Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
350
Views
3
Helpful
4
Replies

Routing Issue

Go to solution
jmoss1
Level 1
Level 1

‎07-01-2008 04:49 AM - edited ‎03-05-2019 11:55 PM

Hi, I have a 871 router which has a tunnel back to HQ. I want to force some traffic to go straight out onto the internet rather than through the tunnel

The routes currently are simply as follows: -

ip classless

ip route 0.0.0.0 0.0.0.0 Tunnel11

ip route 10.128.6.0 255.255.255.0 10.217.106.129

I want to add ip route 155.231.80.0 255.255.255.0 10.217.106.129

When I add the route I cannot get access to the address from the client machines

A ping works fine from the router but if you specify the source IP address as the LAN address 10.213.124.33 then it fails

What am I missing/doing wrong?

Cheers

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to Collin Clark

‎07-01-2008 11:03 AM

I believe that Collin is on the right track. But I think that we may be able to focus the issue a bit more. If I understand the context of the issue correctly from jonathan the existing environment is that all traffic has been tunneled back to HQ. In this situation there is no need to translate any addresses. But now he wants to route some traffic directly to a destination rather than tunnel it to HQ. In that situation address translation is required and I suspect that no address translation is configured. (and if there is no translation then the traffic is routed out with private addresses as the source address - and Collin's question about a route back to you is right on the mark).

So configure address translation for the traffic being directly routed (but not for traffic going through the tunnel). Give it a try and let us know if it fixes your problem.

HTH

Rick

HTH

Rick

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Collin Clark
VIP Alumni
VIP Alumni

‎07-01-2008 05:11 AM

Does the remote end have a route back to the client subnet? Does the ping fail if you source it from the LAN side interface of the router?

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to Collin Clark

‎07-01-2008 11:03 AM

I believe that Collin is on the right track. But I think that we may be able to focus the issue a bit more. If I understand the context of the issue correctly from jonathan the existing environment is that all traffic has been tunneled back to HQ. In this situation there is no need to translate any addresses. But now he wants to route some traffic directly to a destination rather than tunnel it to HQ. In that situation address translation is required and I suspect that no address translation is configured. (and if there is no translation then the traffic is routed out with private addresses as the source address - and Collin's question about a route back to you is right on the mark).

So configure address translation for the traffic being directly routed (but not for traffic going through the tunnel). Give it a try and let us know if it fixes your problem.

HTH

Rick

HTH

Rick
0 Helpful

Go to solution
jmoss1
Level 1
Level 1
In response to Richard Burts

‎07-01-2008 11:55 AM

Hi Rick, your bang on the money it is a translation issue, no NAT is configured

Thanks for your help!

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to jmoss1

‎07-01-2008 12:09 PM

jonathan

I am glad that my suggestion did help point you in the direction so that you could resolve your problem. Thank you for using the rating system to indicate that your problem was solved (and thanks for the rating). It makes the forum more useful when people can read about a problem and can know that there was a response which did lead to a solution for the problem.

The forum is an excellent place to learn about Cisco networking. I encourage you to continue your participation in the forum.

HTH

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card