cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
525
Views
0
Helpful
7
Replies

Simple Question with Routing

davidwins
Level 1
Level 1

Hello,

I have a routing question that I need help with. Here's how my network is set up:

AT&T DSL modem Ethernet interface configuration:

71.140.32.23

255.255.255.248

Cisco VPN 3002 hardware client Ethernet interface (public) configuration:

71.140.32.24

255.255.255.248

Cisco VPN 3002 hardware client Ethernet interface (private) configuration:

10.6.10.1

255.255.255.0

There is an Ethernet cable between “AT&T DSL modem Ethernet interface” and “Cisco VPN 3002 hardware client Ethernet interface (public).”

There is a computer “Host A” connected to “Cisco VPN 3002 hardware client Ethernet interface (private)” with IP 10.6.10.2

Problem:

From “Host A” I cannot ping 71.140.32.23 (or any public IPs). However, I can ping 71.140.32.24

(From Cisco VPN 3002 client, I can ping 71.140.32.23 or any public IPs.)

Is there anything that I am missing? Should I add a static route somewhere?

Thank you for your help.

Regards

7 Replies 7

Edison Ortiz
Hall of Fame
Hall of Fame

No, you need to configure NAT so private IP addresses can communicate with public IP addresses.

Congrats Edison for your new badge.

Thanks Narayana :)

keeleym
Level 5
Level 5

Hi All

Can I just ask a question here please?

On the AT&T DSL modem Ethernet interface you mention that the IP address is 71.140.32.23/29 and the Cisco VPN 3002 clients Ethernet interface has an IP address of 71.140.32.24/29.

Using the /29 mask of 255.255.255.248 is the IP address of the DSL modem not the broadcast IP address of that subnet and the IP address assigned to the Cisco VPN 3002 not the subnet number of the next subnet? as the /29 mask provides a subnet block size of 8.

So the subnets would be

71.140.32.0-71.140.32.7

71.140.32.8-71.140.32.15

71.140.32.16-71.140.32.23

71.140.32.24-71.140.32.31

...

...

...

71.140.32.248-71.140.32.255

I don't understand how these IP addresses are assigned to interfaces, or am I missing something?

Best Regards,

Michael

Hi Michael

No i don't believe you are missing anything. You are quite right as far as i can see .23 is a broadcast address and .24 is the next network address.

Jon

Good catch Michael. I wonder if the OP was masking the real addresses and made that mistake on posting.

Hello All,

Thannk you for your replies. Michael is right, I didn't use the real IPs and should have added a note for this when I posted the initial question.

I am out for vacation for this week so I am unable to do the testings. I am new to Cisco & networking so I have a few questions and hoope you can help me with:

1). Why should I enable NAT? Shouldn't NAT be automatically configured so traffics initiated from inside the network can be routed out to the Internet? If I need to configure a Cisco router, say 2610, do I need to enable NAT too? and should I always do this?

1.5). Should I enable NAT, in this case, in the Cisco VPN 3002 device?

2). Is there a general rule when I should add a "default route" in this format: "ip route 0.0.0.0 0.0.0.0 167.233.245.23" ? Where is default route normally put at - in the gateway, or a another router/host behind the gateway?

3). the reason I use VPN 3002 in this case is becasue I need to set up a Cisco WiFI AP. I got this VPN 3002 free from a friend so I don't have to invest on buying a router or build a software-based routing host. Is VPN 3002 capable of routing at all? I am not using it to connect to a VPN Concentrator at all. I am leaving it as a stand-alone unit serving for routing purpose only. Am I making a silly move here?

Thank you very much for your advice!

Kind regards,

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: