[FONT=Arial]Hi All,[/FONT]
[FONT=Arial]I am having a weird issue with my Cisco 7200 router. From the router I am able to ping and reach out to the internet but from the client I am able to reach out to the internet but unable to ping
I am not sure where is the issue but when I traceroute to it my packets are dropped at my routers interface. All my pings from the client time out. I checked the Access list to make sure ICMP is not blocked.[/FONT]
[FONT=Arial]Following is my running conf[/FONT]
[FONT=Arial] [/FONT]
[FONT=Arial]ip audit notify log[/FONT]
[FONT=Arial]ip audit po max-events 100[/FONT]
[FONT=Arial]ip ssh break-string ~[/FONT]
[FONT=Arial]ipv6 unicast-routing[/FONT]
[FONT=Arial]no ftp-server write-enable[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]no scripting tcl init[/FONT]
[FONT=Arial]no scripting tcl encdir[/FONT]
[FONT=Arial] [/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]no voice hpi capture buffer[/FONT]
[FONT=Arial]no voice hpi capture destination[/FONT]
[FONT=Arial] [/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]interface Loopback0[/FONT]
[FONT=Arial]description *** abc ***[/FONT]
[FONT=Arial]ip address 192.168.2.2 255.255.255.255[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]interface FastEthernet0/0[/FONT]
[FONT=Arial]description * Connection to officeswitch *[/FONT]
[FONT=Arial]ip address 10.0.2.1 255.255.255.240[/FONT]
[FONT=Arial]duplex full[/FONT]
[FONT=Arial]speed 100[/FONT]
[FONT=Arial] [/FONT]
[FONT=Arial]ipv6 rip abc enable[/FONT]
[FONT=Arial]no ipv6 mfib fast[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]interface FastEthernet0/1[/FONT]
[FONT=Arial]description * ISP1 *[/FONT]
[FONT=Arial]ip address 172.16.17.2 255.255.255.248[/FONT]
[FONT=Arial]ip access-group ISP1-IN in[/FONT]
[FONT=Arial]ip access-group ISP1-OUT out[/FONT]
[FONT=Arial]ip route-cache flow[/FONT]
[FONT=Arial]duplex full[/FONT]
[FONT=Arial]speed auto[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]interface Serial3/0[/FONT]
[FONT=Arial]description * ISP2 *[/FONT]
[FONT=Arial]ip address 10.23.21.2 255.255.255.252[/FONT]
[FONT=Arial]ip access-group Verio-IN in[/FONT]
[FONT=Arial]ip access-group Verio-OUT out[/FONT]
[FONT=Arial]ip route-cache flow[/FONT]
[FONT=Arial]serial restart-delay 0[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]interface Serial3/1[/FONT]
[FONT=Arial]no ip address[/FONT]
[FONT=Arial]shutdown[/FONT]
[FONT=Arial]serial restart-delay 0[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]interface Serial3/2[/FONT]
[FONT=Arial]no ip address[/FONT]
[FONT=Arial]shutdown[/FONT]
[FONT=Arial]serial restart-delay 0[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]interface Serial3/3[/FONT]
[FONT=Arial]no ip address[/FONT]
[FONT=Arial]shutdown[/FONT]
[FONT=Arial]serial restart-delay 0[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]router ospf 00000[/FONT]
[FONT=Arial]log-adjacency-changes[/FONT]
[FONT=Arial]network 192.168.0.0 0.0.31.255 area 0[/FONT]
[FONT=Arial]default-information originate[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]router bgp 00000[/FONT]
[FONT=Arial]no synchronization[/FONT]
[FONT=Arial]bgp log-neighbor-changes[/FONT]
[FONT=Arial]network 192.168.0.0.0 mask 255.255.224.0[/FONT]
[FONT=Arial]aggregate-address 192.168.0.0 255.255.224.0 summary-only[/FONT]
[FONT=Arial]no auto-summary[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]ip classless[/FONT]
[FONT=Arial]ip flow-export source Loopback0[/FONT]
[FONT=Arial]ip flow-export version 5[/FONT]
[FONT=Arial]ip flow-aggregation cache protocol-port[/FONT]
[FONT=Arial]enabled[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]ip flow-aggregation cache prefix[/FONT]
[FONT=Arial]enabled[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]no ip http server[/FONT]
[FONT=Arial]no ip http secure-server[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]ip as-path access-list 5 permit ^$[/FONT]
[FONT=Arial]ip as-path access-list 5 deny .*[/FONT]
[FONT=Arial]ip as-path access-list 10 permit ^$[/FONT]
[FONT=Arial]ip as-path access-list 20 permit ^00000[/FONT]
[FONT=Arial] [/FONT]
[FONT=Arial]ip as-path access-list 30 permit ^00000[/FONT]
[FONT=Arial] [/FONT]
[FONT=Arial]ip as-path access-list 30 permit ^00000[/FONT]
[FONT=Arial] [/FONT]
[FONT=Arial]ip as-path access-list 30 permit ^00000[/FONT]
[FONT=Arial]ip as-path access-list 30 permit ^00000[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]ip access-list standard Access[/FONT]
[FONT=Arial]permit 192.168.0.0 0.0.31.255[/FONT]
[FONT=Arial]deny any log[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]ip access-list extended ISP1-IN[/FONT]
[FONT=Arial]permit tcp host 192.168.1.2 any eq www log[/FONT]
[FONT=Arial]permit icmp any any log[/FONT]
[FONT=Arial]deny ip 10.0.0.0 0.255.255.255 any log[/FONT]
[FONT=Arial]deny tcp any any eq ftp log[/FONT]
[FONT=Arial]deny tcp any any eq smtp log[/FONT]
[FONT=Arial]deny tcp any any eq 443 log[/FONT]
[FONT=Arial]deny ip 192.168.0.0 0.0.255.255 any log[/FONT]
[FONT=Arial] permit ip any any[/FONT]
[FONT=Arial] [/FONT]
[FONT=Arial]ip access-list extended ISP1-OUT[/FONT]
[FONT=Arial]permit icmp any any log[/FONT]
[FONT=Arial]permit ip any any[/FONT]
[FONT=Arial] [/FONT]
[FONT=Arial]ip access-list extended ISP2-IN[/FONT]
[FONT=Arial] permit icmp any any log[/FONT]
[FONT=Arial]deny ip 10.0.0.0 0.255.255.255 any log[/FONT]
[FONT=Arial]deny tcp any any eq ftp log[/FONT]
[FONT=Arial]deny tcp any any eq smtp log[/FONT]
[FONT=Arial]deny tcp any any eq 443[/FONT]
[FONT=Arial]deny ip 192.168.0.0 0.0.255.255 any log[/FONT]
[FONT=Arial] permit ip any any[/FONT]
[FONT=Arial] [/FONT]
[FONT=Arial]ip access-list extended ISP2-OUT[/FONT]
[FONT=Arial]permit ip any any[/FONT]
[FONT=Arial]permit icmp any any[/FONT]
[FONT=Arial] [/FONT]
[FONT=Arial]logging trap debugging[/FONT]
[FONT=Arial]logging source-interface Loopback0[/FONT]
[FONT=Arial]snmp-server community apricot RO 1[/FONT]
[FONT=Arial]snmp-server trap-source Loopback0[/FONT]
[FONT=Arial]snmp-server location 101 S Ellsworth Ave Suite 350[/FONT]
[FONT=Arial]snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart[/FONT]
[FONT=Arial]snmp-server enable traps tty[/FONT]
[FONT=Arial]snmp-server enable traps config[/FONT]
[FONT=Arial]snmp-server enable traps envmon fan shutdown supply temperature[/FONT]
[FONT=Arial]snmp-server enable traps bgp[/FONT]
[FONT=Arial]redistribute static[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]route-map ISP1PATH permit 5[/FONT]
[FONT=Arial]match as-path 30[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]route-map ISP1PATH permit 10[/FONT]
[FONT=Arial]match as-path 20[/FONT]
[FONT=Arial]set as-path prepend 00000[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]route-map SETPATH permit 10[/FONT]
[FONT=Arial]match as-path 10[/FONT]
[FONT=Arial]set as-path prepend 00001[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial] [/FONT]
[FONT=Arial] [/FONT]
[FONT=Arial]I will appreciate any input to help me solve this problem.[/FONT]
[FONT=Arial]I am having a weird issue with my Cisco 7200 router. From the router I am able to ping and reach out to the internet but from the client I am able to reach out to the internet but unable to ping
[FONT=Arial]Following is my running conf[/FONT]
[FONT=Arial] [/FONT]
[FONT=Arial]ip audit notify log[/FONT]
[FONT=Arial]ip audit po max-events 100[/FONT]
[FONT=Arial]ip ssh break-string ~[/FONT]
[FONT=Arial]ipv6 unicast-routing[/FONT]
[FONT=Arial]no ftp-server write-enable[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]no scripting tcl init[/FONT]
[FONT=Arial]no scripting tcl encdir[/FONT]
[FONT=Arial] [/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]no voice hpi capture buffer[/FONT]
[FONT=Arial]no voice hpi capture destination[/FONT]
[FONT=Arial] [/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]interface Loopback0[/FONT]
[FONT=Arial]description *** abc ***[/FONT]
[FONT=Arial]ip address 192.168.2.2 255.255.255.255[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]interface FastEthernet0/0[/FONT]
[FONT=Arial]description * Connection to officeswitch *[/FONT]
[FONT=Arial]ip address 10.0.2.1 255.255.255.240[/FONT]
[FONT=Arial]duplex full[/FONT]
[FONT=Arial]speed 100[/FONT]
[FONT=Arial] [/FONT]
[FONT=Arial]ipv6 rip abc enable[/FONT]
[FONT=Arial]no ipv6 mfib fast[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]interface FastEthernet0/1[/FONT]
[FONT=Arial]description * ISP1 *[/FONT]
[FONT=Arial]ip address 172.16.17.2 255.255.255.248[/FONT]
[FONT=Arial]ip access-group ISP1-IN in[/FONT]
[FONT=Arial]ip access-group ISP1-OUT out[/FONT]
[FONT=Arial]ip route-cache flow[/FONT]
[FONT=Arial]duplex full[/FONT]
[FONT=Arial]speed auto[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]interface Serial3/0[/FONT]
[FONT=Arial]description * ISP2 *[/FONT]
[FONT=Arial]ip address 10.23.21.2 255.255.255.252[/FONT]
[FONT=Arial]ip access-group Verio-IN in[/FONT]
[FONT=Arial]ip access-group Verio-OUT out[/FONT]
[FONT=Arial]ip route-cache flow[/FONT]
[FONT=Arial]serial restart-delay 0[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]interface Serial3/1[/FONT]
[FONT=Arial]no ip address[/FONT]
[FONT=Arial]shutdown[/FONT]
[FONT=Arial]serial restart-delay 0[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]interface Serial3/2[/FONT]
[FONT=Arial]no ip address[/FONT]
[FONT=Arial]shutdown[/FONT]
[FONT=Arial]serial restart-delay 0[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]interface Serial3/3[/FONT]
[FONT=Arial]no ip address[/FONT]
[FONT=Arial]shutdown[/FONT]
[FONT=Arial]serial restart-delay 0[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]router ospf 00000[/FONT]
[FONT=Arial]log-adjacency-changes[/FONT]
[FONT=Arial]network 192.168.0.0 0.0.31.255 area 0[/FONT]
[FONT=Arial]default-information originate[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]router bgp 00000[/FONT]
[FONT=Arial]no synchronization[/FONT]
[FONT=Arial]bgp log-neighbor-changes[/FONT]
[FONT=Arial]network 192.168.0.0.0 mask 255.255.224.0[/FONT]
[FONT=Arial]aggregate-address 192.168.0.0 255.255.224.0 summary-only[/FONT]
[FONT=Arial]no auto-summary[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]ip classless[/FONT]
[FONT=Arial]ip flow-export source Loopback0[/FONT]
[FONT=Arial]ip flow-export version 5[/FONT]
[FONT=Arial]ip flow-aggregation cache protocol-port[/FONT]
[FONT=Arial]enabled[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]ip flow-aggregation cache prefix[/FONT]
[FONT=Arial]enabled[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]no ip http server[/FONT]
[FONT=Arial]no ip http secure-server[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]ip as-path access-list 5 permit ^$[/FONT]
[FONT=Arial]ip as-path access-list 5 deny .*[/FONT]
[FONT=Arial]ip as-path access-list 10 permit ^$[/FONT]
[FONT=Arial]ip as-path access-list 20 permit ^00000[/FONT]
[FONT=Arial] [/FONT]
[FONT=Arial]ip as-path access-list 30 permit ^00000[/FONT]
[FONT=Arial] [/FONT]
[FONT=Arial]ip as-path access-list 30 permit ^00000[/FONT]
[FONT=Arial] [/FONT]
[FONT=Arial]ip as-path access-list 30 permit ^00000[/FONT]
[FONT=Arial]ip as-path access-list 30 permit ^00000[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]ip access-list standard Access[/FONT]
[FONT=Arial]permit 192.168.0.0 0.0.31.255[/FONT]
[FONT=Arial]deny any log[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]ip access-list extended ISP1-IN[/FONT]
[FONT=Arial]permit tcp host 192.168.1.2 any eq www log[/FONT]
[FONT=Arial]permit icmp any any log[/FONT]
[FONT=Arial]deny ip 10.0.0.0 0.255.255.255 any log[/FONT]
[FONT=Arial]deny tcp any any eq ftp log[/FONT]
[FONT=Arial]deny tcp any any eq smtp log[/FONT]
[FONT=Arial]deny tcp any any eq 443 log[/FONT]
[FONT=Arial]deny ip 192.168.0.0 0.0.255.255 any log[/FONT]
[FONT=Arial] permit ip any any[/FONT]
[FONT=Arial] [/FONT]
[FONT=Arial]ip access-list extended ISP1-OUT[/FONT]
[FONT=Arial]permit icmp any any log[/FONT]
[FONT=Arial]permit ip any any[/FONT]
[FONT=Arial] [/FONT]
[FONT=Arial]ip access-list extended ISP2-IN[/FONT]
[FONT=Arial] permit icmp any any log[/FONT]
[FONT=Arial]deny ip 10.0.0.0 0.255.255.255 any log[/FONT]
[FONT=Arial]deny tcp any any eq ftp log[/FONT]
[FONT=Arial]deny tcp any any eq smtp log[/FONT]
[FONT=Arial]deny tcp any any eq 443[/FONT]
[FONT=Arial]deny ip 192.168.0.0 0.0.255.255 any log[/FONT]
[FONT=Arial] permit ip any any[/FONT]
[FONT=Arial] [/FONT]
[FONT=Arial]ip access-list extended ISP2-OUT[/FONT]
[FONT=Arial]permit ip any any[/FONT]
[FONT=Arial]permit icmp any any[/FONT]
[FONT=Arial] [/FONT]
[FONT=Arial]logging trap debugging[/FONT]
[FONT=Arial]logging source-interface Loopback0[/FONT]
[FONT=Arial]snmp-server community apricot RO 1[/FONT]
[FONT=Arial]snmp-server trap-source Loopback0[/FONT]
[FONT=Arial]snmp-server location 101 S Ellsworth Ave Suite 350[/FONT]
[FONT=Arial]snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart[/FONT]
[FONT=Arial]snmp-server enable traps tty[/FONT]
[FONT=Arial]snmp-server enable traps config[/FONT]
[FONT=Arial]snmp-server enable traps envmon fan shutdown supply temperature[/FONT]
[FONT=Arial]snmp-server enable traps bgp[/FONT]
[FONT=Arial]redistribute static[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]route-map ISP1PATH permit 5[/FONT]
[FONT=Arial]match as-path 30[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]route-map ISP1PATH permit 10[/FONT]
[FONT=Arial]match as-path 20[/FONT]
[FONT=Arial]set as-path prepend 00000[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial]route-map SETPATH permit 10[/FONT]
[FONT=Arial]match as-path 10[/FONT]
[FONT=Arial]set as-path prepend 00001[/FONT]
[FONT=Arial]![/FONT]
[FONT=Arial] [/FONT]
[FONT=Arial] [/FONT]
[FONT=Arial]I will appreciate any input to help me solve this problem.[/FONT]