2509RJ Remote User Can't See Network

[Pathros]

Here is the problem. I have set up a 2509RJ as a PPP dialin server. Everything seems ok, but the remote user can't get a connection to the network. Now here is the odd part, I can ping the remote computer and browse its webserver. It seems like I have a reverse firewall, where I can get in but I can't get out.
Here is the Configuration:
!
version 11.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
no service udp-small-servers
no service tcp-small-servers
!
hostname AccessServer
!
enable secret 5 ilostmypassword
!
ip subnet-zero
no ip domain-lookup
!
interface Ethernet0
description connected to EthernetLAN
ip address xxx.xxx.198.95 255.255.255.0
no logging event subif-link-status
no keepalive
!
interface Serial0
no ip address
no logging event subif-link-status
shutdown
!
interface Group-Async1
ip unnumbered Ethernet0
encapsulation ppp
no logging event subif-link-status
async mode dedicated
peer default ip address pool Cisco2509-Group-1
no cdp enable
ppp authentication chap
group-range 1 8
!
ip local pool Cisco2509-Group-1 xxx.xxx.198.114 165.2.198.121
ip default-gateway xxx.xxx.198.1
ip classless
ip route 0.0.0.0 0.0.0.0 xxx.xxx.198.1
!
line con 0
exec-timeout 0 0
password xxxxx
login local
line 1 8
autoselect during-login
autoselect ppp
login local
modem InOut
modem autoconfigure discovery
transport input all
stopbits 1
speed 38400
flowcontrol hardware
line aux 0
line vty 0 4
password xxxxx
login
!
end

 

[BOJIKA]

Can remote user ping a host in the network?

 

[Pathros]

No, the remote user can't ping anything not even the router. However the router does show up in traceroute but the route ends there.

 

[BOJIKA]

Have a remote user a correct DNS server?

 

[Pathros]

DNS Server is set up correctly. This would not affect pinging by IP number.

 

[BOJIKA]

can remote user ping ethernet0 ?

 

[Pathros]

No, ethernet0 does not respond to ping, but I can tracert to it.

 

[BOJIKA]

Try
(config)#ip routing

 

[Pathros]

ip routing in turned on, but it does not show up in the config file. When I issue the "no ip routing" command that shows up in the config file, and I can no longer ping the remote user.

 

[wybnormal]

IP routing is on by default.. unless you intentionally turn it off.

The ping and traceroute are interesting.. Ping uses only ICMP as the protocol.. while traceroute uses UDP on the transmit side and ICMP on the response side.

You dont have any filters in place to block the ICMP? If traceroute ends at the router and no further, then the router doesnt have a path to the next hop(subnet).. you can always turn on debug ip icmp and then watch what happens when the ping is sent. this may provide a clue.

Post the printout from a SHO IP ROUTE and lets see if the router really knows who and what he's connected to.

MikeS "Diplomacy; the art of saying 'nice doggie' till you can find a rock" Wynn Catlin

 

[Pathros]

Gateway of last resort is xxx.xxx.198.1 to network 0.0.0.0

     xxx.xxx.0.0/16 is variably subnetted, 2 subnets, 2 masks
C       xxx.xxx.198.114/32 is directly connected, Async1
C       xxx.xxx.198.0/24 is directly connected, Ethernet0
S*   0.0.0.0/0 [1/0] via xxx.xxx.198.1

I also turned on debug ICMP but it did not spit out any information when I sent the pings. When I ping from the router console I can see the network.