RIP Help, Cisco 2511 and 2501

[andrew4728]

Howdy, I'm having problems with RIP between a 2511 and a 2501. my setup is pretty simple, and I am pretty much messing with RIP to learn it right now.
My setup is as follows :
Cable modem <-E0-> 2511 <E1> Switch <-> computers
AND 2511 <S0> 2501

nothing is plugged into the 2501 at this time.
I have rip setup and working internally, both routers can communicate with each other perfectly fine, the 2501 can ping my pcs on my network, but I am trying to get RIP to advertise my cable connection over to the 2501. I can't seem to get it to work right and though perhaps someone could give me some pointers?

Now bare with me, I am quite new with Ciscos and some of the commands I have in my config I'm not even 100 percent sure of, so if you see something stupid, or confusing, let me know!!

PS, right now I have no RIP entries in for my cable modem connection as I am not sure what to put. I have tried several things, including my ISPs default gateway network, and 0.0.0.0, but not luck.. was not able to find this info on the FAQ/forum/google

** R1 2511 **

Current configuration : 2229 bytes
!
!
version 12.2
service timestamps debug datetime localtime
service timestamps log datetime localtime
service password-encryption
!
hostname "R1"
!
enable secret
enable password
!
clock timezone Central -5
ip subnet-zero
no ip source-route
ip name-server 68.13.x.x
ip name-server 68.13.x.x
!
ip dhcp pool client
import all
network 192.168.1.0 255.255.255.0
dns-server 68.13.x.x
default-router 192.168.1.1
!
!
!
!
interface Ethernet0
description CABLE MODEM
ip address dhcp client-id Ethernet0
ip access-group 100 in
ip nat outside
no ip mroute-cache
no cdp enable
no mop enabled
!
interface Ethernet1
description LAN SWITCH
ip address 192.168.1.1 255.255.255.0
ip access-group 101 in
ip nat inside
no ip mroute-cache
no cdp enable
!
interface Serial0
ip address 192.168.2.1 255.255.255.0
!
interface Serial1
no ip address
shutdown
!
router rip
network 192.168.1.0
network 192.168.2.0
!
ip nat inside source list 101 interface Ethernet0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 68.13.32.1 254
no ip http server

!
line con 0
line aux 0
line vty 0 4
password 7
login
!
end

** R2 2501 **
Current configuration:
!
version 11.1
service slave-log
service password-encryption
service udp-small-servers
service tcp-small-servers
!
hostname R2
!
enable secret
enable password
!
!
interface Ethernet0
no ip address
shutdown
!
interface Serial0
ip address 192.168.2.2 255.255.255.0
clockrate 4000000
!
interface Serial1
no ip address
shutdown
!
router rip
network 192.168.2.0
!
ip default-gateway 192.168.2.1
ip name-server 68.13.x.x
ip name-server 68.13.x.x
no ip classless
!
line con 0
line aux 0
line vty 0 4
password
login
!
end

Thank you for all your help!

 

[andrew4728]

ACK, I was smoking some crack when I wrote that above, the 2511 = 2514 !!!
2 ethernets and 2 Serials.

 

[Jsteve]

where is the access (100/101) config from R1?

 

[andrew4728]

I'm sorry, I left that info out for security reasons, but it's no biggy, I guess the ACL's could be a possible problem huh..
here :

access-list 100 deny ip 10.0.0.0 0.255.255.255 any log
access-list 100 deny ip 172.16.0.0 0.15.255.255 any log
access-list 100 deny ip 192.168.0.0 0.0.255.255 any log
access-list 100 deny ip any host 127.0.0.1 log
access-list 100 deny tcp any any eq 22222 log
access-list 100 deny tcp any any range 60000 60020 log
access-list 100 deny udp any any eq snmp log
access-list 100 permit tcp any 192.168.1.0 0.0.0.255 established
access-list 100 deny ip 192.168.1.0 0.0.0.255 any log
access-list 100 permit ip any any
access-list 101 permit ip 192.168.1.0 0.0.0.255 any

Those are my only ACL's at the moment.

Thanks

 

[andrew4728]

Here is a network Diagram I created for my current network :

Anyone have any ideas how I can get RIP to advertise my cable modem connection to the 2501?

Anything I am doing wrong in my configs?
Any info helps....

Thanks all!!

 

[andrew4728]

Anyone have any ideas how I can get this working?
Default gateway to my ISP = 68.13.32.1

sh ip route on each router :

ROUTER1
Gateway of last resort is 68.13.32.1 to network 0.0.0.0

68.0.0.0/21 is subnetted, 1 subnets
C 68.13.32.0 is directly connected, Ethernet0
C 192.168.1.0/24 is directly connected, Ethernet1
C 192.168.2.0/24 is directly connected, Serial0
S* 0.0.0.0/0 [254/0] via 68.13.32.1


ROUTER2
Gateway of last resort is 192.168.1.1 to network 0.0.0.0

R 68.0.0.0/8 [120/1] via 192.168.2.1, 00:00:20, Serial0
R 192.168.1.0/24 [120/1] via 192.168.2.1, 00:00:20, Serial0
C 192.168.2.0/24 is directly connected, Serial0
S* 0.0.0.0/0 [1/0] via 192.168.1.1

 

[Nettekkie1010]

In the 2511 under ROUTER RIP place this command:
redistribute static metric 1

In the 2501 place the following command:
ip classless

 

[RichardHuang]

In fact, you shouldn't propagate the cable modem's network to your inside because the default route can make you go to Internet. Also, it seems that the R1 has already send the cable modem's network to R2. This is the entry of routing table of R2:
R 68.0.0.0/8 [120/1] via 192.168.2.1, 00:00:20, Serial0
RIP version1 is classful so it carries the whole network.

 

[andrew4728]

Well I tried the changes you suggested Nettekkie1010, and still not pinging anything from R2 (2501).

I'm not sure why the 68.0.0.0 network is showing up in R2's ip route table, because in R1 the only networks I have set to broadcast through rip is 192.168.1.0 and 192.168.2.0.

When I trace to my name server 68.13.16.25 from R2, it goes to 192.168.2.1 and then I get 29 timeouts.

Any clue what I'm doing wrong? I really appreciate your help!!

Here are my new run configs and sh ip routes :

R1 Show Run :

hostname "R1"
!
enable secret
enable password
!
clock timezone Central -5
no ip subnet-zero
ip name-server 68.13.16.25
ip name-server 68.13.16.30
!
ip dhcp pool client
import all
network 192.168.1.0 255.255.255.0
dns-server 68.13.16.25
default-router 192.168.1.1
!
!
!
!
interface Ethernet0
description CABLE MODEM
ip address dhcp client-id Ethernet0
ip access-group 100 in
ip nat outside
no ip mroute-cache
no mop enabled
!
interface Ethernet1
description LAN SWITCH
ip address 192.168.1.1 255.255.255.0
ip access-group 101 in
ip nat inside
no ip mroute-cache
!
interface Serial0
ip address 192.168.2.1 255.255.255.0
!
interface Serial1
no ip address
shutdown
!
router rip
version 2
redistribute static metric 1
network 192.168.1.0
network 192.168.2.0
neighbor 192.168.2.2
!
ip nat inside source list 101 interface Ethernet0 overload
ip nat inside source static tcp 192.168.1.100 6346 interface Ethernet0 6346
ip nat inside source static tcp 192.168.1.110 3389 interface Ethernet0 3389
ip classless
ip route 0.0.0.0 0.0.0.0 68.13.32.1 254
no ip http server
!
!
access-list 100 permit ip host 10.100.160.1 any
access-list 100 deny ip 10.0.0.0 0.255.255.255 any log
access-list 100 deny ip 172.16.0.0 0.15.255.255 any log
access-list 100 deny ip 192.168.0.0 0.0.255.255 any log
access-list 100 deny ip any host 127.0.0.1 log
access-list 100 deny tcp any any eq 22222 log
access-list 100 deny tcp any any range 60000 60020 log
access-list 100 deny udp any any eq snmp log
access-list 100 permit tcp any 192.168.1.0 0.0.0.255 established
access-list 100 deny ip 192.168.1.0 0.0.0.255 any log
access-list 100 permit ip any any
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
dialer-list 1 protocol ip permit
dialer-list 1 protocol ipx permit
!
line con 0
line aux 0
line vty 0 4
password
login
!
end

R1 Show IP Routes :

Gateway of last resort is 68.13.32.1 to network 0.0.0.0

68.0.0.0/21 is subnetted, 1 subnets
C 68.13.32.0 is directly connected, Ethernet0
C 192.168.1.0/24 is directly connected, Ethernet1
C 192.168.2.0/24 is directly connected, Serial0
S* 0.0.0.0/0 [254/0] via 68.13.32.1

R2 Sh run :

hostname R2
!
enable secret
enable password
!
!
interface Ethernet0
no ip address
shutdown
!
interface Serial0
ip address 192.168.2.2 255.255.255.0
clockrate 4000000
!
interface Serial1
no ip address
shutdown
!
router rip
version 2
network 192.168.2.0
neighbor 192.168.2.1
!
ip name-server 68.13.16.25
ip name-server 68.13.16.30
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.1.1
!
line con 0
line aux 0
line vty 0 4
password
login
!
end

R2 Sh IP Route :

Gateway of last resort is 192.168.1.1 to network 0.0.0.0

R 68.0.0.0/8 [120/1] via 192.168.2.1, 00:00:11, Serial0
R 192.168.1.0/24 [120/1] via 192.168.2.1, 00:00:11, Serial0
C 192.168.2.0/24 is directly connected, Serial0
S* 0.0.0.0/0 [1/0] via 192.168.1.1

 

[lui3]

redistribute static metric 1

this tells the router to redistribute all statically defined networks with a metric of 1. in your case you have a static network defined for the default gateway

ip route 0.0.0.0 0.0.0.0 68.13.32.1 254


which is advertised to 192.168.2.2 as 68.0.0.0

Lui3
CCNP,CCDA,A+/Net+
Cisco Wireless Specialization

 

[RichardHuang]

From your configuration, you should be able to ping 192.168.1.1 from R2, but you can't ping outside.

For R2's default route, you should change the next hop from 192.168.1.1 to 192.168.2.1

On R1, 192.168.2.0 network need to be add to access-list 101.

So far I found these problems.
Good luck.

 

[andrew4728]

OK, I still can't get it working.
To simplify things, I have turned off my ACLs to make sure they aren't interfering in any way.
I have the default gateway on R1 set to my ISPs router. R2 is set to 192.168.2.1 (S0 on R1)
pings to 68.13.16.25 (cox name server) is still failing from R2, traces show it goes to 192.168.2.1 and nothing afterwards.

Do my RIP settings look ok for what I am trying to do?

My current configs and SH IP ROUTES :

**R1 SH RUN **

version 12.2
service timestamps debug datetime localtime
service timestamps log datetime localtime
service password-encryption
!
hostname "R1"
!
enable secret
enable password
!
clock timezone Central -5
no ip subnet-zero
ip name-server 68.13.16.25
ip name-server 68.13.16.30
!
ip dhcp pool client
import all
network 192.168.1.0 255.255.255.0
dns-server 68.13.16.25
default-router 192.168.1.1
!
!
!
!
interface Ethernet0
description CABLE MODEM
ip address dhcp client-id Ethernet0
ip nat outside
no ip mroute-cache
no mop enabled
!
interface Ethernet1
description LAN SWITCH
ip address 192.168.1.1 255.255.255.0
ip nat inside
no ip mroute-cache
!
interface Serial0
ip address 192.168.2.1 255.255.255.0
!
interface Serial1
no ip address
shutdown
!
router rip
version 2
redistribute static metric 1
network 192.168.1.0
network 192.168.2.0
neighbor 192.168.2.2
!
ip nat inside source list 101 interface Ethernet0 overload
ip nat inside source static tcp 192.168.1.100 6346 interface Ethernet0 6346
ip nat inside source static tcp 192.168.1.110 3389 interface Ethernet0 3389
ip classless
ip route 0.0.0.0 0.0.0.0 68.13.32.1
no ip http server
!
!
access-list 100 permit ip host 10.100.160.1 any
access-list 100 deny ip 10.0.0.0 0.255.255.255 any log
access-list 100 deny ip 172.16.0.0 0.15.255.255 any log
access-list 100 deny ip 192.168.0.0 0.0.255.255 any log
access-list 100 deny ip any host 127.0.0.1 log
access-list 100 deny tcp any any eq 22222 log
access-list 100 deny tcp any any range 60000 60020 log
access-list 100 deny udp any any eq snmp log
access-list 100 permit tcp any 192.168.1.0 0.0.0.255 established
access-list 100 deny ip 192.168.1.0 0.0.0.255 any log
access-list 100 permit ip any any
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
dialer-list 1 protocol ip permit
dialer-list 1 protocol ipx permit
!
line con 0
line aux 0
line vty 0 4
password
login
!
end

**R1 SH IP ROUTE**

Gateway of last resort is 68.13.32.1 to network 0.0.0.0

68.0.0.0/21 is subnetted, 1 subnets
C 68.13.32.0 is directly connected, Ethernet0
C 192.168.1.0/24 is directly connected, Ethernet1
C 192.168.2.0/24 is directly connected, Serial0
S* 0.0.0.0/0 [1/0] via 68.13.32.1

**R2 SH RUN**

version 11.1
service slave-log
service password-encryption
service udp-small-servers
service tcp-small-servers
!
hostname R2
!
enable secret
enable password
!
!
interface Ethernet0
no ip address
shutdown
!
interface Serial0
ip address 192.168.2.2 255.255.255.0
clockrate 4000000
!
interface Serial1
no ip address
shutdown
!
router rip
version 2
network 192.168.2.0
neighbor 192.168.2.1
!
ip name-server 68.13.16.25
ip name-server 68.13.16.30
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.2.1
!
line con 0
line aux 0
line vty 0 4
password
login
!
end

**R2 SH IP ROUTE **

Gateway of last resort is 192.168.2.1 to network 0.0.0.0

R 192.168.1.0/24 [120/1] via 192.168.2.1, 00:00:20, Serial0
C 192.168.2.0/24 is directly connected, Serial0
S* 0.0.0.0/0 [1/0] via 192.168.2.1

Thank you all once again for all your help and suggestions.

 

[RedCTR]

Andrew, not sure if this was ever sorted but it is simply that your NAT rule did not include the Source Address of the 192.168.2.0. You cannot simply turn off your ACLs as they are defining the NAT Source translations. Because your ISP is using public addresses and you have used a private scheme you need to NAT. Your packets will be leaving your router and being dropped by the ISP router upstream.

 

[andrew4728]

RedCTR, you rock bigtime!
I had given up on RIP and not touched it since the last post I made.
What you are saying makes perfect since and I can't believe I missed that..
I included 192.168.2.0 0.0.0.255 into my NAT ACL, turned rip back on, and I can now ping yahoo.com or any other internet addresses from R2 !!!!

When I turned off my ACLs, I did not delete any of the ACLs (including the NAT ACL), I just removed the IP ACCESS-Group command from the interfaces..

Thank you for your help RedCTR!!!