Routing to the Internet

Unanswered Question
Feb 16th, 2009

Hi all,

I am trying to get out to the Internet using a PC that routes through two separate networks (, and it is not happening.

Here is my setup.

Edge Router =

LAN Router G0/0 =

LAN Router G0/1 =

PC =

My PC can ping both interfaces on my LAN Router.

My LAN Router can ping my PC, my Edge Router, and

My PC cannot ping my Edge Router or anything outside of it.

My PC IP settings are as follows:

Default gateway:

My LAN router has the following entry:

Ip route

What am I missing? I was assuming the "Ip route" entry would forward any packets that are destined to somewhere unknown to it's next hop (

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
JamesLuther Mon, 02/16/2009 - 06:58


Are you NATing your internal IP range before the packets leave towards the internet?

Another possibility is that your edge router doesn't have a route back to network. What is the routing table of the edge router?


Richard Burts Mon, 02/16/2009 - 07:34

I agree that NAT is a likely cause of problems in getting to the Internet. But I believe that James has correctly identified the problem as the edge router not having a route back. Especially when the original post includes this:"My PC cannot ping my Edge Router". Ping to the edge router would not need NAT but would need a return route.



Edison Ortiz Mon, 02/16/2009 - 07:39

Well, his LAN router has a public routable IP so NAT can be configured in the LAN router and the Edge router does not need the internal subnet routing information.

oneirishpollack Mon, 02/16/2009 - 07:50

Is it poor methodology from a security standpoint that I did not use a private address on the LAN router, and instead used a public address that is in the public IP scope of my LAN?

I am just trying to setup a test network, and learn a little more about routing.

Edison Ortiz Mon, 02/16/2009 - 07:57

It's not about security - it all depends how far out you want to extend your internal subnet information.

You have not provided much information about your topology but based on the initial post, I assumed your LAN router was yours and the Edge router was ISP owned.

Often, the ISP manages their own router and provides the customer with public IP addresses to assign to their routers.

If you have that scenario, then the NAT must be performed in your LAN router - which is the router with non-routable private subnet along with routable public subnet - instead of the Edge router which based in your post has public IP addressing on both interfaces.




oneirishpollack Mon, 02/16/2009 - 07:37

Sorry, I am very much a novice....

I added the following route on the edge router:

ip route

Now I DO receive a reply from the edge router to my PC.

The natting aspect eluded me all together. Just to verify, I am going to NAT everything from the to the address, correct?

Richard Burts Mon, 02/16/2009 - 07:48


You do not need to NAT traffic to the but you need to NAT traffic that will go out to the Internet.



JamesLuther Tue, 02/17/2009 - 03:52


You need to NAT the source address of internal traffic behind IP It should be something like this

ip access-list 10


ip nat inside source list 10 interface g0/0 overload


interface g0/0

ip nat outside

interface g0/1

ip nat inside

I hope this helps




This Discussion