When a router isn’t functioning, here are some steps to perform to eliminate basic faults as the source of trouble:
• Physical Layer Stuff: Check power issues. Look for power lights, check plugs, and circuit breakers.
• Check the Interfaces: Use the command show ip interface brief or show ipv6 interface brief to ensure that desired interfaces are up and configured properly.
• Ping the Neighbors: Use the ping and trace commands to check for connectivity.
• Check the Routing Table: Use the show ip route or show ipv6 route command to find out what the router knows. Is there either an explicit route to the remote network or a gateway of last resort?
Is there a Firewall on the Computer? If the problem involves a computer, check to ensure that its firewall is not blocking packets. I’ve encountered computers at client locations that had two firewalls in operation without the client’s knowledge. (They had the Windows firewall enabled, plus they had installed a VPN client that included a firewall which was also enabled. The giveaway was that the computer in question could see other network devices, but none of them could see the computer in question. We disabled the Windows firewall for troubleshooting and still no love. That was when I started looking for another firewall.)
Any Access Lists? If the above steps don’t resolve the issue, check for access-control lists that block traffic. As you will learn in the section on access-control lists, there is an implicit “deny any” at the end of every access-control list, so even if you don’t see a statement explicitly denying traffic, it might be blocked by an implicit “deny any.”
Is the VPN Up? If a VPN is part of the connection, check to ensure that it is up. Use the show crypto family of commands to check VPN connections. With VPN connections, each end of the connection must mirror the other. For example, even something as seemingly inconsequential as a different timeout value or a different key lifetime can prevent a connection.
Do the Protocols Match? If you are trying to gain remote access to a server, ensure that it supports the protocol you’re attempting to use. For example, if the router hasn’t been configured to support SSH and you use the default settings in PuTTY which call for SSH, you won’t be able to connect. Also, some admins change the default port numbers, so you may expect to use port 22 with SSH, but the admin may have configured it to use a non-standard port.
Check for Human Error: User errors can also be the source of errors. Check to ensure that correct usernames and passwords are being used, that you and the admin on the other end of the connection are using the same network addresses and matching subnet masks.
Verify Settings: Do not make assumptions. Verify everything!
Often, by using the above steps, you can solve the problem. If that doesn’t do it, then proceed to more advanced show and debug commands to isolate the problem.
If problem still occurs then contact our cisco router Technical Support at 1-800-953-0960.