Problems connecting to a single host after changing router/link

Discussion in 'Cisco' started by latouring, Jul 16, 2006.

  1. latouring

    latouring Guest

    Dear All,

    I'm stuck with a problem encountered recently, hope the kind souls here
    could give me a clue to the problem.

    Currently we have a 64kbps circuit to a remote site and we have plan to
    move it to a new circuit (T1) on a new router. I have recently
    performed a test on a new circuit (faster) on the new router to the
    remote site.

    I configured the new router on the T1 having the same internal
    interface IP address so that I do not have to change the default
    gateway on the clients configured with static addresses. I did the
    switch by disconnecting the link on the router connected to the 64kbps.

    All went well except only a single host at secured vlan20 and another
    host at the remote site have problems connecting to each other.The
    affected host on vlan20 has no problems connecting to the other hosts
    at the remote site.

    The connectivety between the other secured vlans to the hosts at the
    remote site is fine.

    host on vlan20--FWSM--6509--Checkpoint--1721--{IPVPN}--1721--Remote
    Site

    I have cleared the arp-cache on the connected routers/switches/hosts
    and even reloaded the devices but it didnt help. traceroute from the
    remote site stops at the 6509 core switch and I dont see anything
    hitting vlan20 from the FWSM logs. I do see outgoing traffic from the
    host on vlan20 hitting the access-list created on the FWSM but it didnt
    even hit the checkpoint firewall. It looks likes the traffic stops at
    the 6509 but there are no access list applied.

    I'm missing out on something after the change. Strange that it only
    happens on this particular host. Hope you guys could advise me.

    Thanks,
    latour
     
    latouring, Jul 16, 2006
    #1
    1. Advertisements

  2. latouring

    Merv Guest

    Misconfigured IP gateway on host with problem ???

    Is proxy ARP enabled on current router ?

    Is proxy ARP disabled on new router ?

    I
     
    Merv, Jul 16, 2006
    #2
    1. Advertisements

  3. latouring

    Merv Guest

    Misconfigured IP gateway on host with problem ???

    Is proxy ARP enabled on current router ?

    Is proxy ARP disabled on new router ?

    I
     
    Merv, Jul 16, 2006
    #3
  4. latouring

    latouring Guest

    Hi Merv,

    Thanks for the reply.

    1. Gateway is configured correctly
    2. Proxy ARP disabled
    3. Proxy ARP disabled.

    Proxy ARP is enabled on the FWSM.

    Thanks!
     
    latouring, Jul 17, 2006
    #4
  5. latouring

    pcmccollum Guest

    Might I suggest creating an simple access-list with the offending
    host's IP address and running a 'debug ip packet detail' to see what's
    happening to the packets on the 6509? This should be able to tell you
    if you if it's being routed incorrectly for some reason. Also, do you
    have any sort of policy routing enabled? That could possibly create
    issues.

    Thanks,
    Phillip
     
    pcmccollum, Jul 17, 2006
    #5
  6. Another troubleshooting step would be to run traceroutes in both
    directions, and see how far each one gets.
     
    Barry Margolin, Jul 18, 2006
    #6
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.