Make a different subnet traverse routers?

Answered Question
Sep 12th, 2008

Hello all,

I have a question about how to get a different subnet to cross routers.

Basically I have a device on the inside of the main router that uses 10.41.4.65 subnet 255.255.255.192. It is setup that only devices in its same subnet are allowed to talk to it. So on the PCs on the inside of the main router we simply gave them secondary IPs in the 10.41.4.64/26 subnet and put route statements on them to point to the 10.41.4.65 device for the network on the other side of it. No problem works like a champ.

The problem comes when we have 4 PCs at different locations (2 at one location 2 at another) that all have to come through there own routers that connect to the main router and need to have the same functionality as the PCs on the inside of the main router.

Clear as mud? Please any assistance is appreciated.

I am attaching a drawing of the current settings.

I have this problem too.
0 votes
Correct Answer by Ryan Carretta about 8 years 4 months ago

You need either:

1.) 802.1Q tunneling over a layer-2 cloud

2.) L2TPv3 over a layer-3 cloud

3.) MPLS VPN over a layer-3 cloud

Any of these will do the job for you. #1 is the least complex and probably the easiest to configure. Similarly, #3 is the most complex, and probably the hardest to configure, but is also the most capable.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
simontibbitts Sat, 09/13/2008 - 06:30

Hello.

What about using static NAT on your main router?

This will translate your remote host source addresses to addresses in the 10.41.4.64/26 subnet, so by the time they packets get to the 'device' they will have a source address which appears to be in the same subnet. The route then just translates them back on the return path. The configuration would look something like this

interface FastEthernet0/0

description Network to 10.41.4.65

ip nat outside

!

interface FastEthernet0/1

description Network with remote hosts

ip nat inside

!

ip nat inside source static 10.x.x.x 10.41.4.80

ip nat inside source static 10.x.x.x 10.41.4.81

Where 10.x.x.x are the IPs of your remote hosts.

Simon

dirkmelvin Wed, 09/17/2008 - 12:59

I tried this and it didn't work. I've done this with other installs, but they weren't quite like this one.

Still clueless about how to fix it, but we got a work around (netmotion).

Correct Answer
Ryan Carretta Sun, 09/14/2008 - 00:14

You need either:

1.) 802.1Q tunneling over a layer-2 cloud

2.) L2TPv3 over a layer-3 cloud

3.) MPLS VPN over a layer-3 cloud

Any of these will do the job for you. #1 is the least complex and probably the easiest to configure. Similarly, #3 is the most complex, and probably the hardest to configure, but is also the most capable.

Actions

This Discussion