12-10-2007 03:13 PM - edited 03-03-2019 07:52 PM
Hello,
I have a routing question that I need help with. Here's how my network is set up:
AT&T DSL modem Ethernet interface configuration:
71.140.32.23
255.255.255.248
Cisco VPN 3002 hardware client Ethernet interface (public) configuration:
71.140.32.24
255.255.255.248
Cisco VPN 3002 hardware client Ethernet interface (private) configuration:
10.6.10.1
255.255.255.0
There is an Ethernet cable between âAT&T DSL modem Ethernet interfaceâ and âCisco VPN 3002 hardware client Ethernet interface (public).â
There is a computer âHost Aâ connected to âCisco VPN 3002 hardware client Ethernet interface (private)â with IP 10.6.10.2
Problem:
From âHost Aâ I cannot ping 71.140.32.23 (or any public IPs). However, I can ping 71.140.32.24
(From Cisco VPN 3002 client, I can ping 71.140.32.23 or any public IPs.)
Is there anything that I am missing? Should I add a static route somewhere?
Thank you for your help.
Regards
12-10-2007 05:05 PM
No, you need to configure NAT so private IP addresses can communicate with public IP addresses.
12-10-2007 09:31 PM
Congrats Edison for your new badge.
12-11-2007 07:13 AM
Thanks Narayana :)
12-11-2007 12:52 AM
Hi All
Can I just ask a question here please?
On the AT&T DSL modem Ethernet interface you mention that the IP address is 71.140.32.23/29 and the Cisco VPN 3002 clients Ethernet interface has an IP address of 71.140.32.24/29.
Using the /29 mask of 255.255.255.248 is the IP address of the DSL modem not the broadcast IP address of that subnet and the IP address assigned to the Cisco VPN 3002 not the subnet number of the next subnet? as the /29 mask provides a subnet block size of 8.
So the subnets would be
71.140.32.0-71.140.32.7
71.140.32.8-71.140.32.15
71.140.32.16-71.140.32.23
71.140.32.24-71.140.32.31
...
...
...
71.140.32.248-71.140.32.255
I don't understand how these IP addresses are assigned to interfaces, or am I missing something?
Best Regards,
Michael
12-11-2007 12:57 AM
Hi Michael
No i don't believe you are missing anything. You are quite right as far as i can see .23 is a broadcast address and .24 is the next network address.
Jon
12-11-2007 07:12 AM
Good catch Michael. I wonder if the OP was masking the real addresses and made that mistake on posting.
12-11-2007 04:57 PM
Hello All,
Thannk you for your replies. Michael is right, I didn't use the real IPs and should have added a note for this when I posted the initial question.
I am out for vacation for this week so I am unable to do the testings. I am new to Cisco & networking so I have a few questions and hoope you can help me with:
1). Why should I enable NAT? Shouldn't NAT be automatically configured so traffics initiated from inside the network can be routed out to the Internet? If I need to configure a Cisco router, say 2610, do I need to enable NAT too? and should I always do this?
1.5). Should I enable NAT, in this case, in the Cisco VPN 3002 device?
2). Is there a general rule when I should add a "default route" in this format: "ip route 0.0.0.0 0.0.0.0 167.233.245.23" ? Where is default route normally put at - in the gateway, or a another router/host behind the gateway?
3). the reason I use VPN 3002 in this case is becasue I need to set up a Cisco WiFI AP. I got this VPN 3002 free from a friend so I don't have to invest on buying a router or build a software-based routing host. Is VPN 3002 capable of routing at all? I am not using it to connect to a VPN Concentrator at all. I am leaving it as a stand-alone unit serving for routing purpose only. Am I making a silly move here?
Thank you very much for your advice!
Kind regards,
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: