Re: Changing IPs

From: "Tom Linden" <tom@xxxxxxxxxxxxxx>
Date: Thu, 29 May 2008 17:29:04 -0700

On Thu, 29 May 2008 15:59:20 -0700, Trendkill <jpmason@xxxxxxxxx> wrote:

On May 29, 6:41 pm, "Tom Linden" <t...@xxxxxxxxxxxxxx> wrote:
Have a 2621 running 12.3

Got a new set of IPs and serial line(T1)
from the console # prompt can't ping the first two
but can the last one, f0/1
f0/0
s0/0
f0/1

I modified an existing config to reflect the new values for f0/0
and s0/0

ideas?

--
PL/I for OpenVMSwww.kednos.com

Your config may also be helpful.

CISCO2#sho ip int brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 12.70.58.129 YES manual up up
Serial0/0 12.89.208.122 YES manual down down
FastEthernet0/1 10.0.0.1 YES manual up up
CISCO2#ping 12.70.58.129

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 12.70.58.129, timeout is 2 seconds:
......
Success rate is 0 percent (0/5)
CISCO2#ping 10.0.0.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
CISCO2#ping 12.89.208.122

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 12.89.208.122, timeout is 2 seconds:
......
Success rate is 0 percent (0/5)

CISCO2#sho config
Using 3309 out of 29688 bytes
!
! Last configuration change at 14:27:47 PST Thu May 29 2008
! NVRAM config last updated at 14:27:53 PST Thu May 29 2008
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname CISCO2
!
boot-start-marker
boot-end-marker
!
logging buffered 65535 debugging
logging console informational
enable secret 5 $1$4TwO$cwJqY4fRqc2Yqvi8MpoHG0
!
clock timezone PST -8
no aaa new-model
ip subnet-zero
ip cef
!
!
ip domain name Kednos.com
ip name-server 12.70.58.130
ip name-server 12.70.58.132
ip name-server 12.70.58.133
ip name-server 12.70.58.134
ip name-server 12.70.58.135
ip name-server 12.70.58.137
!
ip audit po max-events 100
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
description OUTSIDE INTERFACE TO THE INTERNET
ip address 12.70.58.129 255.255.255.128
ip access-group 101 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
speed auto
full-duplex
no cdp enable
!
interface Serial0/0
ip address 12.89.208.122 255.255.255.252
ip access-group 101 in
ip access-group 102 out
ip nat outside
no ip mroute-cache
!
interface FastEthernet0/1
description INSIDE INTERFACE TO PRIVATE NETWORK
ip address 10.0.0.1 255.0.0.0
ip nat inside
duplex auto
speed auto
!
ip nat inside source list 1 interface FastEthernet0/0 overload
no ip http server
no ip http secure-server
ip classless
ip route 0.0.0.0 0.0.0.0 12.89.208.121
!
!
access-list 1 permit 10.0.0.0 0.0.0.255
access-list 101 remark PREVENT UNWANTED ACCESS
access-list 101 remark DENY RFC 1918 SOURCES
access-list 101 deny ip 10.0.0.0 0.255.255.255 any
access-list 101 deny ip 172.16.0.0 0.0.15.255 any
access-list 101 deny ip 192.168.0.0 0.0.255.255 any
access-list 101 remark ANTI-SPOOFING PROTECTION
access-list 101 deny ip host 0.0.0.0 any
access-list 101 deny ip 127.0.0.0 0.255.255.255 any
access-list 101 deny ip 192.0.2.0 0.0.0.255 any
access-list 101 deny ip 224.0.0.0 31.255.255.255 any
access-list 101 remark DENY BROADCASTS
access-list 101 deny ip 255.0.0.0 0.255.255.255 any
access-list 101 deny ip any 255.0.0.0 0.255.255.255
access-list 101 remark PERMIT/DENY a few knowns
access-list 101 permit icmp any any echo-reply
access-list 101 permit icmp any any time-exceeded
access-list 101 deny icmp any any echo
access-list 101 remark PREVENT ANY INBOUND SNMP
access-list 101 deny udp any any eq snmp
access-list 101 deny udp any any eq snmptrap
access-list 101 remark ICMP TYPES
access-list 101 deny icmp any any
access-list 101 remark PREVENT CISCO CODE VULNERABILITY
access-list 101 deny 53 any any
access-list 101 deny 55 any any
access-list 101 deny 77 any any
access-list 101 deny pim any any
access-list 101 remark PERMIT everything else
access-list 101 permit ip any any
access-list 102 permit ip 12.70.58.128 0.0.0.127 any
access-list 102 permit ip host 12.89.208.122 any
access-list 102 deny ip any any
dialer-list 1 protocol ip permit
!
!
!
!
!
banner exec ^CC
You have entered $(hostname).$(domain) on line $(line) ($(line-desc)) ^C
!
line con 0
exec-timeout 0 0
stopbits 1
flowcontrol software
line aux 0
line vty 0 4
password 7 000B03030A4D06151D2E4F451A
login
!
ntp clock-period 17181129
ntp server 192.83.249.28
ntp server 204.74.68.55
ntp server 216.27.190.202
!
end

--
PL/I for OpenVMS
www.kednos.com
.

Follow-Ups:
- Re: Changing IPs
  - From: Merv
- Re: Changing IPs
  - From: Trendkill

References:
- Changing IPs
  - From: Tom Linden
- Re: Changing IPs
  - From: Trendkill

Prev by Date: Re: Changing IPs
Next by Date: Re: Changing IPs
Previous by thread: Re: Changing IPs
Next by thread: Re: Changing IPs
Index(es):
- Date
- Thread

Relevant Pages

Re: Cisco 1760 router and VPN client Connection Issues
... crypto map fw1 client authentication list userauthenticate ... permit tcp 192.168.166.0 0.0.0.255 any eq 3101 ... deny ip any 127.0.0.0 0.255.255.255 log ...
(comp.dcom.sys.cisco)
Re: Cisco Pop3 email access
... crypto isakmp client configuration group VPNusers ... remark *** ACL Restricts incoming traffic from external networks ... remark *** Permit limited ICMP ...
(comp.dcom.sys.cisco)
Re: Cisco 1811 K9- VPN clients can connect, but cant connect or ping to computers
... access-list 100 remark auto generated by SDM firewall configuration ... access-list 100 deny ip host 255.255.255.255 any ... access-list 101 permit ip 172.25.2.0 0.0.1.255 any ...
(comp.dcom.sys.cisco)
Cisco 1841 dual adsl setup
... ip access-group 198 out ... permit ip 10.75.101.0 0.0.0.255 any ... access-list 100 deny ip any host 10.75.105.100 ...
(comp.dcom.sys.cisco)
adding a pix to dual router setup
... interface FastEthernet0 ... access-list 1 permit 192.168.2.0 0.0.0.255 ... access-list 100 deny ip 192.168.10.0 0.0.0.255 any ...
(comp.dcom.sys.cisco)