.0
 duplex auto
 speed auto
!
interface GigabitEthernet0/2
 no ip address
 duplex auto
 speed auto
 shutdown
!
interface Vlan1
 no ip address
 shutdown
!
router rip
!
ip classless
ip route 10.0.0.0 255.255.255.0 10.0.2.1
ip route 10.0.4.0 255.255.255.0 10.0.2.4
!
!
!
!
!
!
!
line con 0
!
line aux 0
!
line vty 0 4
 login
!
!
!
end
naderz

If you can successfully ping, as you have mentioned earlier, across all devices, then you do have L1-3 connectivity working fine.

I see you have login specified under line vty, but I don't seen whether you have configured a password. That will be an issue. If you specify login and no password, then the router will not let you in. Also, you can specify telnet by the "transport line telnet" command under "line vty 0 4".
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck
ASKER
sanehpal

this was right after I cleaned the system and just put in a clean config,  I have not setup ssh or telnet,  but I do have other items on the network and I should be able to rdp into them but they seem to be blocked.

Do I need ACL's?
Soulja

Can you post the Packettracer file.
ASKER
sanehpal

here is the packettracer file
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Soulja

don't see it. Maybe need to change the file extension. Try .doc
ASKER
sanehpal

Ok one more try.  chance extension to from .doc to.pkt
SS-temp.doc
naderz

this was right after I cleaned the system and just put in a clean config,  I have not setup ssh or telnet,  but I do have other items on the network and I should be able to rdp into them but they seem to be blocked.

Do I need ACL's?

No, you don't need ACLs and the routers are not blocking the traffic. Please look at firewall settings on the Windows machines.

Once you setup transport telnet and password on the routers then you should be able to access them via telnet.
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
naderz

Try RDP after you have temporarily turned off firewall on the PCs.
ASKER
sanehpal

ok I will try this and get back to you guys.
Soulja

Which version of packet tracer are you using?
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ASKER
sanehpal

verion 6.01
ASKER CERTIFIED SOLUTION
Soulja

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
ASKER
sanehpal

That's what I thought, I think I am gonna have to chase down the COX guys and find out I'd they are doing something.