cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
671
Views
4
Helpful
10
Replies

Routing to the Internet

oneirishpollack
Level 1
Level 1

Hi all,

I am trying to get out to the Internet using a PC that routes through two separate networks (10.1.13.0, 162.105.72.0) and it is not happening.

Here is my setup.

Edge Router = 162.105.72.1/24

LAN Router G0/0 = 162.105.72.14/24

LAN Router G0/1 = 10.1.13.1/24

PC = 10.1.13.30/24

My PC can ping both interfaces on my LAN Router.

My LAN Router can ping my PC, my Edge Router, and www.yahoo.com.

My PC cannot ping my Edge Router or anything outside of it.

My PC IP settings are as follows:

10.1.13.30/24

Default gateway: 10.1.13.1

My LAN router has the following entry:

Ip route 0.0.0.0 0.0.0.0 162.105.72.1

What am I missing? I was assuming the "Ip route 0.0.0.0 0.0.0.0 162.105.72.1" entry would forward any packets that are destined to somewhere unknown to it's next hop (162.105.1.1).

10 Replies 10

Edison Ortiz
Hall of Fame
Hall of Fame

Did you configure NAT?

__

Edison.

JamesLuther
Level 3
Level 3

Hello,

Are you NATing your internal IP range 10.1.13.0/24 before the packets leave towards the internet?

Another possibility is that your edge router doesn't have a route back to 10.1.13.0/24 network. What is the routing table of the edge router?

Regards

I agree that NAT is a likely cause of problems in getting to the Internet. But I believe that James has correctly identified the problem as the edge router not having a route back. Especially when the original post includes this:"My PC cannot ping my Edge Router". Ping to the edge router would not need NAT but would need a return route.

HTH

Rick

HTH

Rick

Well, his LAN router has a public routable IP so NAT can be configured in the LAN router and the Edge router does not need the internal subnet routing information.

Is it poor methodology from a security standpoint that I did not use a private address on the LAN router, and instead used a public address that is in the public IP scope of my LAN?

I am just trying to setup a test network, and learn a little more about routing.

It's not about security - it all depends how far out you want to extend your internal subnet information.

You have not provided much information about your topology but based on the initial post, I assumed your LAN router was yours and the Edge router was ISP owned.

Often, the ISP manages their own router and provides the customer with public IP addresses to assign to their routers.

If you have that scenario, then the NAT must be performed in your LAN router - which is the router with non-routable private subnet along with routable public subnet - instead of the Edge router which based in your post has public IP addressing on both interfaces.

HTH,

__

Edison.

Sorry, I am very much a novice....

I added the following route on the edge router:

ip route 10.1.13.0 255.255.255.0 162.105.72.14

Now I DO receive a reply from the edge router to my PC.

The natting aspect eluded me all together. Just to verify, I am going to NAT everything from the 10.1.13.0 to the 162.105.72.14 address, correct?

Kelly

You do not need to NAT traffic to the 162.105.72.14 but you need to NAT traffic that will go out to the Internet.

HTH

Rick

HTH

Rick

Lookup RFC-1918!

:-)

Hello,

You need to NAT the source address of internal traffic behind IP 162.105.72.14. It should be something like this

ip access-list 10 10.1.13.0 0.0.0.255

!

ip nat inside source list 10 interface g0/0 overload

!

interface g0/0

ip nat outside

interface g0/1

ip nat inside

I hope this helps

Thanks

James

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: