Routing help

Unanswered Question
Oct 3rd, 2008

I have a new private line T1 between two locations. Router 1 has a Serial ip address of 10.10.10.1/29 and Router 2 has a Serial ip address of 10.10.10.2/29. Location A which is the home location has a local LAN of 192.168.0.0/16 and has an upstream router with an address of 192.168.1.90 that actually sends traffic to the Internet. Location B has a LAN of 172.25.0.0/16. I have setup routes both directions and I'm unable to get to the Internet from location B. If a device in Location A has their default gw set to the Router 1 (192.168.255.254) then they can ping Location B devices. Location B devices can only ping location A devices if there gateway has been set to the Router 1 ip address. I have posted my current configs of both routers. Thanks in advance.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Fri, 10/03/2008 - 12:04

Hello Jerrod,

all the internal IP addresses you are using are private addresses RFC1918.

you need to modify the NAT config on the router connecting to the internet so that also hosts with ip address in subnet 172.25.0.0/16 are translated like devices in net 192.168.0.0/16

After this is done devices in siteB will be able to access the internet if you add also a default static route on r2 pointing to r1.

the router facing the internet needs also a static route for net 172.25.0.0/16 in order to be able to send return packets

if you like post a cleaned version of config on router facing internet to get better help

remove all public ip addresses and passwords usernames.

Hope to help

Giuseppe

jstewart33 Fri, 10/03/2008 - 13:31

Thank you for your response. The router that is directing traffic destined for the Internet I'm not in control of and I know for sure that it isn't a Cisco router. I have contacted the admin for it and asked him to make appropriate changes.

With my current configuration of R2, why am I unable to ping addresses in our home site. I would think because I have a route statement of 192.168.0.0 255.255.0.0 10.10.10.1 on Router2, that computers in the branch site should be able to hit the home site lan. I figure that once packets are received in Router1 since it's FE0/0 has an IP of 192.168.255.254 that it would be a directly connected route. Thus it should know how to reach anything on the 192.168.0.0/16. Is my logic not correct?

Thank you.

jstewart33 Mon, 10/06/2008 - 06:43

I am still needing help with this issue. I have racked my brain all weekend long on this and I have not come up with a good reason why I cannot ping machines on the 192.168.0.0/16 if it's directly connected to Router1. I'm at a loss as to why this won't work. Thank you for your help.

Question - can devices that connect to router 2 talk to devices that connection to router 1?

can devices that connect to router 1 talk to devices that connection to router 2?

From the source address of the router 2 LAN interface 172.25.255.254 - can it ping 192.168.1.90 and get a repsonse?

The upstream device 192.168.1.90 - does it know about the 172.25.255.0 network via 192.168.255.254?

Is there a relevant NAT statement in the upstream router to also NAT traffic from 172.25.255.0 ?

Also your IP addressing scheme should be revised. Are you actually using 500+ IP addresses on the LAN's on router 1 & 2, if not - I would be more specific from /16 to /24 and change the routes accordingly.

HTH>

jstewart33 Mon, 10/06/2008 - 07:24

Question - can devices that connect to router 2 talk to devices that connection to router 1?

A: Only when the devices have have changed there default gateway to point to router 1.

Q: can devices that connect to router 1 talk to devices that connection to router 2?

A: This is the same as above. When I change the gateway on the machine to router1 then I get end-to-end connectivity between the device on the 192.16.0.0/16 and the 172.25.0.0/16.

Q: The upstream device 192.168.1.90 - does it know about the 172.25.255.0 network via 192.168.255.254?

A: No it doesn't. I have a request in to get that changed.

Q: Is there a relevant NAT statement in the upstream router to also NAT traffic from 172.25.255.0 ?

A: No.

Comment: Also your IP addressing scheme should be revised. Are you actually using 500+ IP addresses on the LAN's on router 1 & 2, if not - I would be more specific from /16 to /24 and change the routes accordingly.

Thanks for the suggestion. I changed it to 172.25.255.0/24 in the branch location.

I have another question. I understand the router upstream doesn't know about the 172.25.255.0/24 in the branch location. If I translated 172.25.255.0/24 address into a 192.168.0.0/16 on router1 then could I get around having to go upstream to the router that's out of my control. Would this be an acceptable solution? I am also wondering why machines have to change there gateway to point to router1 for devices in the 172.25.255.0/24 network to ping them. I'm assuming that there is no return path for ICMP unless it is pointing to Router1.

Thank you.

What is the subnet mask configured on the machines?

For site 2 = router 2

Having a default gateway of the router interface in the local machines should be enough. if the subnet mask is correct - if not, enable proxy arp in the LAN interface. Your ip subnet mask on the router and the LAN machines has to match.

Once the DG is configured - ALL traffic NOT on 172.25.255.0/24 net will be passed onto rt2. once rt2 recevies the traffic - it should have a default route pointing to rt 1 etc.

You could NAT in rt1 the 172.25.255.0/25 network to a local IP address which would make more sense that natting it to the 10 address for the serial link. That particular NAT could be a bit tricky - but generally it should work OK.

Th fact that devices connected to rt 2 cannot ping devices to rt1 - indicates a basic routing issue. Again look at your subnet masks, and if you can;t change them - try enabling proxy arp.

HTH>

jstewart33 Mon, 10/06/2008 - 12:52

I believe that my problem is that both Router1 and my upstream router are on the same 192.168.0.0/16. Is this correct? So I'm assuming the correct way to deal with this and not cause any issues is to put router1 on a different network and add the new networks to the upstream router.

Thanks!

Attachment: 

Actions

This Discussion