unrecognised command or protocol when pinging external DNS Names
Cisco Router Model: ISR-4331
When I try and ping any external DNS hostnames from the Cisco CLI I receive the following error. I can seem to ping external IP Addresses ok
tfs-mt-r1#ping 8.8.8.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 6/6/6 ms
tfs-mt-r1#ping google.com.au
% Unrecognized host or address, or protocol not running.
tfs-mt-r1#ping news.com.au
% Unrecognized host or address, or protocol not running.
Cisco Config is as follows:
Current configuration : 5242 bytes!version 15.5service timestamps debug datetime msecservice timestamps log datetime msecno platform punt-keepalive disable-kernel-coreplatform hardware throughput level 300000!hostname tfs-mt-r1!boot-start-markerboot-end-marker!!vrf definition Mgmt-intf ! address-family ipv4 exit-address-family ! address-family ipv6 exit-address-family!!aaa new-model!!aaa authentication login userauth localaaa authorization network groupauth local!!!!!!aaa session-id common!!!!!!!!!!!no ip domain lookupip domain name totalfire.com.auip dhcp excluded-address 192.168.0.1 192.168.0.20!ip dhcp pool tfs-mt-lan network 192.168.0.0 255.255.255.0 default-router 192.168.0.1 dns-server 61.9.194.49!!!!!!!!!!subscriber templating!multilink bundle-name authenticated!!!!license udi pid ISR4331/K9 sn FDO21320SXJ!spanning-tree extend system-id!username nettkoadmin privilege 15 secret 5 $1$AbSJ$86I135KUtiQezkTfl91ey1!redundancy mode none!crypto ikev2 proposal azure-proposal encryption aes-cbc-256 aes-cbc-128 3des integrity sha1 group 2!crypto ikev2 policy azure-policy proposal azure-proposal!crypto ikev2 keyring azure-keyring peer 23.101.213.101 address 23.101.213.101 pre-shared-key qigPJd5MFswI5AApL9A0tlpM4ABk8i2d !!!crypto ikev2 profile azure-profile match address local interface GigabitEthernet0/0/0 match identity remote address 23.101.213.101 255.255.255.255 authentication local pre-share authentication remote pre-share keyring local azure-keyring!!!vlan internal allocation policy ascending!track 1 ip sla 1 reachability delay down 10 up 10!!class-map type inspect match-any FIREOUT match protocol http match protocol https match protocol icmp match protocol ftp!policy-map type inspect INTERNET-POLICY class type inspect FIREOUT inspect class class-default!zone security inside description tfs LANzone security outside description Internetzone-pair security TFS source inside destination outside service-policy type inspect INTERNET-POLICYzone-pair security tfs-wan-lan source outside destination inside!!!!!!!crypto ipsec transform-set azure-ipsec-proposal-set esp-aes 256 esp-sha-hmac mode tunnel!!crypto ipsec profile vti set transform-set azure-ipsec-proposal-set set ikev2-profile azure-profile!!!!!!!!!!!!!interface Tunnel1 ip address 169.252.0.1 255.255.255.0 ip tcp adjust-mss 1350 tunnel source GigabitEthernet0/0/0 tunnel mode ipsec ipv4 tunnel destination 23.101.213.101 tunnel protection ipsec profile vti!interface GigabitEthernet0/0/0 description Telstra WAN ip address 110.145.157.250 255.255.255.252 ip nat outside ip tcp adjust-mss 1412 negotiation auto ip virtual-reassembly!interface GigabitEthernet0/0/1 description TFS MT Lan ip address 192.168.0.1 255.255.255.0 ip nat inside ip tcp adjust-mss 1412 negotiation auto ip virtual-reassembly!interface GigabitEthernet0/0/2 ip address dhcp ip nat outside ip tcp adjust-mss 1412 negotiation auto ip virtual-reassembly!interface GigabitEthernet0 vrf forwarding Mgmt-intf no ip address shutdown negotiation auto!interface Vlan1 no ip address shutdown!ip nat inside source static tcp 192.168.0.100 443 interface GigabitEthernet0/0/0 443ip nat inside source static tcp 192.168.0.100 8000 interface GigabitEthernet0/0/0 8000ip nat inside source static tcp 192.168.0.100 80 interface GigabitEthernet0/0/0 8080ip nat inside source static tcp 192.168.0.100 5963 interface GigabitEthernet0/0/0 8001ip nat inside source route-map nat2tid interface GigabitEthernet0/0/0 overloadip nat inside source route-map net2wireless interface GigabitEthernet0/0/2 overloadip forward-protocol ndno ip http serverno ip http secure-serverip tftp source-interface GigabitEthernet0/0/0ip route 0.0.0.0 0.0.0.0 110.145.157.249 track 1ip route 0.0.0.0 0.0.0.0 110.145.157.249ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0/2 10ip route 8.8.4.4 255.255.255.255 GigabitEthernet0/0/0 permanentip route 172.16.0.0 255.255.0.0 Tunnel1!!ip access-list extended nat-to-outside permit ip 192.168.0.0 0.0.0.255 any!ip sla 1 icmp-echo 8.8.8.8 source-interface GigabitEthernet0/0/0 frequency 5ip sla schedule 1 life forever start-time nowaccess-list 101 permit tcp any any eq 3389access-list 101 permit ip 192.168.0.0 0.0.255.255 anyaccess-list 102 permit icmp any host 8.8.4.4access-list 102 permit icmp any host 8.8.8.8dialer watch-list 1 ip 5.6.7.8 0.0.0.0dialer watch-list 1 delay route-check initial 60dialer watch-list 1 delay connect 1dialer-list 1 protocol ip list 1dialer-list 2 protocol ip permit!route-map track-primary-if permit 10 match ip address 102 set interface GigabitEthernet0/0/0!route-map nat2tid permit 10 match ip address nat-to-outside 101 match interface GigabitEthernet0/0/0!route-map nat2wireless permit 10 match ip address 101 match interface GigabitEthernet0/0/2!!!!!control-plane!!line con 0 stopbits 1line aux 0 stopbits 1line vty 0 4 privilege level 15 transport input ssh!event manager applet NAT_CLEAR event track 1 state any action 0.0 cli command "enable" action 1.0 cli command "clear ip nat trans *"!end
Thanks for your help. This seems to have done the trick.
Cheers
Troy