IP Route Tables - Point to Point Connection - Only Routing 1 way

Hi there,
I have a point to point connection but have come accross an issue.
Site 1 - This is the main office and this has the following setup
router internal 10.1.15.230 ( Wan Link 10.2.254.1 )
Site 2 - Branch Office
router internal 10.2.0.1 ( Wan Link 10.2.254.2 )
Now This is where I am confused, I am able to send ping commands
through the router Interfaces and so know the link is up and running.
I have a computer attached at the remote site on ip address 10.2.0.10
going through the router 10.2.0.1 Now when I am at the london office I
am able to do a tracert and it comes with the following
1
Reply to
SallyBridges
Loading thread data ...
I'm guessing that this is just a typo, but your information above says the WAN link on the central office side is .1, and yet your routing table on the remote router shows next hops of .2 which doesn't make any sense. Have you tried sourcing trace routes (type trace and hit enter) and source it from the LAN and WAN to see what happens. But to solve this quickly, please post a show ip route from both routers and your configs (password and other information omitted).
Reply to
Trendkill
REMOTE SITE
ksshorley1#sh conf Using 1210 out of 196600 bytes ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname ksshorley1 ! boot-start-marker boot-end-marker ! enable secret 5 $1$g3hc$2cASAnULZcJtpIAzbJR.j/ enable password cisco1 ! no aaa new-model ! resource policy ! mmi polling-interval 60 no mmi auto-configure no mmi pvc mmi snmp-timeout 180 ip subnet-zero ip cef ! ! no ip dhcp use vrf connected ! ! ip domain name int.kss.local ! ! ! ! interface FastEthernet0/0 description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0$$ES_LAN$$FW_INSIDE $ ip address 10.2.0.1 255.255.240.0 no ip redirects no ip unreachables no ip proxy-arp ip nat inside ip route-cache flow duplex auto speed auto no mop enabled ! interface FastEthernet0/1 description $ES_LAN$ no ip address shutdown duplex auto speed auto ! interface Serial0/0/0 description Wan InterFace to London ip address 10.2.254.1 255.255.255.0 load-interval 30 ! router eigrp 10 redistribute static network 10.0.0.0 no auto-summary ! ip classless ip route 0.0.0.0 0.0.0.0 Serial0/0/0 ! ip http server ! dialer-list 1 protocol ip permit ! control-plane ! ! line con 0 line aux 0 line vty 0 4 password cisco3 login ! end
ksshorley1#
ksshorley1#sh ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
D EX 204.71.220.0/24 [170/3077120] via 10.2.254.2, 1d20h, Serial0/0/0 10.0.0.0/8 is variably subnetted, 8 subnets, 4 masks C 10.2.0.0/20 is directly connected, FastEthernet0/0 D 10.1.0.0/20 [90/2172416] via 10.2.254.2, 1d20h, Serial0/0/0 D 10.1.16.0/20 [90/2174976] via 10.2.254.2, 1d20h, Serial0/0/0 D 10.220.200.156/30 [90/2684416] via 10.2.254.2, 1d20h, Serial0/0/0 D 10.220.200.164/30 [90/2684416] via 10.2.254.2, 1d20h, Serial0/0/0 D 10.220.200.160/30 [90/2684416] via 10.2.254.2, 1d20h, Serial0/0/0 C 10.2.254.0/24 is directly connected, Serial0/0/0 D 10.255.0.2/32 [90/2300416] via 10.2.254.2, 1d20h, Serial0/0/0 D EX 204.71.124.0/24 [170/3077120] via 10.2.254.2, 1d20h, Serial0/0/0 S* 0.0.0.0/0 is directly connected, Serial0/0/0 ksshorley1#
MAIN SITE
User Access Verification
Username: admin Password: ksshorley2#sh conf Using 2375 out of 196600 bytes ! version 12.4 no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone service password-encryption service sequence-numbers ! hostname ksshorley2 ! boot-start-marker boot-end-marker ! security authentication failure rate 3 log security passwords min-length 6 logging buffered 51200 debugging logging console critical enable secret 5 $1$pTJF$qos9j5QhInVUUFHVs/mE/0 ! no aaa new-model ! resource policy ! clock timezone PCTime 0 clock summer-time PCTime date Mar 30 2003 1:00 Oct 26 2003 2:00 mmi polling-interval 60 no mmi auto-configure no mmi pvc mmi snmp-timeout 180 ip subnet-zero no ip source-route ip cef ! ! ip tcp synwait-time 10 no ip dhcp use vrf connected ! ! no ip bootp server ip domain name int.kss.local ! username admin privilege 15 secret 5 $1$nWDD$qOglgk5ca3Nx4P5p0j7SN. ! ! ! interface FastEthernet0/0 description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0$$ES_LAN$$FW_INSIDE $ ip address 10.1.15.230 255.255.240.0 no ip redirects no ip unreachables no ip proxy-arp ip nat inside ip route-cache flow duplex auto speed auto no mop enabled ! interface FastEthernet0/1 no ip address no ip redirects no ip unreachables no ip proxy-arp ip route-cache flow shutdown duplex auto speed auto no mop enabled ! interface Serial0/0/0 description Wan Link to Horley ip address 10.2.254.2 255.255.255.0 no ip redirects no ip unreachables no ip proxy-arp ip nat outside ip route-cache flow ! router eigrp 10 network 10.0.0.0 no auto-summary ! ip classless ip route 0.0.0.0 0.0.0.0 Serial0/0/0 ! ip http server ip http authentication local ip http timeout-policy idle 60 life 86400 requests 10000 ip nat inside source list 1 interface Serial0/0/0 overload ! logging trap debugging access-list 1 remark INSIDE_IF=FastEthernet0/0 access-list 1 remark SDM_ACL Category=2 access-list 1 permit 10.1.0.0 0.0.15.255 no cdp run ! control-plane ! banner login ^CAuthorized access only! Disconnect IMMEDIATELY if you are not an authorized user!^C ! line con 0 login local transport output telnet line aux 0 login local transport output telnet line vty 0 4 privilege level 15 login local transport input telnet line vty 5 15 privilege level 15 login local transport input telnet ! scheduler allocate 4000 1000 end
ksshorley2#sh ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static rout o - ODR, P - periodic downloaded static route
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
D EX 204.71.220.0/24 [170/2565120] via 10.1.15.254, 3d02h, FastEthernet0/0 10.0.0.0/8 is variably subnetted, 8 subnets, 4 masks D 10.2.0.0/20 [90/2172416] via 10.2.254.1, 1d20h, Serial0/0/0 C 10.1.0.0/20 is directly connected, FastEthernet0/0 D 10.1.16.0/20 [90/30720] via 10.1.15.254, 3d02h, FastEthernet0/0 D 10.220.200.156/30 [90/1764352] via 10.1.15.254, 3d00h, FastEthernet0/ D 10.220.200.164/30 [90/1764352] via 10.1.15.254, 3d02h, FastEthernet0/ D 10.220.200.160/30 [90/1764352] via 10.1.15.254, 3d02h, FastEthernet0/ C 10.2.254.0/24 is directly connected, Serial0/0/0 D 10.255.0.2/32 [90/156160] via 10.1.15.254, 3d02h, FastEthernet0/0 D EX 204.71.124.0/24 [170/2565120] via 10.1.15.254, 3d02h, FastEthernet0/0 S* 0.0.0.0/0 is directly connected, Serial0/0/0 ksshorley2#
Reply to
SallyBridges
Your ksshorley1 router is performing network address translation (NAT) on traffic from the LAN side going across the WAN to the remote office. This is why hosts in the remote office LAN are not able to connect to hosts in the London LAN. If this does not make sense, look into information about NAT which will describe how NAT essentially hides IP addresses on the inside network by making them look like they are all coming from the outside IP address of the router running NAT. The router running NAT tracks return requests through a NAT table to make sure they go back to the original source on the inside network. Connections originating from the outside of the NAT router directly to IP addresses on the inside of the NAT router are not possible when NAT is running.
Please check to see why NAT is being used between offices. Normally there is no need to use NAT when both sides of the WAN connection have IP subnets which do not overlap and do not conflict in the routing table, such as yours. If there is no need for using NAT, enter the following commands to disable NAT:
ksshorley2(config)# no ip nat inside source list 1 interface Serial0/0/0 overload ksshorley2(config)# no access-list 1 ksshorley2(config)# interface Serial0/0/0 ksshorley2(config-if)# no ip nat ksshorley2(config-if)# interface FastEthernet0/0 ksshorley2(config-if)# no ip nat inside
To clean up, also enter the following to remove this dangling lone configuration command as well:
ksshorley1(config-if)# interface FastEthernet0/0 ksshorley1(config-if)# no ip nat inside
Both routers could use more specific static default routes if there is an Internet connection or more of the company network on either side. The static routes in the "ip route" commands on each router only specify an interface and do not specify the next hop IP address at the end of the command. This might only need attention if there is an Internet connection or other part of the network which would need a "catch all" entry like this default route command. If this works for you, then that is fine and not the cause as long as EIGRP is advertising the LAN subnets from each office between these routers.
Reply to
Scott Perry

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.