I have two locations connected with two Cisco 861 routers. They are connected using a bridge. The subnet is the same 192.168.100.x.The routers are on E-line connection from provider.
Location A is the main (has the internet connection and the main switch and router) and location B is the secondary location, it has just few PCs and a switch. Everything is working fine for few years now.
A couple of days ago I changed some PCs in locations B with newer ones. Before I connected them in location B, I configured them in location A (join domain ..etc), for some reason the traffic from/to these PCs do not pass the bridge. I connected new PC(not configured) in location B directly and it worked fine, so only the PCs that were connected in location A then moved to location B are blocked. I changed IPs and it's the same issue,. I suspected a MAC address problem so I checked the MAC table on the router in Location B and it has the correct association but still no traffic.
New PCs in location can PING each others and other old PCs in the same location but can not PING devices in location A, and vise versa.
version 15.0 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname SecondaryRouter ! boot-start-marker boot-end-marker ! enable secret 5 $1$LUD8$FHa3UHfIvd9QsiiCe4JLS1 ! no aaa new-model memory-size iomem 10 ! ! ip source-route ! ! ! ! ip cef ! ! license udi pid CISCO861-K9 sn FCZ1510918C ! ! ! ! ! ! ! bridge irb ! ! ! ! interface FastEthernet0 ! interface FastEthernet1 ! interface FastEthernet2 ! interface FastEthernet3 ! interface FastEthernet4 no ip address duplex auto speed auto ! interface FastEthernet4.1 encapsulation dot1Q 2 bridge-group 1 ! interface Vlan1 no ip address bridge-group 1 ! interface Vlan10 no ip address ! interface BVI1 ip address 192.168.100.151 255.255.255.0 ! ip forward-protocol nd no ip http server no ip http secure-server ! ! ! control-plane ! bridge 1 protocol ieee bridge 1 route ip ! line con 0 no modem enable line aux 0 line vty 0 4 password xxxxxx login ! scheduler max-task-time 5000 end
I forgot to say, that I cleared the MAC tables on both 861 routers and took off the power from all switches, and still have the same problem -------- I deleted the ARP cache and still the same, now the two PCs can ping and get pinged by all other devices on network B, the problem caused by Kaspersky. So, the real problem must be in network A, because I change the switch in network B and connected only the two PCs and the Cisco router and still the same problem. I also cleared the ARP cache in a PC in network A, then I used this PC to ping these two PCs in network B, even though I did not get a ping reply, the ARP cache in the PC in the network A, got populated with the correct MAC addresses of these two PCs, so there is some kind of traffic but not full, any ideas? Thank you in advance HK
