Configuration assistance 871w
phantasm
Member Posts: 995
in CCNA & CCENT
Well, since we're all learning Cisco here I figured I would ask for some configuration help. Before you look at it though, if you're new to the site or Cisco, please don't be alarmed. This is an elaborate config, beyond CCNA in general. If the MODS deem a better place for this then by all means, move it around.
Here's the deal. I just replaced my aged 831 with an 871w. I have the wireless working fine but I cannot telnet to my access-server. I get this message:
# Trying 192.168.1.2...
# telnet: Unable to connect to remote host: No route to host
Also, my VPN is failing. It's the same config out of the 831 which worked fine. I was hoping I could drop it in but it's not working to well. This error message is:
1. 182 16:13:05.365 03/07/09 Sev=Info/4CM/0x63100014
2.
3. Unable to establish Phase 1 SA with server "x.x.x.x" because of "DEL_REASON_PEER_NOT_RESPONDING"
Without further ado, to assist in the troubleshooting of the above mentioned issues. I give you the configuration file. rofl.
pastebin - collaborative debugging tool
Here's the deal. I just replaced my aged 831 with an 871w. I have the wireless working fine but I cannot telnet to my access-server. I get this message:
# Trying 192.168.1.2...
# telnet: Unable to connect to remote host: No route to host
Also, my VPN is failing. It's the same config out of the 831 which worked fine. I was hoping I could drop it in but it's not working to well. This error message is:
1. 182 16:13:05.365 03/07/09 Sev=Info/4CM/0x63100014
2.
3. Unable to establish Phase 1 SA with server "x.x.x.x" because of "DEL_REASON_PEER_NOT_RESPONDING"
Without further ado, to assist in the troubleshooting of the above mentioned issues. I give you the configuration file. rofl.
pastebin - collaborative debugging tool
"No man ever steps in the same river twice, for it's not the same river and he's not the same man." -Heraclitus
Comments
-
phantasm
Member Posts: 995
Topology is simple.
I only have my access-server directly connected to the 871w, and no, I cannot ping it.
I can ping the gateway (192.168.1.1) but not anything else:
drek@tuxbox ~ $ ping 192.168.1.2
PING 192.168.1.2 (192.168.1.2) 56(84) bytes of data.
From 192.168.1.9 icmp_seq=2 Destination Host Unreachable
From 192.168.1.9 icmp_seq=3 Destination Host Unreachable
From 192.168.1.9 icmp_seq=4 Destination Host Unreachable"No man ever steps in the same river twice, for it's not the same river and he's not the same man." -Heraclitus -
networker050184
Mod Posts: 11,962 Mod
Did you just paste the config from one device into the other? If so where there any commands that did not take?An expert is a man who has made all the mistakes which can be made. -
phantasm
Member Posts: 995
What is the IOS version?
12.3 ADVSECURITYnetworker050184 wrote: »Did you just paste the config from one device into the other? If so where there any commands that did not take?
No I did not. I rebuilt 95% of the config from scratch.
Wireless works fine, but any device connected to Fa0-3 I cannot connect to nor can I ping it.
Traceroute shows this:
drek@tuxbox ~ $ traceroute 192.168.1.2
traceroute to 192.168.1.2 (192.168.1.2), 30 hops max, 40 byte packets
1 192.168.1.11 (192.168.1.11) 3000.231 ms !H 3000.221 ms !H 3000.205 ms !H
I'm learning the device through CDP as well:
TheDarkSide#sh cdp neigh det
Device ID: Access_Server
Entry address(es):
IP address: 192.168.1.2
Platform: cisco 2610, Capabilities: Router
Interface: FastEthernet3, Port ID (outgoing port): Ethernet0/0
Holdtime : 151 sec
Version :
Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-I-M), Version 12.2(10), RELEASE SOFTWARE (fc2)
Copyright (c) 1986-2002 by cisco Systems, Inc.
Compiled Tue 07-May-02 00:00 by pwade
advertisement version: 2
Duplex: half
Power drawn: 4294967.294 Watts
Layer 2 is good as well:
TheDarkSide#sh mac-address-table
Destination Address Address Type VLAN Destination Port
----
0004.c058.3100 Dynamic 1 FastEthernet3
0016.473d.26b9 Self 1 Vlan1"No man ever steps in the same river twice, for it's not the same river and he's not the same man." -Heraclitus -
kalebksp
Member Posts: 1,033 ■■■■■□□□□□
12.3 ADVSECURITY
I was under the impression that ADVSECURITY only supported one VLAN and it had to be VLAN1. Is it accepting vlan 29 without any issue for you? -
phantasm
Member Posts: 995
I was under the impression that ADVSECURITY only supported one VLAN and it had to be VLAN1. Is it accepting vlan 29 without any issue for you?
Hmmm... I hadn't heard that. But VLAN 29 is associated with BVI29 and wireless is working fine.
ETA: Changed configuration to VLAN 1 and still nothing. I can't ping 192.168.1.2 from the router or any other device, however I am learning it via layer 2."No man ever steps in the same river twice, for it's not the same river and he's not the same man." -Heraclitus -
phantasm
Member Posts: 995
Appears to be working now. I made the change to VLAN 1 and regenerated the SSH keys. All is well, not quite sure what went worng, but it works. Now to finish troubleshooting the VPN."No man ever steps in the same river twice, for it's not the same river and he's not the same man." -Heraclitus
-
Highspade
Member Posts: 29 ■□□□□□□□□□
I have an 861w with ADVSECURITY and it only supports 2 vlans.
when I tried to disable VLAN1 and then get the wireless working, it gave me no end of trouble and in the end I just re-enabled it.