General discussion

  • Creator
    Topic
  • #2171166

    Can ping from router but unable to ping from client machines

    Locked

    by verve13 ·

    Hi All,
    I am having a weird issue with my Cisco 7200 router. From the router i am able to ping and reach out to the internet but from the client i am able to reach out to the internet but unable to ping I am not sure where is the issue but when i traceroute to it my packets are dropped at my routers interface. All my pings from the client time out. I checked the Access list to make sure ICMP is not blocked.
    Following is my running conf

    ip audit notify log
    ip audit po max-events 100
    ip ssh break-string ~
    ipv6 unicast-routing
    no ftp-server write-enable
    !
    no scripting tcl init
    no scripting tcl encdir

    !
    no voice hpi capture buffer
    no voice hpi capture destination

    !
    interface Loopback0
    description *** abc ***
    ip address 192.168.2.2 255.255.255.255
    !
    interface FastEthernet0/0
    description * Connection to officeswitch *
    ip address 10.0.2.1 255.255.255.240
    duplex full
    speed 100

    ipv6 rip abc enable
    no ipv6 mfib fast
    !
    interface FastEthernet0/1
    description * ISP1 *
    ip address 172.16.17.2 255.255.255.248
    ip access-group ISP1-IN in
    ip access-group ISP1-OUT out
    ip route-cache flow
    duplex full
    speed auto
    !
    interface Serial3/0
    description * ISP2 *
    ip address 10.23.21.2 255.255.255.252
    ip access-group Verio-IN in
    ip access-group Verio-OUT out
    ip route-cache flow
    serial restart-delay 0
    !
    interface Serial3/1
    no ip address
    shutdown
    serial restart-delay 0
    !
    interface Serial3/2
    no ip address
    shutdown
    serial restart-delay 0
    !
    interface Serial3/3
    no ip address
    shutdown
    serial restart-delay 0
    !
    router ospf 00000
    log-adjacency-changes
    network 192.168.0.0 0.0.31.255 area 0
    default-information originate
    !
    router bgp 00000
    no synchronization
    bgp log-neighbor-changes
    network 192.168.0.0.0 mask 255.255.224.0
    aggregate-address 192.168.0.0 255.255.224.0 summary-only
    no auto-summary
    !
    ip classless
    ip flow-export source Loopback0
    ip flow-export version 5
    ip flow-aggregation cache protocol-port
    enabled
    !
    ip flow-aggregation cache prefix
    enabled
    !
    no ip http server
    no ip http secure-server
    !
    ip as-path access-list 5 permit ^$
    ip as-path access-list 5 deny .*
    ip as-path access-list 10 permit ^$
    ip as-path access-list 20 permit ^00000

    ip as-path access-list 30 permit ^00000

    ip as-path access-list 30 permit ^00000

    ip as-path access-list 30 permit ^00000
    ip as-path access-list 30 permit ^00000
    !
    !
    ip access-list standard Access
    permit 192.168.0.0 0.0.31.255
    deny any log
    !
    ip access-list extended ISP1-IN
    permit tcp host 192.168.1.2 any eq www log
    permit icmp any any log
    deny ip 10.0.0.0 0.255.255.255 any log
    deny tcp any any eq ftp log
    deny tcp any any eq smtp log
    deny tcp any any eq 443 log
    deny ip 192.168.0.0 0.0.255.255 any log
    permit ip any any

    ip access-list extended ISP1-OUT
    permit icmp any any log
    permit ip any any

    ip access-list extended ISP2-IN
    permit icmp any any log
    deny ip 10.0.0.0 0.255.255.255 any log
    deny tcp any any eq ftp log
    deny tcp any any eq smtp log
    deny tcp any any eq 443
    deny ip 192.168.0.0 0.0.255.255 any log
    permit ip any any

    ip access-list extended ISP2-OUT
    permit ip any any
    permit icmp any any

    logging trap debugging
    logging source-interface Loopback0
    snmp-server community apricot RO 1
    snmp-server trap-source Loopback0
    snmp-server location 101 S Ellsworth Ave Suite 350
    snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
    snmp-server enable traps tty
    snmp-server enable traps config
    snmp-server enable traps envmon fan shutdown supply temperature
    snmp-server enable traps bgp
    redistribute static
    !
    !
    route-map ISP1PATH permit 5
    match as-path 30
    !
    route-map ISP1PATH permit 10
    match as-path 20
    set as-path prepend 00000
    !
    route-map SETPATH permit 10
    match as-path 10
    set as-path prepend 00001
    !

    I will appreciate any input to help me solve this problem.

All Comments

  • Author
    Replies
    • #2887912
      Avatar photo

      Repost as ‘Q&A’

      by hal 9000 ·

      In reply to Can ping from router but unable to ping from client machines

      Try reposting this in the ‘Q&A’ forum. The ‘Discussion’ forum is for matters of general discussion, not specific problems in search of a solution. The ‘Water Cooler’ is for non-technical discussions. You can submit a question to ‘Q&A’ here:

      http://www.techrepublic.com/forum/questions/post?tag=mantle_skin;content

      There are TR members who specifically seek out problems in need of a solution. Although there is some overlap between the forums, you’ll find more of those members in ‘Q&A’ than in ‘Discussions’ or ‘Water Cooler’.

      Be sure to use the voting buttons to provide your feedback. Voting a ‘+’ does not necessarily mean that a given response contained the complete solution to your problem, but that it served to guide you toward it. This is intended to serve as an aid to those who may in the future have a problem similar to yours. If they have a ready source of reference available, perhaps won’t need to repeat questions previously asked and answered. If a post did contain the solution to your problem, you can also close the question by marking the helpful post as “The Answer”. .

    • #2887911

      This should be over in the Q&A not discussions, but

      by deadly ernest ·

      In reply to Can ping from router but unable to ping from client machines

      you may want to check the internet security setting for the client NIC to see if it’s set to allow outward pings.

Viewing 1 reply thread