Hello people,
I am having a weird issue at my hand an that is that I am unable to ping any interface when I am on the CLI of the router.
Perhaps that any one could see what went wrong in the config.
Current configuration : 7717 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
service sequence-numbers
!
hostname NW
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
logging buffered 51200 warnings
logging console critical
enable secret 5 $1$---------------
!
no aaa new-model
clock timezone GMT 1
clock summer-time GMT date Mar 30 2002 1:00 Oct 26 2035 1:59
!
crypto pki trustpoint TP-self-signed-2216560722
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2216560722
revocation-check none
rsakeypair TP-self-signed-2216560722
!
!
crypto pki certificate chain TP-self-signed-2216560722
certificate self-signed 02
30820250 308201B9 A0030201 02020102 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32323136 35363037 3232301E 170D3032 30333031 30303138
30365A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 32313635
36303732 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100B9D2 FD6BADA9 3377AE70 471F0809 4D1FDFCB 73801326 F5336954 7B5CD0CA
21EBAC37 145CBBBF 8441970A 2CCD1CA6 92D1F203 82B948DE A48C7EBF 827418A0
8D9E39ED F4CB7EED 584E3FC6 D5802CE3 4A1A14A5 DE2F2D9C 9D5A34B9 CFAC4F66
4F6C22D9 0FC32A46 B8ABB216 04757F20 27128AAF 51047562 F5D7B33B 287FED67
D5FD0203 010001A3 78307630 0F060355 1D130101 FF040530 030101FF 30230603
551D1104 1C301A82 184E572D 53636861 66742E79 6F757264 6F6D6169 6E2E636F
6D301F06 03551D23 04183016 8014099A D2AF2C5C ACD8F046 31E74B03 E2868398
C990301D 0603551D 0E041604 14099AD2 AF2C5CAC D8F04631 E74B03E2 868398C9
90300D06 092A8648 86F70D01 01040500 03818100 08A81EFE 9BADA458 53770A09
76306E02 FDB894E5 401472A3 EEB0E66C 7A9E1CFB B9A074DD B4725039 930DA9EE
0E63B1E9 65482B14 F6948A95 EEBDEBDA DC2E3218 B06278BE C462C4CC CBA55ADC
AB8B0FE6 11877541 DCE3F690 716F5DC4 7EAC8DE5 7AA7F8F4 A4928591 567CBC5B
0A39283A AEA21CFB B380E631 1662818F D34698E5
quit
dot11 syslog
!
dot11 ssid NW-Schaft
vlan 1
authentication open
authentication key-management wpa
mbssid guest-mode
wpa-psk ascii 7 04111111
!
no ip source-route
ip vrf data
rd 65535:1
route-target export 65535:1
route-target import 65535:1
!
ip vrf voice
rd 65535:2
route-target export 65535:2
route-target import 65535:2
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.3.1 192.168.3.99
ip dhcp excluded-address 10.0.3.97
!
ip dhcp pool DATA
network 192.168.3.0 255.255.255.0
default-router 192.168.3.10
dns-server 213.144.235.1
!
!
ip dhcp pool VOICE
network 10.0.3.96 255.255.255.224
default-router 10.0.3.97
dns-server 213.144.235.1
!
!
ip cef
no ip bootp server
no ip domain lookup
ip domain name yourdomain.com
ip name-server 213.144.235.1
ip name-server 213.144.235.2
!
!
!
!
username ---- privilege 15 secret 5 ---
!
!
crypto isakmp policy 1
encr aes
hash md5
authentication pre-share
group 2
lifetime 28800
crypto isakmp key ----- address 195.35.X.X
!
!
crypto ipsec transform-set myset esp-aes esp-md5-hmac
!
crypto map ipsec-remoteoffice 11 ipsec-isakmp
set peer 195.35.216.118
set transform-set myset
set pfs group2
match address 102
!
archive
log config
hidekeys
!
!
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
!
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
!
interface ATM0.1 point-to-point
description NW-Schaft_DSL_PVC1
pvc 0/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface ATM0.2 point-to-point
description NW-Schaft_DSL_PVC2
pvc 0/37
vbr-rt 96 96 1
encapsulation aal5mux ppp dialer
dialer pool-member 2
!
!
interface FastEthernet0
ip vrf forwarding data
!
interface FastEthernet1
switchport access vlan 2
!
interface FastEthernet2
switchport mode trunk
!
interface FastEthernet3
switchport mode trunk
!
interface Dot11Radio0
no ip address
!
encryption vlan 1 mode ciphers aes-ccm tkip
!
broadcast-key vlan 1 change 30
!
!
ssid NW
!
mbssid
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no cdp enable
!
interface Vlan1
description DATA_VLAN$ES_LAN$
ip vrf forwarding data
ip address 192.168.3.10 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
interface Vlan2
description VOICE_VLAN
ip vrf forwarding voice
ip address 10.0.3.97 255.255.255.224
ip virtual-reassembly
ip tcp adjust-mss 1452
!
interface Dialer1
ip vrf forwarding data
ip address negotiated
ip access-group 1 out
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication pap callin
ppp pap sent-username ------ password 7 --------
crypto map ipsec-remoteoffice
!
interface Dialer2
ip vrf forwarding voice
ip unnumbered Vlan2
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip virtual-reassembly
encapsulation ppp
dialer pool 2
dialer-group 2
no cdp enable
ppp authentication pap callin
ppp pap sent-username ------ password 7 ------------
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 89.146.63.27 255.255.255.255 Dialer2
ip route 172.31.161.250 255.255.255.255 Dialer2
ip route vrf data 0.0.0.0 0.0.0.0 Dialer1
ip route vrf voice 0.0.0.0 0.0.0.0 Dialer2
no ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
no ip nat service sip udp port 5060
ip nat inside source list 101 interface Dialer1 vrf data overload
ip nat inside source list 1 interface Dialer1 overload
!
logging trap debugging
access-list 1 permit 192.168.3.0 0.0.0.255
access-list 1 permit any
access-list 23 permit 195.35.216.118
access-list 23 permit 82.94.79.12
access-list 23 permit 192.168.3.0 0.0.0.255
access-list 23 permit 84.246.25.0 0.0.0.255
access-list 23 permit 172.31.255.0 0.0.0.255
access-list 23 permit 213.144.0.0 0.0.255.255
access-list 23 permit 92.65.31.32 0.0.0.7
access-list 101 permit ip 192.168.3.0 0.0.0.255 any
access-list 102 permit ip 192.168.3.0 0.0.0.255 172.16.6.0 0.0.0.255
access-list 102 permit ip 172.16.6.0 0.0.0.255 192.168.3.0 0.0.0.255
dialer-list 1 protocol ip permit
dialer-list 2 protocol ip permit
no cdp run
!
^C
!
line con 0
login local
no modem enable
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
end
I am having a weird issue at my hand an that is that I am unable to ping any interface when I am on the CLI of the router.
Perhaps that any one could see what went wrong in the config.
Current configuration : 7717 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
service sequence-numbers
!
hostname NW
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
logging buffered 51200 warnings
logging console critical
enable secret 5 $1$---------------
!
no aaa new-model
clock timezone GMT 1
clock summer-time GMT date Mar 30 2002 1:00 Oct 26 2035 1:59
!
crypto pki trustpoint TP-self-signed-2216560722
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2216560722
revocation-check none
rsakeypair TP-self-signed-2216560722
!
!
crypto pki certificate chain TP-self-signed-2216560722
certificate self-signed 02
30820250 308201B9 A0030201 02020102 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32323136 35363037 3232301E 170D3032 30333031 30303138
30365A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 32313635
36303732 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100B9D2 FD6BADA9 3377AE70 471F0809 4D1FDFCB 73801326 F5336954 7B5CD0CA
21EBAC37 145CBBBF 8441970A 2CCD1CA6 92D1F203 82B948DE A48C7EBF 827418A0
8D9E39ED F4CB7EED 584E3FC6 D5802CE3 4A1A14A5 DE2F2D9C 9D5A34B9 CFAC4F66
4F6C22D9 0FC32A46 B8ABB216 04757F20 27128AAF 51047562 F5D7B33B 287FED67
D5FD0203 010001A3 78307630 0F060355 1D130101 FF040530 030101FF 30230603
551D1104 1C301A82 184E572D 53636861 66742E79 6F757264 6F6D6169 6E2E636F
6D301F06 03551D23 04183016 8014099A D2AF2C5C ACD8F046 31E74B03 E2868398
C990301D 0603551D 0E041604 14099AD2 AF2C5CAC D8F04631 E74B03E2 868398C9
90300D06 092A8648 86F70D01 01040500 03818100 08A81EFE 9BADA458 53770A09
76306E02 FDB894E5 401472A3 EEB0E66C 7A9E1CFB B9A074DD B4725039 930DA9EE
0E63B1E9 65482B14 F6948A95 EEBDEBDA DC2E3218 B06278BE C462C4CC CBA55ADC
AB8B0FE6 11877541 DCE3F690 716F5DC4 7EAC8DE5 7AA7F8F4 A4928591 567CBC5B
0A39283A AEA21CFB B380E631 1662818F D34698E5
quit
dot11 syslog
!
dot11 ssid NW-Schaft
vlan 1
authentication open
authentication key-management wpa
mbssid guest-mode
wpa-psk ascii 7 04111111
!
no ip source-route
ip vrf data
rd 65535:1
route-target export 65535:1
route-target import 65535:1
!
ip vrf voice
rd 65535:2
route-target export 65535:2
route-target import 65535:2
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.3.1 192.168.3.99
ip dhcp excluded-address 10.0.3.97
!
ip dhcp pool DATA
network 192.168.3.0 255.255.255.0
default-router 192.168.3.10
dns-server 213.144.235.1
!
!
ip dhcp pool VOICE
network 10.0.3.96 255.255.255.224
default-router 10.0.3.97
dns-server 213.144.235.1
!
!
ip cef
no ip bootp server
no ip domain lookup
ip domain name yourdomain.com
ip name-server 213.144.235.1
ip name-server 213.144.235.2
!
!
!
!
username ---- privilege 15 secret 5 ---
!
!
crypto isakmp policy 1
encr aes
hash md5
authentication pre-share
group 2
lifetime 28800
crypto isakmp key ----- address 195.35.X.X
!
!
crypto ipsec transform-set myset esp-aes esp-md5-hmac
!
crypto map ipsec-remoteoffice 11 ipsec-isakmp
set peer 195.35.216.118
set transform-set myset
set pfs group2
match address 102
!
archive
log config
hidekeys
!
!
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
!
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
!
interface ATM0.1 point-to-point
description NW-Schaft_DSL_PVC1
pvc 0/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface ATM0.2 point-to-point
description NW-Schaft_DSL_PVC2
pvc 0/37
vbr-rt 96 96 1
encapsulation aal5mux ppp dialer
dialer pool-member 2
!
!
interface FastEthernet0
ip vrf forwarding data
!
interface FastEthernet1
switchport access vlan 2
!
interface FastEthernet2
switchport mode trunk
!
interface FastEthernet3
switchport mode trunk
!
interface Dot11Radio0
no ip address
!
encryption vlan 1 mode ciphers aes-ccm tkip
!
broadcast-key vlan 1 change 30
!
!
ssid NW
!
mbssid
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no cdp enable
!
interface Vlan1
description DATA_VLAN$ES_LAN$
ip vrf forwarding data
ip address 192.168.3.10 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
interface Vlan2
description VOICE_VLAN
ip vrf forwarding voice
ip address 10.0.3.97 255.255.255.224
ip virtual-reassembly
ip tcp adjust-mss 1452
!
interface Dialer1
ip vrf forwarding data
ip address negotiated
ip access-group 1 out
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication pap callin
ppp pap sent-username ------ password 7 --------
crypto map ipsec-remoteoffice
!
interface Dialer2
ip vrf forwarding voice
ip unnumbered Vlan2
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip virtual-reassembly
encapsulation ppp
dialer pool 2
dialer-group 2
no cdp enable
ppp authentication pap callin
ppp pap sent-username ------ password 7 ------------
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 89.146.63.27 255.255.255.255 Dialer2
ip route 172.31.161.250 255.255.255.255 Dialer2
ip route vrf data 0.0.0.0 0.0.0.0 Dialer1
ip route vrf voice 0.0.0.0 0.0.0.0 Dialer2
no ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
no ip nat service sip udp port 5060
ip nat inside source list 101 interface Dialer1 vrf data overload
ip nat inside source list 1 interface Dialer1 overload
!
logging trap debugging
access-list 1 permit 192.168.3.0 0.0.0.255
access-list 1 permit any
access-list 23 permit 195.35.216.118
access-list 23 permit 82.94.79.12
access-list 23 permit 192.168.3.0 0.0.0.255
access-list 23 permit 84.246.25.0 0.0.0.255
access-list 23 permit 172.31.255.0 0.0.0.255
access-list 23 permit 213.144.0.0 0.0.255.255
access-list 23 permit 92.65.31.32 0.0.0.7
access-list 101 permit ip 192.168.3.0 0.0.0.255 any
access-list 102 permit ip 192.168.3.0 0.0.0.255 172.16.6.0 0.0.0.255
access-list 102 permit ip 172.16.6.0 0.0.0.255 192.168.3.0 0.0.0.255
dialer-list 1 protocol ip permit
dialer-list 2 protocol ip permit
no cdp run
!
^C
!
line con 0
login local
no modem enable
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
end