Announcement

Collapse
No announcement yet.

Unable to ping past switch on remote site

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Unable to ping past switch on remote site

    G'day

    We are opening a new office interstate in the near future. I recently made a trip to deploy the networking hardware, and a server on site. Unfortunately we weren't able to get the network going while I was at the remote site due to a misconfiguration by our service provider, which is now rectified.

    This leaves me in the position of attempting to get the site finalised remotely.

    We have a layer 2 service between our head office and the remote site which is functional ... ie I can ping the router and the switch at the remote site from my desk in head office.

    When I telnet into the router, I can ping the server which I installed. When I telnet into the switch I can ping the server. From both devices I can telnet and tracert back to head office no problem.

    BUT - I can't ping the server directly.

    At the remote site is a cisco 871 with an IP of 192.168.5.5 and 10.210.10.69 (that's for the layer 2 to head office, which has an ip of 10.210.10.65)

    The switch is a cisco 2960 with an IP of 192.168.5.10. It currently has only VLAN1

    The server is on 192.168.5.20

    Appropriate routing is in place at head office (or I wouldn't be able to ping the switch) so it must be something I'm missing at the other end. I've been working on the assumption that it's on the switch, but at this point I've been staring at it so long I know I'm not going to see it.

    Can anyone point me in the right direction?

    Some technical detail below.

    A tracert from my desk to the server gives (I'll leave out the drivel):

    1 192.168.1.10 (our core switch)
    2 192.168.254.1 (our router)
    3 192.168.10.69 (the remote router)

    and times out from there



    Here's the relevant part of the config from the router:

    interface FastEthernet0
    !
    interface FastEthernet1
    !
    interface FastEthernet2
    !
    interface FastEthernet3
    !
    interface FastEthernet4
    description $ES_WAN$
    ip address 10.210.10.69 255.255.255.248
    no ip redirects
    no ip unreachables
    ip route-cache flow
    duplex auto
    speed auto
    !
    interface Vlan1
    description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$
    ip address 192.168.5.5 255.255.255.0
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    ip route-cache flow
    ip tcp adjust-mss 1452
    !
    no ip forward-protocol nd
    ip route 0.0.0.0 0.0.0.0 10.210.10.65
    !
    !
    ip http server
    ip http access-class 23
    ip http authentication local
    ip http secure-server
    ip http timeout-policy idle 60 life 86400 requests 10000
    !
    no cdp run

    And here is the config from the switch:

    version 12.2
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname remsw001
    !
    boot-start-marker
    boot-end-marker
    !
    enable secret 5
    !
    no aaa new-model
    system mtu routing 1500
    ip subnet-zero
    !
    !
    !
    spanning-tree mode pvst
    spanning-tree extend system-id
    !
    vlan internal allocation policy ascending
    !
    !
    interface FastEthernet0/1
    description rem-rt-01
    !
    interface FastEthernet0/2
    description Callserver
    !
    interface FastEthernet0/3
    description fileserver
    !
    interface FastEthernet0/4
    !
    interface FastEthernet0/5
    !
    interface FastEthernet0/6
    !
    interface FastEthernet0/7
    !
    interface FastEthernet0/8
    !
    interface FastEthernet0/9
    !
    interface FastEthernet0/10
    !
    interface FastEthernet0/11
    !
    interface FastEthernet0/12
    !
    interface FastEthernet0/13
    !
    interface FastEthernet0/14
    !
    interface FastEthernet0/15
    !
    interface FastEthernet0/16
    !
    interface FastEthernet0/17
    !
    interface FastEthernet0/18
    !
    interface FastEthernet0/19
    !
    interface FastEthernet0/20
    !
    interface FastEthernet0/21
    !
    interface FastEthernet0/22
    !
    interface FastEthernet0/23
    !
    interface FastEthernet0/24
    !
    interface GigabitEthernet0/1
    !
    interface GigabitEthernet0/2
    !
    interface Vlan1
    ip address 192.168.5.10 255.255.255.0
    no ip route-cache
    !
    ip default-gateway 192.168.5.5
    ip http server
    ip http secure-server
    !
    end

  • #2
    Re: Unable to ping past switch on remote site

    Do you have the default gateway set on the server? Pinging the server from the router or the switch will work with no DG because they are local to the server (same subnet) but in order for the server to respond to remote pings it needs to have a default gateway set.

    Comment


    • #3
      Re: Unable to ping past switch on remote site

      Originally posted by joeqwerty View Post
      Do you have the default gateway set on the server? Pinging the server from the router or the switch will work with no DG because they are local to the server (same subnet) but in order for the server to respond to remote pings it needs to have a default gateway set.
      I'm 99% sure that the default gateway is set on the server. Of course now I'm wondering *lol*

      While I go slowly insane trying to figure out a way to remotely check the network config on a win2k3 box from a telnet session on a switch, let's assume that the default gw is correct on the server.

      It's a pretty good bet that it is, as there are a couple of devices and while it's possible I may have blown it on the server, it's unlikely that the other device (a callserver configured by a 3rd party) has the same problem.

      Comment


      • #4
        Re: Unable to ping past switch on remote site

        Is there any NAT'ing going on? How about ACL's on the router or rules on a firewall preventing the ping traffic?

        Comment


        • #5
          Re: Unable to ping past switch on remote site

          Originally posted by joeqwerty View Post
          Is there any NAT'ing going on? How about ACL's on the router or rules on a firewall preventing the ping traffic?
          No - NAT is not enabled.

          I've just checked - there are no ACL's on the router (or the switch) and the router's firewall is disabled.

          Comment


          • #6
            Re: Unable to ping past switch on remote site

            Well - it's a moot point now I'm afraid ... whilst fiddling with the switch in an attempt to get it working, I've now somehow lost contact with it.

            So I guess a quick trip interstate is coming up.

            Assuming I solve the issue, I'll post what the error was.

            Comment


            • #7
              Re: Unable to ping past switch on remote site

              Well - as promised ... the (sorta) solution to the problem.

              It turns out that the 2960 switch is straight layer 2 and as such the default gateway is ONLY relevant to management traffic to and from the switch itself.

              So what I did, once I was on site, was reconfigure the servers, user PCs and the rest to use the router as the default gateway.

              Luckily the 871 router we put in had the Advanced IP Services IOS so I could do all the necessary routing for the various VLANs on that, as the poverty-pack version of the IOS only supports 1 VLAN on that device.

              Thanks Joeqwerty for your suggestions.

              Comment


              • #8
                Re: Unable to ping past switch on remote site

                Glad to help and glad you got it sorted out.

                Comment

                Working...
                X