We help IT Professionals succeed at work.
Get Started

unrecognised command or protocol when pinging external DNS Names

Troy Graham
Troy Graham asked
on
104 Views
Last Modified: 2019-11-21
Cisco Router Model: ISR-4331

When I try and ping any external DNS hostnames from the Cisco CLI I receive the following error. I can seem to ping external IP Addresses ok

tfs-mt-r1#ping 8.8.8.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 6/6/6 ms
tfs-mt-r1#ping google.com.au
% Unrecognized host or address, or protocol not running.

tfs-mt-r1#ping news.com.au
% Unrecognized host or address, or protocol not running.

Cisco Config is as follows:
Current configuration : 5242 bytes
!
version 15.5
service timestamps debug datetime msec
service timestamps log datetime msec
no platform punt-keepalive disable-kernel-core
platform hardware throughput level 300000
!
hostname tfs-mt-r1
!
boot-start-marker
boot-end-marker
!
!
vrf definition Mgmt-intf
 !
 address-family ipv4
 exit-address-family
 !
 address-family ipv6
 exit-address-family
!
!
aaa new-model
!
!
aaa authentication login userauth local
aaa authorization network groupauth local
!
!
!
!
!
!
aaa session-id common
!
!
!
!
!
!
!
!
!
!
!



no ip domain lookup
ip domain name totalfire.com.au
ip dhcp excluded-address 192.168.0.1 192.168.0.20
!
ip dhcp pool tfs-mt-lan
 network 192.168.0.0 255.255.255.0
 default-router 192.168.0.1
 dns-server 61.9.194.49
!
!
!
!
!
!
!
!
!
!
subscriber templating
!
multilink bundle-name authenticated
!
!
!
!
license udi pid ISR4331/K9 sn FDO21320SXJ
!
spanning-tree extend system-id
!
username nettkoadmin privilege 15 secret 5 $1$AbSJ$86I135KUtiQezkTfl91ey1
!
redundancy
 mode none
!
crypto ikev2 proposal azure-proposal
 encryption aes-cbc-256 aes-cbc-128 3des
 integrity sha1
 group 2
!
crypto ikev2 policy azure-policy
 proposal azure-proposal
!
crypto ikev2 keyring azure-keyring
 peer 23.101.213.101
  address 23.101.213.101
  pre-shared-key qigPJd5MFswI5AApL9A0tlpM4ABk8i2d
 !
!
!
crypto ikev2 profile azure-profile
 match address local interface GigabitEthernet0/0/0
 match identity remote address 23.101.213.101 255.255.255.255
 authentication local pre-share
 authentication remote pre-share
 keyring local azure-keyring
!
!
!
vlan internal allocation policy ascending
!
track 1 ip sla 1 reachability
 delay down 10 up 10
!
!
class-map type inspect match-any FIREOUT
 match protocol http
 match protocol https
 match protocol icmp
 match protocol ftp
!
policy-map type inspect INTERNET-POLICY
 class type inspect FIREOUT
  inspect
 class class-default
!
zone security inside
 description tfs LAN
zone security outside
 description Internet
zone-pair security TFS source inside destination outside
 service-policy type inspect INTERNET-POLICY
zone-pair security tfs-wan-lan source outside destination inside
!
!
!
!
!
!
!
crypto ipsec transform-set azure-ipsec-proposal-set esp-aes 256 esp-sha-hmac
 mode tunnel
!
!
crypto ipsec profile vti
 set transform-set azure-ipsec-proposal-set
 set ikev2-profile azure-profile
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Tunnel1
 ip address 169.252.0.1 255.255.255.0
 ip tcp adjust-mss 1350
 tunnel source GigabitEthernet0/0/0
 tunnel mode ipsec ipv4
 tunnel destination 23.101.213.101
 tunnel protection ipsec profile vti
!
interface GigabitEthernet0/0/0
 description Telstra WAN
 ip address 110.145.157.250 255.255.255.252
 ip nat outside
 ip tcp adjust-mss 1412
 negotiation auto
 ip virtual-reassembly
!
interface GigabitEthernet0/0/1
 description TFS MT Lan
 ip address 192.168.0.1 255.255.255.0
 ip nat inside
 ip tcp adjust-mss 1412
 negotiation auto
 ip virtual-reassembly
!
interface GigabitEthernet0/0/2
 ip address dhcp
 ip nat outside
 ip tcp adjust-mss 1412
 negotiation auto
 ip virtual-reassembly
!
interface GigabitEthernet0
 vrf forwarding Mgmt-intf
 no ip address
 shutdown
 negotiation auto
!
interface Vlan1
 no ip address
 shutdown
!
ip nat inside source static tcp 192.168.0.100 443 interface GigabitEthernet0/0/0 443
ip nat inside source static tcp 192.168.0.100 8000 interface GigabitEthernet0/0/0 8000
ip nat inside source static tcp 192.168.0.100 80 interface GigabitEthernet0/0/0 8080
ip nat inside source static tcp 192.168.0.100 5963 interface GigabitEthernet0/0/0 8001

ip nat inside source route-map nat2tid interface GigabitEthernet0/0/0 overload
ip nat inside source route-map net2wireless interface GigabitEthernet0/0/2 overload
ip forward-protocol nd
no ip http server
no ip http secure-server
ip tftp source-interface GigabitEthernet0/0/0
ip route 0.0.0.0 0.0.0.0 110.145.157.249 track 1
ip route 0.0.0.0 0.0.0.0 110.145.157.249
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0/2 10
ip route 8.8.4.4 255.255.255.255 GigabitEthernet0/0/0 permanent
ip route 172.16.0.0 255.255.0.0 Tunnel1
!
!
ip access-list extended nat-to-outside
 permit ip 192.168.0.0 0.0.0.255 any
!
ip sla 1
 icmp-echo 8.8.8.8 source-interface GigabitEthernet0/0/0
 frequency 5
ip sla schedule 1 life forever start-time now
access-list 101 permit tcp any any eq 3389
access-list 101 permit ip 192.168.0.0 0.0.255.255 any
access-list 102 permit icmp any host 8.8.4.4
access-list 102 permit icmp any host 8.8.8.8
dialer watch-list 1 ip 5.6.7.8 0.0.0.0
dialer watch-list 1 delay route-check initial 60
dialer watch-list 1 delay connect 1
dialer-list 1 protocol ip list 1
dialer-list 2 protocol ip permit
!
route-map track-primary-if permit 10
 match ip address 102
 set interface GigabitEthernet0/0/0
!
route-map nat2tid permit 10
 match ip address nat-to-outside 101
 match interface GigabitEthernet0/0/0
!
route-map nat2wireless permit 10
 match ip address 101
 match interface GigabitEthernet0/0/2
!
!
!
!
!
control-plane
!
!
line con 0
 stopbits 1
line aux 0
 stopbits 1
line vty 0 4
 privilege level 15
 transport input ssh
!
event manager applet NAT_CLEAR
 event track 1 state any
 action 0.0 cli command "enable"
 action 1.0 cli command "clear ip nat trans *"
!
end

Open in new window

Comment
Watch Question
Senior Network Engineer
CERTIFIED EXPERT
Top Expert 2012
Commented:
This problem has been solved!
Unlock 2 Answers and 3 Comments.
See Answers
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant

An Experts Exchange subscription includes unlimited access to online courses.

Get Started
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE