Routing between 3 Routers

Unanswered Question
Sep 16th, 2008

Sir,

We have 3 routers,One is at My location(Hyderabad) ,other at Mumbai(Remote),one more at client place name is CDSL.

1. Hyderabad to Mumabai is connected via

2 Mbps Serial cable ,Ip addresses are

192.168.2.X -My End

192.168.2.X -Mumbai End

2.From Mumbai to CDSl connected through Lan Interface using Cross Cable.

Ip addresses are 10.155.132.2 -Mumabi End,10.155.132.1 -CDSL End.

3.In Hyderabad Router We are given Route to 10.155.132.0/24 with gateway as 192.168.2.X (Static route in Hyderabad routerwith gateway is Mumbai Wan-ip)

4.in Mumbai Router we are Patted 172.16.25.0/24(this is Hyderabad Network) with 10.155.132.10/255.255.255.255

5.When i am testing From My location 172.16.25.x (PC Ip) to 10.155.132.1 it is not pinging but i am able to ping 10.155.132.2.

6.i made accesslist in CDSL Router

access-list 101 permit any any. Eventhough it is not pinging From My pc to 10.155.132.1.

Pls Suggest if Any thing else

Tnks

Ramu

Netsupport Gr

CMC Ltd

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Calin Chiorean Tue, 09/16/2008 - 00:37

Hello!

The problem is that your CDSL router (10.155.132.1) does not know through were to sent back packets to your 172.16.25.x PC.

You can reach 10.155.132.2 because it's on the same router with 192.168.2.x which you set as next hop on Hyderabad for 10.155.132.0/24.

Try the following on CDSL.

ip route 172.16.25.0 255.255.255.0 10.155.132.2

and see if it is working.

at point 4 I don't understand why you have Patted the traffic.

Also I would advice some routing protocols in this topology, if it is possible

Good luck!

Cheers,

Calin

ramu.chichula Tue, 09/16/2008 - 00:42

Thank u Sir,

I will do that,Is it requires any Access list in CDSL router ?

Ex : access-list 101 permit ip any any

Pls Let me know

Tnks

Ramu

Netsupport Gr

Calin Chiorean Tue, 09/16/2008 - 00:48

Hi!

You need a permit access-list only if you have another access-list that is dropping packets. If not, you do not need an access-list.

Anyway, in the test phase I recommend not to use access-list.

Good luck!

Cheers,

Calin

ramu.chichula Tue, 09/16/2008 - 00:55

Sir,

Actually my Network ie 172.16.25.x is Patted with 10.155.132.100 in Mumbai Router,so Is it requires Static route in CDSL Router?

ie ip route 172.25.0.0 255.255.0.0 10.155.132.2.

Is CDSL router should know abt 172.16.25.X network?)

Pls clarify me clearly as im in little bit confusion.

Tnks

Ramu

Netsupport gr

Calin Chiorean Tue, 09/16/2008 - 01:24

Hello!

I saw that your network is patted, but this is wrong. You cannot NAT/PAT a locat subnet over 2 hops in the WAN. In your network you can NAT/PAT 172.16.25.x with 192.168.2.x the most.

Otherwise, if what you did would be possible I would NAT my private IP throuth CISCO.com IP :)

So, take out that NAT, because I will not work, as your natted subnet and NAT interface are in different LANs.

Cheers,

Calin

Calin Chiorean Tue, 09/16/2008 - 02:06

Hi!

You have to do routing. There is no need for PAT/NAT there as you do not need public IP address.

You can do static routing or dynamic.

Tell me if you understood or you need a sample configuration for your topology!

Cheers,

Calin

ramu.chichula Tue, 09/16/2008 - 02:27

Tnks for your Valuble Support,

Pls Give Sample Configuration as today only

I am going to testing and have to confirm the result also.

FYI, From CDSL Router to One more router (i.e also Client Place)has connected,there only the Servers are located.,in that router ,they allowed 10.155.132.X network only.That is the reason we are Patting with 10.155.132.10 Ip .Actually 5 PC'c(172.16.25.X) have to access that CDSL other end servers.

Pls Provide Solution accordingly as above.If any thing else pls let me know.

Tnks

Ramu

Netsupport Gr

Calin Chiorean Tue, 09/16/2008 - 03:32

Hello!

Ramu, we are starting from one problem and reach another one :).

Please check the attach. It this your network?

I believe it is. You said that you are having problem reaching 10.155.132.1 from 172.16.25.0/24.

Simplest solution with static routing:

on Hyderabad:

ip route 10.155.132.0 255.255.255.0 192.168.2.x

where x is the interface of Mumbai router

on CDSL

ip route 172.16.25.0 255.255.255.0 10.155.132.2

Now you will be able to access the router CDSL with ping, telnet, whatever from your subnet 172.16.25.0/24

Now you are telling me about another router connected to CDSL router (the one with interrupted line in drawing) that is accepting connection only from 10.155.132.0/24.In this case you have to ask them to accept the connection from your subnet 172.16.25.0/24 or you depending on the traffic (telnet, ssh, ping) you can access this router from your CDSL router. The NAT/PAT that you have done will never work in such way.

Please tell me if you understood and rate this posts if you find something useful.

Cheers,

Calin

Attachment: 
ramu.chichula Tue, 09/16/2008 - 06:37

Sir,

Exactly Same scenario in the attachment,we dont have CDSL other end ,we already informed them,but they said only 10.155.132.X network only allowed.

Im getting slowly about this.Is there any worked solution to resolve ,our aim is to access CDSL other end servers with 172.16.25.x systems.

Tnks

Ramu

Netsupport Gr

ramu.chichula Tue, 09/16/2008 - 07:09

Sir,

Pls give the needful things to resolve the issue as we dont have the access of other end router of the CDSL router.Upto CDSL router i have the access.After that i dont have.

My aim is to send traffic upto CDSl router.

Tnks

Ramu

Netsupport Gr

CMC lTd

ramu.chichula Tue, 09/16/2008 - 20:36

Sir,

Pls do the needful.It will be helpful to resolve this issue.

Regards

Ramu

Netsupport Gr

ramu.chichula Tue, 09/16/2008 - 21:29

Sir,

How can i get access through 10.155.132.X network through 172.16.25.X without patting

Calin Chiorean Wed, 09/17/2008 - 00:56

If the administrators of 10.155.132.x/24 allow you access from 172.16.25.x/24 there will be no problem accessing this subnet. Your problem is actually that 10.155.132.x/24 is blocking everything except their own subnet. In this case you cannot do anything else that access the subnet locally.

I repeat myself that you cannot NAT a 172.16.25.x IP to 10.155.132.x IP with your topology.

Cheers,

Calin

ramu.chichula Wed, 09/17/2008 - 01:10

Thank u sir. Sorry for troubling u these 2 Days. I learned so much from this Convesation.

But my work is still on pending.

At last any solution ????

Tnk u very much.

Regards

Ramu

Calin Chiorean Wed, 09/17/2008 - 01:18

Hi!

If you learned and it was useful please rate this conversation :)

What can I say, technically speaking if the administrators will not give you permission to access 10.155.132.x/24 from your network, you will not be able to do it.

You are saying here that you need access on 10.155.132.x from your subnet, but you did not specified what kind of traffic do you need to do. If it's only administration you can do directly from the CDSL router with telnet, ssh to another router in 10.155.132.x

If it is another type of traffic, then I don't see the point of locking 10.155.132.x to the outside and then asking you to connect there.

Cheers,

Calin

ramu.chichula Wed, 09/17/2008 - 01:30

Hi sir,

In 10.155.132.X network ,there are some servers to access from 172.16.25.x PCS.But in between 2 routers are there.But our aim is

to get traffic upto 10.155.132.1(Cdsl router One interface,which is our under,we can access like telnet and ssh),After that router that is not our under.That is in client End.They are allowed 10.155.132.X traffic only.

Tnks

Ramu

Netsupport Gr

Actions

This Discussion