Problem with 2 private subnets on Cisco 3640

Discussion in 'Cisco' started by Grimjack, Jul 31, 2006.

  1. Grimjack

    Grimjack Guest

    I have a 3640 with 2 fastethernet cards for 2 private networks
    (192.168.0.0, 192.168.1.0).
    I am able to access most computers across the router with no problem.
    But, there seems to be some problems when trying to access some ports.
    Here is the IP packet log I am getting for one such problem:
    Jul 31 14:20:02 1.1.1.1 65473: 3d00h: IP: s=192.168.1.43
    (FastEthernet1/0), d=192.168.0.103 (FastEthernet0/1), g=192.168.0.103,
    len 117, forward
    Jul 31 14:20:02 1.1.1.1 65474: 3d00h: TCP src=4061, dst=9000,
    seq=299137732, ack=1787491195, win=46674 ACK PSH
    Jul 31 14:20:02 1.1.1.1 65475: 3d00h: IP: s=192.168.0.103
    (FastEthernet0/1), d=192.168.1.43 (FastEthernet1/0), g=192.168.1.43,
    len 201, forward
    Jul 31 14:20:02 1.1.1.1 65476: 3d00h: TCP src=9000, dst=4061,
    seq=1787491195, ack=299137809, win=65359 ACK PSH
    Jul 31 14:20:02 1.1.1.1 65477: 3d00h: IP: s=192.168.1.43
    (FastEthernet1/0), d=192.168.0.103 (FastEthernet0/1), g=192.168.0.103,
    len 40, forward
    Jul 31 14:20:02 1.1.1.1 65478: 3d00h: TCP src=4061, dst=9000,
    seq=299137809, ack=1787491356, win=46634 ACK
    This is all I ever get. The application then times out. Both of the
    cards are natted inside to a single outside card. This does not seem to
    be the problem since I can access other machines on other ports.
    Any ideas would be appreciated.
    Thanx
     
    Grimjack, Jul 31, 2006
    #1
    1. Advertisements

  2. Grimjack

    Merv Guest

    You will need to post:

    1. the router config a
    2. the output of show version
     
    Merv, Jul 31, 2006
    #2
    1. Advertisements

  3. Grimjack

    anybody43 Guest

    I agree.

    I had a look at the packet traces which shows a fully
    established TCP session with data being Acknowledged.

    If you re-assemble the following as indicated by the line
    end indicators "_" you will be able to correlate the seq numbers
    with the acks. I have calculeted the next expected ack.

    Cisco display the length of the whole IP packet. the TCP header is
    usually 40 bytes long.

    Jul 31 14:20:02 1.1.1.1 65473: 3d00h: IP: s=192.168.1.43
    (FastEthernet1/0), _
    d=192.168.0.103 (FastEthernet0/1), g=192.168.0.103, len 117, forward
    Jul 31 14:20:02 1.1.1.1 65474: 3d00h: TCP src=4061, dst=9000,
    seq=299137732,_
    ack=1787491195, win=46674 ACK PSH
    299137732 + (117 - 40) = 299137809

    Jul 31 14:20:02 1.1.1.1 65475: 3d00h: IP: s=192.168.0.103
    (FastEthernet0/1),_
    d=192.168.1.43 (FastEthernet1/0), g=192.168.1.43, len 201, forward
    Jul 31 14:20:02 1.1.1.1 65476: 3d00h: TCP src=9000, dst=4061,
    seq=1787491195, _
    ack=299137809, win=65359 ACK PSH
    1787491195 + (201 -40) = 1787491356

    Jul 31 14:20:02 1.1.1.1 65477: 3d00h: IP: s=192.168.1.43
    (FastEthernet1/0), _
    d=192.168.0.103 (FastEthernet0/1), g=192.168.0.103, len 40, forward
    Jul 31 14:20:02 1.1.1.1 65478: 3d00h: TCP src=4061, dst=9000,
    seq=299137809,_
    ack=1787491356, win=46634 ACK
     
    anybody43, Aug 1, 2006
    #3
  4. Grimjack

    anybody43 Guest

    I agree.

    I had a look at the packet traces which shows a fully
    established TCP session with data being Acknowledged.

    If you re-assemble the following as indicated by the line
    end indicators "_" you will be able to correlate the seq numbers
    with the acks. I have calculeted the next expected ack.

    Cisco display the length of the whole IP packet. the TCP header is
    usually 40 bytes long.

    Jul 31 14:20:02 1.1.1.1 65473: 3d00h: IP: s=192.168.1.43
    (FastEthernet1/0), _
    d=192.168.0.103 (FastEthernet0/1), g=192.168.0.103, len 117, forward
    Jul 31 14:20:02 1.1.1.1 65474: 3d00h: TCP src=4061, dst=9000,
    seq=299137732,_
    ack=1787491195, win=46674 ACK PSH
    299137732 + (117 - 40) = 299137809

    Jul 31 14:20:02 1.1.1.1 65475: 3d00h: IP: s=192.168.0.103
    (FastEthernet0/1),_
    d=192.168.1.43 (FastEthernet1/0), g=192.168.1.43, len 201, forward
    Jul 31 14:20:02 1.1.1.1 65476: 3d00h: TCP src=9000, dst=4061,
    seq=1787491195, _
    ack=299137809, win=65359 ACK PSH
    1787491195 + (201 -40) = 1787491356

    Jul 31 14:20:02 1.1.1.1 65477: 3d00h: IP: s=192.168.1.43
    (FastEthernet1/0), _
    d=192.168.0.103 (FastEthernet0/1), g=192.168.0.103, len 40, forward
    Jul 31 14:20:02 1.1.1.1 65478: 3d00h: TCP src=4061, dst=9000,
    seq=299137809,_
    ack=1787491356, win=46634 ACK
     
    anybody43, Aug 1, 2006
    #4
  5. Grimjack

    anybody43 Guest

    What I menat to say was -
    It looks like it is all working OK. Maybe your app is broken?
     
    anybody43, Aug 1, 2006
    #5
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.