Cisco WAN :: 3845-MB Dropping Pings To Its Own Serial Interface?
May 16, 2013
I'm having an issue that I can't quite understand. I set up a test lab to get familiar with EIGRP routing. I have a Cisco 3845-MB with 2 VWIC2-2MFT-T1/E1 cards.sh ip int brief shows UP UP status on all serial ports. I gave it an IP address but I'm having trouble pinging the serial interface IP. It's dropping pings to its own S 1/1/0 interface when pinging from console. I have known good T1 crossover cables 1&2 - 4&5.
Here is the "ip int brief" from 3845-MB
3845-MB#sh ip int brief
Interface IP-Address OK? Method Status Prot
ocol
GigabitEthernet0/0 unassigned YES NVRAM administratively down down
GigabitEthernet0/1 172.30.2.1 YES NVRAM up up
Serial1/1/0:0 10.3.29.2 YES manual up up
Right now it's pinging itself at about 60 -90% success rate... and I can't figure out why it's dropping any packets at all. I have other issues with in the lab as well... but i think this might be my "core" issue.To make matters even more "weird" I've tried two different VWIC2-2MFT-T1/E1 cards and I drop pings with both of them.
Here is a sh run and a sh diag:
3845-MB#sh run
Building configuration...
Current configuration : 1434 bytes
!
version 12.4
service timestamps debug datetime msec
I just installed a HWIC-2T in a Cis co 3845 running IOS 15.1(3) T New build.The IOS self installed the port configuration including the command line "clock rate 2000000." I can edit everything but that entry using the CLI. When I enter the "no clock rate" it will not take in the running conf.
I was asked to block pings from the internet to the outside interface of our ASA-5505 firewall. I found a post that said to enter "icmp deny any outside", however that does not do it.
I created an ACL to try and do the trick, also to no avail:
access-list outside_in extended permit icmp any any echo-reply access-list outside_in in interface outside access-group outside_in in interface outside
I have a WRVS4400N router in a remote office. I have connectivity to the office and computers there. But the web interface for the router is failing to come up. This happens once every few days or so. Is there any utility or something that I can use to remotely reset the router without making use of the webinterface or having physical access to the router?
I have a remote site that still utilizes a single T1 connection to me. For multiple reasons we had to scrap the old T1 and have a new one put in. The old T1 resided on a T3 as channel 25. The new T1 is a standlone point to point. I removed the old config from my 7301 and programmed my 3725. I cannot figure out what is going on but the interface stays down/down. There is no loopback turned on, either manually or by the carrier. The AL LED stays amber regardless of whether or not I have a cable patched down. The CD LED remains green when I patch a cable down. LP is not light.I am using a straight through Ethernet cable to connect my 3725 to the smart jack. If you look at the show output below you will see DCD and CTS is down. Since the remote end was working and I just had the tech move the patch cable from one smart jack to another I am assuming the problem is on my side or with the carrierI already tried changing the clock sourced between internal and line. I also swapped out the WIC card for another one. I don't usually program T1 connections. [code]
Is it possible to simulate ISDN in a lab using a serial or ethernet interface. I want to setup FR and have ISDN running between a couple of routers with DoD routing.
We have a Cisco 1760 router . We are facing sevier packet drops in the serial interface.
When i swap the router with another router link is working working fine.
Troubleshooting steps taken
1. Swap the serial cable with another working cable : no change in state
2. Reconfigure the encapsulation commands (with PPP and HDLC) : no change in state
3. Try with a decreased MTU packet Ping : no change in state
4. Decreased the Input queue and increased the output queue size using hold-queue in command : Comparatively the packet drop is reducing but still a 10 percent drop is happening.
What would cause an interface to show up/up (looped), but you still can't ping that loop?...It is on a Cisco 7613 with an Enhanced FlexWan (WS-X6582- 2PA), with a Mx Serial PA, 8 ports (73-1580-10) and running IOS ver 12.2(33)SRE2 [code]
I just recently bought a new Cisco 2611 for my home lab and am having trouble getting the serial port to work. I have tried multiple things such as erase startup, switching the cables to rule them out, and even changing IP addresses but none worked. [code]
I am trying to use the connected WIC2-2MFT, as the servial interface on my cisco 1841.But it does not show me the option, under configuration interface
[code] What should I do to make this enable on this list?I am attaching the show tech-support, and show version of this device.
I have existing cisco 2811 (Version 12.4(3c)). I try to add a HWIC serial card into the router but the new HWIC is not detected. There is no new interfece shows up when i do show run. This HWIC is a new card just bought it.
While I managed to connect to each router individually, I decided it was time to connect the routers together via serial; as I don't have any serial cables and need to buy some, what serial cables I need, as well as to ask whether I have the right cards in my router(s) that will allow me to do so.
I bought 3 1841 routers, and all have a 1 port serial WAN Interface Card (WIC 1-T); one router has 2 of these, and one router has a WIC-1B-S/T .. My question is, can I connect the routers with a serial cable via WIC 1-T, or do I need a 2-T
I just finished setting up a bundle of (2) T1's in a multilink bundle and I'm having issues with one of the T1's not wanting to join the bundle.
The router I'm using on the remote office location is a 3620 router running code c3620-i-mz.121-1c.bin
The campus router which is a 7206 is setup the same exact way with multilink 240 and like I've said, serial 0/0 is joined to the bundle just fine, so we are running off one T1 connection.
The serial interface that is not working is: serial 0/1
Here is a show-run:
interface Multilink240 ip address 172.18.xxx.xxx 255.255.255.252 ip route-cache flow ip ospf network point-to-point service-policy output PhonesFirst ppp multilink
I have a problem in configuring two pair of backup interface on my customer's router (3845). It's ok when I configure just one of them. If I configure both pairs of interfaces into backup interface, one of them will be in disabled mode, as shown below :
WANR01#sh ip int bri Interface IP-Address OK? Method Status Protocol GigabitEthernet0/0 172.16.199.106 YES NVRAM up up GigabitEthernet0/1 172.16.3.5 YES NVRAM up up Serial0/0/0 unassigned YES NVRAM administratively down down Serial0/0/1 unassigned YES NVRAM administratively down down FastEthernet0/1/0 125.213.133.186 YES NVRAM standby mode down FastEthernet0/2/0 172.112.22.6 YES NVRAM standby mode/disabled down FastEthernet0/2/1 123.231.177.238 YES NVRAM up up Loopback0 172.16.199.12 YES NVRAM up up
We have a number of 3845 routers, some running IOS 12.4(22)T2 and earlier and some running 12.4(24)T4. On the ones with 12.4(22)T2 and earlier, gigabit interface g0/1 shows interface down/line protocol down when there is no cable connected to the interface and the interface is not in shutdown state. On the ones with 12.4(24)T4, gigabit interface g0/1 shows interface up/line protocol down when there is no cable connected to the interface and the interface is not in shutdown state. Interestingly in both cases, the "show controller g0/1" command shows " network link is down (NO CARRIER)" when there is no cable attached. It makes sense to us that the interface status would be down/down when there is no cable attached. It does not makes sense to us that the interace would be up/down. Did Cisco at some point change their philosophy on whether an interface should show down/down or up/down when there is no cable attached, or is this a bug?
I have a question regarding mlppp and bonding mpls T1 circuits. For the longest time we have been able to get by on one T1 circuit coming into our 3845 router. Well this T1 has now become congested and they are wanting to add bandwidth to this T1. We connect to the phone company via an MPLS T1 currently. So now it appears as though we are going to purchase another MPLS T1 circuit and bond the two T1's together. The way our network is currently set up, we utilize the same AS number on all of our remote routers regardless of location. Keep in mind I don't have any sort of mlppp set up at this moment, so unfortunately I can't post any configs. I'm just questioning the design portion and how to go about doing this.
Here is where my dilemma begins........
For every MPLS circuit we order on the remote end, we specifiy an IP for the remote router itself and one for the provider to assign to their equipment (the bgp neighbor statements). Now granted i'm no BGP extraordinaire, not even a novice really, but I don't understand how I am going to bring two T1 circuits into the same router (basically with 2 pairs of IP's). In order to bond the two T1's together, i'll need to create a multilink interface and assign an IP to that, but yet I still have 2 SETS of ip addresses. And if that isn't enough of a dilemma, I also need to spedify a neighbor statement in order for my AS to bind to the adjacent provider AS, but yet I have two IP addresses for that as well.
I have configured a qos policy and I am trying to apply the policy to a vlan interface which is physically connected to a switch module port of a 3845 Router.When I try to apply, the message configuration failed appears.
I have a cisco router 3845 with Etherswitch modules and one Vlan configured "172.16.6/24", many switch ports are assigned to this vlan. i would like to translate one IP address 172.16.6.200 to a new one "172.25.42.10" but need to keep the other IPs from "172.16.6/24" without changes. below is the configuration of vlan interface and switch port. [code]
I have two Cisco 3845 routers which receive a multicast stram via a tunnel interface, i.e Tunnel163 (PIM Dense mode is enabled). These routers are both connected to a LAN segment (FastEthernet0/1/0) where receivers are. [code] Router1 is the assert winner (highest IP address), it sees igmp joins request, but it's pruning the interface. It happens sometimes and it lasts until I manually issue clear ip mroute.Unfortunately I cannot migrate to Sparse Mode.
We have an ADSL2+ line from a WIC in a 1841, everything has been fine for the last few years and then the last few months the connection going down. When checking the interfaces the ATM0/0/0 is up up and the same for the dialer interface we are using, they are both up/up, but this still needs a reload of the router to be functional again, shutting the interfaces does not bring the connection back up.
I am not an expert on ADSL lines, I have never really had a problem with anything previously. The router was running Netflow to a network monitor wondering if this or logging was causing an issue with entries in the buffer??
Here is an output of show dsl int, would change the firmware, it has been fine all this time before though we are running IOS 12.4(24)T1 advseck9-m, as far as I can seen from our ISP the config for ADSL is all correct. [Code]
I have an Ethernet Loopback Plug (4 Pairs) made and trying to test the Gigabit Interface on a 3845 Router with a fail result. The interface will show up/up only if I set the interface to 100M/Full Duplex when I plug-in the Ethernet Loopback Plug (4 Pairs). I don't see this Gigabit Interface @ 3845 router has any option to set it to internal or external loopback.
We have a Cisco ASA 5505 (v7.2(3)) with a "fairly" normal configuration yet we have a problem where it appears UDP/53 traffic is denied on our inside network.
here is output from our sys log:
SyslogID Source IP Dest IP Description 305006 172.18.22.3 portmap translation creation failed for udp src inside:172.18.22.156/42013 dst inside:172.18.22.3/53
To give some clarification:
172.18.22.3 is one of our DNS servers 172.18.22.156 is a device we're experimenting with.
We've bypassed the Cisco by using a 4G wireless router with this same device - and it works flawlessly.Here is a [scrubbed] copy of our config. It is what I inherited from the previous admin - I'm not sure of all its finer points (I'm not Cisco certified -- perhaps I'm just certifiable.)
: Saved : ASA Version 7.2(3) ! hostname [redacted]
Trying to add inside routes on an ASA 5505 to point traffic to another gateway for other connected networks is resulting in the following error 6Sep 16200 819:13:5810601510.184.236.1265003810.170.54.1823389Deny TCP (no connection) from 10.184.236.126/50038 to 10.170.54.182/3389 flags RST on interface insideI believe the problem is due to the Asymetric tcp connection and the ASA is dropping the connection because it only see one half of the traffic.Is there a way we can stop the firewall dropping the TCP connections on the inside interface? i've tried removing the threat managment which didnt work.Annoying thing is were putting the ASA 5505's in to replace old Watchguard soho firewalls only the watchguards forwarded the traffic no problem at all.
Is there any physical or technical diferrences between PWR-3845 AC/2 and PWR-3845 AC? We are trying to order replacement parts and wondering if PWR-3845 AC is for one power supply and AC/2 means you get two with one order?
Is there any physical or technical diferrences between PWR-3845 AC/2 and PWR-3845 AC? We are trying to order replacement parts and if PWR-3845 AC is for one power supply and AC/2 means you get two with one order.
We have a remote site that is using 3750X switches as layer 2 switches back to our home site. The uplink port is showing dropped packets but the utilization on the link is never about 10%. We have a 100Mb circuit to this site. Our speed tests and iperf tests are not showing any issues that we can see. However the port is still droping packets. It is not dropping at a high rate but they are dropping.
So we've setup an ASA 5510 and users can VPN in no problem, and an IPCONFIG /ALL confirms that the DNS server settings from the group policy have been applied.Group policy sets DNS servers as 192.168.2.8 (internal), 8.8.8.8 (google). Public internet sites work ok.Typing nslookup opens up on the correct internet DNS server, but all requests timeout.
I was asked to block pings from the internet to the outside interface of our ASA-5505 firewall. I found a post that said to enter "icmp deny any outside", however that does not do it.
I created an ACL to try and do the trick, also to no avail:
access-list outside_in extended permit icmp any any echo-reply access-list outside_in in interface outside access-group outside_in in interface outside
