+ Reply to Thread
Results 1 to 2 of 2
  1. Junior Member
    Join Date
    Mar 2008
    Location
    tamworth uk
    Posts
    29

    Certifications
    Working on CCNA
    #1

    Default Cant ping host on same subnet ?

    HI all, this 877w is proving to be a real pain in the rear,the problem this time is that i have 2 pc's connected to the 877w ssid MooMoo, they both connect to the router with no problem and can access the internet and also my server on fa0 but i cant access any files,shares or even ping from host to host on the wireless laptops even though there in the same subnet.
    I know it's not a firewall issue or that it's a problem with the pc's as the same setup works perfect on my little netgear jobby.

    If anyone can run there eyes over my config below and show me where im going wrong that would be great.

    version 12.4
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname 877w
    !
    boot-start-marker
    boot-end-marker
    !
    enable secret 5 $1$kJdC$fgWnKH68k/kXC93kv0Q5B/
    !
    aaa new-model
    !
    !
    aaa group server radius rad_eap
    server 192.168.0.33 auth-port 1812 acct-port 1813
    !
    aaa authentication login eap_methods group rad_eap
    !
    !
    aaa session-id common
    !
    dot11 ssid MooMoo
    vlan 1
    authentication open eap eap_methods
    authentication network-eap eap_methods
    authentication key-management wpa
    !
    dot11 ssid leachers
    vlan 2
    authentication open
    authentication key-management wpa
    guest-mode
    wpa-psk ascii 0 xxxxxxx
    !
    ip cef
    !
    !
    no ip dhcp use vrf connected
    ip dhcp excluded-address 192.168.0.33
    ip dhcp excluded-address 192.168.0.35
    ip dhcp excluded-address 192.168.0.36
    ip dhcp excluded-address 192.168.0.38
    ip dhcp excluded-address 192.168.0.34
    ip dhcp excluded-address 10.0.0.1
    !
    ip dhcp pool shaun
    network 192.168.0.32 255.255.255.240
    default-router 192.168.0.33
    dns-server 62.24.199.23
    !
    ip dhcp pool guest-vlan2
    import all
    network 10.0.0.0 255.255.255.0
    default-router 10.0.0.1
    dns-server 62.24.199.13
    !
    !
    ip domain name xxxxxxxxxxxxxxxxxxx
    ip name-server 62.24.199.13
    ip name-server 62.24.199.23
    ip ssh time-out 30
    ip ssh port 2001 rotary 1
    ip ssh logging events
    ip ssh version 2
    ip ddns update method DynDNS
    HTTP
    add http:/xxxxxxxxxxxxxxxxxxxxx.dyndns.org/nic/update?system=dyndns&hostname=xxxxxxxxxxxxx.com&my ip=<a>
    remove http://xxxxxxxxxxxxx.dyndns.org/nic/update?system=dyndns&hostname=xxxxxxxxxxxx.com&myi p=<a>
    !
    !
    multilink bundle-name authenticated
    !
    crypto pki trustpoint TP-self-signed-3665536970
    enrollment selfsigned
    subject-name cn=IOS-Self-Signed-Certificate-3665536970
    revocation-check none
    rsakeypair TP-self-signed-3665536970
    !
    !
    crypto pki certificate chain TP-self-signed-3665536970
    certificate self-signed 01
    30820253 308201BC A0030201 02020101 300D0609 2A864886 F70D0101 04050030
    31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
    69666963 6174652D 33363635 35333639 3730301E 170D3032 30333031 30333437
    31395A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
    4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 36363535
    33363937 3030819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
    8100C542 5C51F2EF 3E8A4D06 58A08EB1 39315887 70205568 BA90DAF4 F5B18915
    192666EE CF1D48A4 DB2C9474 C52D6032 6271203A 4A317739 9BAD28BF 80E90122
    6010C01A 9E3E784B 57579D2A E277A19F 8C2938BC 997D757E 8A81FE66 5FE3B46F
    3DA1006C 23DD516D 5E9B8A60 0783A4A7 A12AECEB 8071F75B 441F64B0 A31135C4
    8D3D0203 010001A3 7B307930 0F060355 1D130101 FF040530 030101FF 30260603
    551D1104 1F301D82 1B383737 772E7368 61756E65 626F702E 6973612D 6765656B
    2E636F6D 301F0603 551D2304 18301680 1490A7BC 0F8A9454 34982AFB 2120251E
    6D667E82 19301D06 03551D0E 04160414 90A7BC0F 8A945434 982AFB21 20251E6D
    667E8219 300D0609 2A864886 F70D0101 04050003 81810009 47C2FE5B 987806CD
    279C0140 0AD4F05F 520036B8 2361106D 800721C7 CBB8823A 4767C618 B778D214
    3CD40DCC E61C3D3C A8ED094C 3FC3BC92 41FF46A2 DFB17F98 888BFE29 B87D7DFA
    24FD5825 077164E0 C7E37E39 DA6756D5 27603B76 08BAE0B1 7C0AFCAE D716FD25
    A2405507 E4B4E1C0 CC3F7932 FEF3378E 5D135862 9A3231
    quit
    !
    !
    username xxxxxxx privilege 15 secret 5 $1$j8q0$mHmLuujpKN1N2mn54/dmz.
    !
    !
    !
    bridge irb
    !
    !
    !
    interface ATM0
    no ip address
    no atm ilmi-keepalive
    dsl operating-mode auto
    !
    interface ATM0.2 point-to-point
    ip nat outside
    ip virtual-reassembly
    no snmp trap link-status
    pvc 0/38
    encapsulation aal5snap
    protocol ppp dialer
    dialer pool-member 1
    !
    !
    interface FastEthernet0
    description FREENAS-SERVER
    spanning-tree portfast
    !
    interface FastEthernet1
    !
    interface FastEthernet2
    description LAB-LINK
    switchport mode trunk
    !
    interface FastEthernet3
    description XBOX-LINK
    spanning-tree portfast
    !
    interface Dot11Radio0
    no ip address
    ip nat inside
    ip virtual-reassembly
    no dot11 extension aironet
    !
    encryption mode ciphers aes-ccm
    !
    encryption vlan 1 mode ciphers aes-ccm
    !
    encryption vlan 2 mode ciphers aes-ccm
    !
    broadcast-key change 300 membership-termination
    !
    !
    ssid MooMoo
    !
    ssid leachers
    !
    speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
    station-role root
    antenna receive right
    antenna transmit left
    antenna gain 3
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 spanning-disabled
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    !
    interface Dot11Radio0.1
    encapsulation dot1Q 1 native
    ip nat inside
    ip virtual-reassembly
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 spanning-disabled
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    !
    interface Dot11Radio0.2
    encapsulation dot1Q 2
    ip nat inside
    ip virtual-reassembly
    bridge-group 2
    bridge-group 2 subscriber-loop-control
    bridge-group 2 spanning-disabled
    bridge-group 2 block-unknown-source
    no bridge-group 2 source-learning
    no bridge-group 2 unicast-flooding
    !
    interface Vlan1
    no ip address
    ip nat inside
    ip virtual-reassembly
    bridge-group 1
    !
    interface Vlan2
    no ip address
    ip nat inside
    ip virtual-reassembly
    bridge-group 2
    !
    interface Dialer0
    mtu 1452
    ip ddns update hostname xxxxxxxxxxxxxxxxxxxxxx
    ip ddns update DynDNS host members.dyndns.org
    ip address negotiated
    ip nat outside
    ip virtual-reassembly
    encapsulation ppp
    dialer pool 1
    dialer-group 1
    no cdp enable
    ppp authentication chap pap callin
    ppp chap hostname xxxxxxxxxxxxxxxxxxxx
    ppp chap password 0 xxxxxxxxxxxxxx
    ppp pap sent-username xxxxxxxxxxxxxxxxxxxxx
    !
    interface BVI1
    ip address 192.168.0.33 255.255.255.240
    ip nat inside
    ip virtual-reassembly
    !
    interface BVI2
    description vlan 2 network
    ip address 10.0.0.1 255.255.255.0
    ip nat inside
    ip virtual-reassembly
    !
    router rip
    version 2
    redistribute static
    network 10.0.0.0
    network 192.168.0.0
    no auto-summary
    !
    ip route 0.0.0.0 0.0.0.0 Dialer0
    !
    !
    no ip http server
    ip http secure-server
    ip nat inside source list 1 interface Dialer0 overload
    ip nat inside source static tcp 192.168.0.38 2001 interface Dialer0 2001
    ip nat inside source static tcp 192.168.0.33 443 interface Dialer0 443
    ip nat inside source static tcp 192.168.0.38 xxxxx interface Dialer0 xxxx
    ip nat inside source static tcp 192.168.0.36 xxxx interface Dialer0 xxxx
    ip nat inside source static tcp 192.168.0.36 1723 interface Dialer0 1723
    ip nat inside source static udp 192.168.0.33 123 interface Dialer0 123
    !
    access-list 1 permit 192.168.0.32 0.0.0.15
    access-list 1 permit 10.0.0.0 0.0.0.255
    access-list 1 permit 10.0.1.0 0.0.0.255
    dialer-list 1 protocol ip permit
    !
    !
    !
    radius-server local
    nas 192.168.0.33 key 0 xxxxxxxxxxx
    user xxxxx nthash 0 452789A016B8865A77A2B70C68E50D30
    user xxxxxx nthash 0 452789A016B8865A77A2B70C68E50D30
    !
    radius-server host 192.168.0.33 auth-port 1812 acct-port 1813 key xxxxxxxxx
    !
    control-plane
    !
    bridge 1 protocol ieee
    bridge 1 route ip
    bridge 2 protocol ieee
    bridge 2 route ip
    bridge 3 protocol ieee
    bridge 3 route ip
    banner login 
    ************************************************
    * 877w NO UNAUTHERIZED USERS *
    ************************************************
    !
    line con 0
    exec-timeout 30 0
    logging synchronous
    no modem enable
    line aux 0
    line vty 0 4
    exec-timeout 30 0
    logging synchronous
    transport input ssh
    !
    scheduler max-task-time 5000
    ntp server 139.143.5.30 source Dialer0
    end
    Reply With Quote Quote  

  2. Senior Member
    Join Date
    Sep 2009
    Location
    Wales, UK
    Posts
    411

    Certifications
    CCENT, CCNA, CCNA Voice, CCNA Security, ITIL V3 Foundation, MCP, MCTS
    #2
    I had a similar problem yesterday, unable to ping hosts on a new wireless network. It turned out to be the computers.

    My symptoms were spot on with you, I could access the internet but not other hosts on the WiFi. To debug I entered the 'arp -a' on the Windows machines, there were entries for the other hosts connecting to the Wifi proving there was layer 2 connectivity between all the hosts. That only left layer 3 and above, turning off the firewalls on Windows allowed me to ping the other hosts. Later I fine tuned the computers firewalls to allow exactly what I wanted.

    I think Windows keeps SSID/network specific firewall settings which by default are strict. May explain why the netgear all is fine but with the new wifi everything is locked down.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks