routing between wan and lan on cisco 1811

Unanswered Question
Apr 24th, 2009

i'm setting up a new 1811 and also relatively new to ios.

here's the basic layout:



-> cisco 1811 (fe0 = 38.104.x.x, wan; vlan1 38.111.x.201, lan)


-> firewall (38.111.x.203) -> separate network, servers, etc. (unknown beyond this point)


-> sonicwall (38.111.x.202) -> lan (nat, firewall)

so we're basically setting up the lan side of the cisco to act as the wan side for each of the other routers/firewalls.

my problem is that i can't route out from the lan side as of right now. outbound pings and traceroutes from the 1811 succeed but not from a client attached on the lan side (one of the 1811's switch ports on vlan1).

the routing looks like this:

Gateway of last resort is 38.104.x.97 to network is variably subnetted, 3 subnets, 2 masks

S 38.111.x.0/29 [1/0] via 38.104.x.97

C 38.111.x.200/29 is directly connected, Vlan1

C 38.104.x.96/30 is directly connected, FastEthernet0

S* [1/0] via 38.104.x.97

how can i configure this box to allow inbound and outbound routing? we're not using any filtering or acls on either fe0 or vlan1. it also seems i can't get anywhere without a static route in place as indicated above.

this is probably elementary routing, but i'm unfamiliar with the ios syntax. thanks for any help.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Edison Ortiz Sat, 04/25/2009 - 06:34

While this is not causing a problem, you don't need a static route to the inside:

"S 38.111.x.0/29 [1/0] via 38.104.x.97"

and this static does not fall within your assigned subnet:

"C 38.111.x.200/29 is directly connected, Vlan1"

Can you ping from the 1811 while sourcing from Vlan 1?

If you can't, then I suggest contacting the ISP and make sure they are advertising 38.111.x.200/29 towards the internet.




ninjaexterminator Sat, 04/25/2009 - 17:10

thanks, edison. i'll give them a call.

outbound pings from the 1811 itself work but not from a client on the lan side.

i assume the static routes won't be needed if the isp can take care of the other route advertisement, correct?

Hi Experts.

This is Raja. Im a baby to this field and planning to start a business which is gonna support a application through online, I want to do a network set up for the communication.Its gonna be a 10 node small business.where i want to manage the LAN connection for internet and also the tunneling. can some one suggest me which series of switch , router and firewall will work out my set up. waiting for you experts.. thanks in advance..


This Discussion