Router on a stick query?

[t0mm0]

Can anyone one help.

I've been messing about with the router on a stick concept & trying to intergrate to it
with a Frame Relay (P2P later);



PC ------> SW --------> TP2 -- Frame Relay ----> TP1



I can ping TP2 (gateway) from my PC, but cannot ping back to PC, why is this?

Also why can't PC ping neighbouring network 192.168.2.101. Its connected to router
& I've even added an open static route, which has made no influence, can anyone advice
on that note too please??


(Configs & evidence below)






Testpod2#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is 192.168.2.100 to network 0.0.0.0

10.0.0.0/24 is subnetted, 1 subnets
C 10.10.1.0 is directly connected, FastEthernet0.20
C 192.168.2.0/24 is directly connected, Serial0
S* 0.0.0.0/0 [1/0] via 192.168.2.100
Testpod2#

----------------------------------------------------------------------------------------


Testpod2#sh run
Building configuration...

Current configuration : 3153 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Testpod2
!
boot-start-marker
boot-end-marker
!
logging buffered 4096 debugging
logging console emergencies
logging monitor alerts
enable secret 5 $1$a96q$jhnISk10PiSgcC2pe3j9g.
enable password notused
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no aaa new-model
ip subnet-zero
ip cef
!
!
!
ip audit po max-events 100
no ftp-server write-enable
!
!
username netadmin privilege 15 password 0 netadmin
!
!
!
!
!
interface BRI0
no ip address
shutdown
!
interface FastEthernet0
no ip address
speed auto
full-duplex

no snmp trap link-status
!
interface Serial0
ip address 192.168.2.101 255.255.255.0
encapsulation frame-relay
frame-relay map ip 192.168.2.102 220 broadcast
no frame-relay inverse-arp
!
interface Serial0.21 point-to-point
shutdown
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.2.100
ip route 10.10.1.0 255.255.255.0 10.10.1.0
no ip http server
ip http authentication local
ip http secure-server
!
dialer-list 1 protocol ip permit
banner login ^C
|| ||
|| ||
|| ||
|| .::::. ||
|| .::::::::. ||
|| ::::::::::: ||
|| ':::::::::::.. ||
|| :::::::::::::::' ||
|| ':::::::::::. ||
|| .::::::::::::::' ||
|| .:::::::::::... ||
|| ::::::::::::::'' ||
|| .:::. '::::::::'':::: ||
|| .::::::::. ':::::' ':::: ||
|| .::::':::::::. ::::: '::::. ||
|| .:::::' ':::::::::. ::::: ':::. ||
|| .:::::' ':::::::::.::::: '::. ||
|| .::::'' ':::::::::::::: '::. ||
|| .::'' ':::::::::::: :::... ||
|| ..:::: ':::::::::' .:' '''' ||
|| ..''''':' ':::::.' ||
|| ||
|| ||
|| ||
|| ||
|'================================================================'|^C
!
line con 0
line aux 0
line vty 0 4
password router
login local
transport input telnet ssh
!
end



==========================================================================================




Switch#sh run
Building configuration...

Current configuration : 1431 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch
!
!
ip subnet-zero
!
spanning-tree extend system-id
!
!
interface FastEthernet0/1
no ip address
!
interface FastEthernet0/2
switchport access vlan 20
switchport mode access
no ip address
!
interface FastEthernet0/3
no ip address
!
interface FastEthernet0/4
no ip address
!
interface FastEthernet0/5
no ip address
!
interface FastEthernet0/6
no ip address
!
interface FastEthernet0/7
no ip address
!
interface FastEthernet0/8
no ip address
!
interface FastEthernet0/9
no ip address
interface FastEthernet0/10
no ip address
!
interface FastEthernet0/11
switchport mode trunk
no ip address
!
interface FastEthernet0/12
no ip address
!
interface FastEthernet0/13
no ip address
!
interface FastEthernet0/14
no ip address
!
interface FastEthernet0/15
no ip address
!
interface FastEthernet0/16
no ip address
!
interface FastEthernet0/17
no ip address
!
interface FastEthernet0/18
no ip address
!
interface FastEthernet0/19
no ip address
!
interface FastEthernet0/20
no ip address
!
interface FastEthernet0/21
no ip address
!
interface FastEthernet0/22
no ip address
!
interface FastEthernet0/23
no ip address
!
interface FastEthernet0/24
no ip address
interface Vlan1
no ip address
no ip route-cache
shutdown
!
ip http server
!
!
line con 0
line vty 5 15
!
end

 

[unclerico]

I can ping TP2 (gateway) from my PC, but cannot ping back to PC, why is this?

Is the PC a Windows box? Does it have a firewall turned on? Where are you trying to source the ping from, TP2??

Also why can't PC ping neighbouring network 192.168.2.101

It could be a few different things. You need to post configs from both TP1 and TP2 as well as the frame-relay switch.

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)

 

[t0mm0]

Unclerico thanks, just as you mentioned the firewall, I enabled it & it worked thanks.

As for my second query, I do not have a Frame relay switch included within the scenario,
but here is my TP1 config as the TP1 is in the original post.




======================================================================



testpod1#sh run
Building configuration...

Current configuration : 3013 bytes
!
version 12.1
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname testpod1
!
logging buffered 4096 debugging
logging console emergencies
logging monitor alerts
enable secret 5 $1$FWrG$PYVeCnd4oTVKsvQMr27vp0
enable password 7 151C041811392E20
!
username netadmin password 7 000A1612055F060F01
!
!
!
!
ip subnet-zero

no ip domain-lookup
!
frame-relay switching
!
!
!
!
!
!
!
interface Ethernet0/0
ip address 10.10.1.200 255.255.255.0
full-duplex
!
interface Serial0/0
description Interface to Testpod2
ip address 192.168.2.102 255.255.255.0
encapsulation frame-relay
frame-relay map ip 192.168.2.101 220 broadcast
no frame-relay inverse-arp
frame-relay intf-type dce
!
router rip
version 2
network 10.0.0.0
network 192.168.1.0
!
ip classless
no ip http server
!
dialer-list 1 protocol ip permit
dialer-list 1 protocol ipx permit
!




banner login ^C

,_ .--.
_)\ / ;--. .--. _,
. ' . _.-' | .' \ .--; \ /(_
-= * =- (.-, / / | / '. | '-._ . ' .
' .\' ). `))/ .' _/\ / | \ \ ,-.) -= * =-
\_ \_ /( / \ /( \ /\_ '. \((` .( '/. '
/_\ .--' `-. // \ )\ / \ )\ _/ _/
||\/ , '._// | / \\ .-' '--. /_\
||/ /`(_ (_,;`-._/ / | \\_.' , \/||
\_.' ) /`\ .' \ \_.-';,_) _)'\ \||
.' . | ;. /` '. /`\ ( '._/
/ |\( `.( `\ .; | . '.
| |/ | ` ` ).' )/| \
| | / ` ` | \| |
| |.' \ | |
__/' / '.| |
_ .' _.-` \ '\__
_.` `.-;`/ `-._ '. _
/_.-'` / / \`;-.` `._
| / \ \ `'-._\
( / \ |
/_/ \ )
\_\



*******************************WARNING**********************************


Access to this device is restricted to authorized persons only!!

If your name is not on the list you ain't coming in!!

*************************************************************************
^C
!
line con 0
exec-timeout 60 0
password 7 01100F175804
logging synchronous
login
history size 100
line aux 0
line vty 0 4
exec-timeout 60 0
password 7 010109114F0E14
logging synchronous
login
history size 100
!
end

 

[unclerico]

Also why can't PC ping neighbouring network 192.168.2.101.

Is the PC on the 10.10.1.0/24 network? Does it list the router as the default gateway? If so, have you verified that the pvc's are up?? Can you ping from TP2 to TP1 and vice versa?

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)

 

[burtsbees]

There is no RoaS config in TP2! The vlans have no IP address assigned! You need
int fa0.20
encaps dot1q 20
ip add x.x.x.x y.y.y.y

Do that for all vlans. And port fa0/11 on the switch gets connected to fa0 on TP2. I would also set the IP address on the SVI (looks like VLAN1) in the switch.

Burt

 

[t0mm0]

Sorry Burt & uncle, the config for TP2 was slightly incorrect.

So I'll post it again, as it includes Burts idea. Though I've not set an IP address on the SVI, yet traffic is passing fine.

Just as I've got one thing sussed, my Frame relay scenario has decided to fall over. I think its an option to go P2P here now as I've seen the example work.

As for my routing issue, I'm going to try to place some static routing on both routers. I'll let you all know how I get on;


========================================================
uilding configuration...

Current configuration : 3153 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Testpod2
!
boot-start-marker
boot-end-marker
!
logging buffered 4096 debugging
logging console emergencies
logging monitor alerts
enable secret 5 $1$a96q$jhnISk10PiSgcC2pe3j9g.
enable password notused
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no aaa new-model
ip subnet-zero
ip cef
!
!
!
ip audit po max-events 100
no ftp-server write-enable
!
!
username netadmin privilege 15 password 0 netadmin
!
!
!
!
!
interface BRI0
no ip address
shutdown
!
interface FastEthernet0
no ip address
speed auto
full-duplex
!
interface FastEthernet0.1
!
interface FastEthernet0.20
encapsulation dot1Q 20
ip address 10.10.1.20 255.255.255.0
no snmp trap link-status
!
interface Serial0
ip address 192.168.2.101 255.255.255.0
encapsulation frame-relay
frame-relay map ip 192.168.2.102 220 broadcast
no frame-relay inverse-arp
!
interface Serial0.21 point-to-point
shutdown
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.2.100
ip route 10.10.1.0 255.255.255.0 10.10.1.0
no ip http server
ip http authentication local
ip http secure-server
!
dialer-list 1 protocol ip permit
banner login ^C
|| ||
|| ||
|| ||
|| .::::. ||
|| .::::::::. ||
|| ::::::::::: ||
|| ':::::::::::.. ||
|| :::::::::::::::' ||
|| ':::::::::::. ||
|| .::::::::::::::' ||
|| .:::::::::::... ||
|| ::::::::::::::'' ||
|| .:::. '::::::::'':::: ||
|| .::::::::. ':::::' ':::: ||
|| .::::':::::::. ::::: '::::. ||
|| .:::::' ':::::::::. ::::: ':::. ||
|| .:::::' ':::::::::.::::: '::. ||
|| .::::'' ':::::::::::::: '::. ||
|| .::'' ':::::::::::: :::... ||
|| ..:::: ':::::::::' .:' '''' ||
|| ..''''':' ':::::.' ||
|| ||
|| ||
|| ||
|| ||
|'================================================================'|^C
!
line con 0
line aux 0
line vty 0 4
password router
login local
transport input telnet ssh
!

 

[unclerico]

I saw this up top in your sh ip route output so I figured that the interface was omitted from your original config:

C 10.10.1.0 is directly connected, FastEthernet0.20

Anyway, the frame-realy config you have should theoretically work (i've configed it like that in my lab before also), but it would be better to have a dedicated frame-relay switch.

Though I've not set an IP address on the SVI, yet traffic is passing fine

No worries. You won't notice any differences in traffic flow whether you make your VLAN an SVI or not (at least in its default config). It's mostly just for remote management, unless of course it's a layer 3 switch and it is doing your intervlan routing.

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)