12-14-2009 11:39 AM - edited 03-04-2019 06:58 AM
initially i had a mgt router with an ip address of 192.168.119.250. I was unable to telnet to it from my desktop which sits on another subnet
I was however able to telnet to it from the gw. When i logged into the router i noticed the default gateway was missing.
So I added that and was able to telnet to it remotely
My question is however,
This..
I have a snmp server in a subnet.......I also have a Border router that connets directly to our ISP.
I was able to pull snmp information from it using an ip address on it that is connected to our fw.
My question is...
Since there is no routing information on the border router itself to my internal network...how was the traffic able to return?
here is the routing informaion
the snmp host is 10.11.13.234
R1.T1#sh ip route 10.11.13.234
% Network not in table
R1.T1#
BR1.CLT1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
router bgp 1xxxx7
no synchronization
bgp log-neighbor-changes
network 6x.2xx.xx6.0 mask 255.255.252.0
redistribute connected
redistribute static
neighbor 65.xx3.xx6.2 remote-as 1xxxx7
neighbor 1x7.xxx.xx.173 remote-as 7xxx
neighbor 2x9.xxx.xxx.253 remote-as xxxx9
neighbor 2x9.xx9.xx.xx3 password xxxxq
neighbor 2x9.xx.xx.53 ebgp-multihop 6
neighbor 2x9.xx.16.x53 prefix-list to-7xx9 out
no auto-summary
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
65.xxx.xxx.2 4 19657 1609169 2533617 151819621 0 0 7w3d 124042-----connected to our fw
1x7.xxx.xx.173 4 701 2898768 1016682 151819611 12 0 7w1d 299994------internet link
2xx.xx.xx.xx53 4 7349 12506458 345419 151819611 9 0 31w2d 302063--secondary internet link
Solved! Go to Solution.
12-14-2009 11:44 AM
nygenxny123 wrote:
initially i had a mgt router with an ip address of 192.168.119.250. I was unable to telnet to it from my desktop which sits on another subnet
I was however able to telnet to it from the gw. When i logged into the router i noticed the default gateway was missing.
So I added that and was able to telnet to it remotely
My question is however,
This..
I have a snmp server in a subnet.......I also have a Border router that connets directly to our ISP.
I was able to pull snmp information from it using an ip address on it that is connected to our fw.
My question is...
Since there is no routing information on the border router itself to my internal network...how was the traffic able to return?
here is the routing informaion
the snmp host is 10.11.13.234
R1.T1#sh ip route 10.11.13.234
% Network not in table
R1.T1#BR1.CLT1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static routeGateway of last resort is not set
router bgp 1xxxx7
no synchronization
bgp log-neighbor-changes
network 6x.2xx.xx6.0 mask 255.255.252.0
redistribute connected
redistribute static
neighbor 65.xx3.xx6.2 remote-as 1xxxx7
neighbor 1x7.xxx.xx.173 remote-as 7xxx
neighbor 2x9.xxx.xxx.253 remote-as xxxx9
neighbor 2x9.xx9.xx.xx3 password xxxxq
neighbor 2x9.xx.xx.53 ebgp-multihop 6
neighbor 2x9.xx.16.x53 prefix-list to-7xx9 out
no auto-summary
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
65.xxx.xxx.2 4 19657 1609169 2533617 151819621 0 0 7w3d 124042-----connected to our fw
1x7.xxx.xx.173 4 701 2898768 1016682 151819611 12 0 7w1d 299994------internet link
2xx.xx.xx.xx53 4 7349 12506458 345419 151819611 9 0 31w2d 302063--secondary internet link
Do you have to go through the firewall to get to the router ?
If so are you Natting/Patting source addresses as they go through the firewall. If you are that may well be the answer because the firewall changes the source address to it's outside interface which your border router knows how to get to.
Jon
12-14-2009 11:44 AM
nygenxny123 wrote:
initially i had a mgt router with an ip address of 192.168.119.250. I was unable to telnet to it from my desktop which sits on another subnet
I was however able to telnet to it from the gw. When i logged into the router i noticed the default gateway was missing.
So I added that and was able to telnet to it remotely
My question is however,
This..
I have a snmp server in a subnet.......I also have a Border router that connets directly to our ISP.
I was able to pull snmp information from it using an ip address on it that is connected to our fw.
My question is...
Since there is no routing information on the border router itself to my internal network...how was the traffic able to return?
here is the routing informaion
the snmp host is 10.11.13.234
R1.T1#sh ip route 10.11.13.234
% Network not in table
R1.T1#BR1.CLT1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static routeGateway of last resort is not set
router bgp 1xxxx7
no synchronization
bgp log-neighbor-changes
network 6x.2xx.xx6.0 mask 255.255.252.0
redistribute connected
redistribute static
neighbor 65.xx3.xx6.2 remote-as 1xxxx7
neighbor 1x7.xxx.xx.173 remote-as 7xxx
neighbor 2x9.xxx.xxx.253 remote-as xxxx9
neighbor 2x9.xx9.xx.xx3 password xxxxq
neighbor 2x9.xx.xx.53 ebgp-multihop 6
neighbor 2x9.xx.16.x53 prefix-list to-7xx9 out
no auto-summary
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
65.xxx.xxx.2 4 19657 1609169 2533617 151819621 0 0 7w3d 124042-----connected to our fw
1x7.xxx.xx.173 4 701 2898768 1016682 151819611 12 0 7w1d 299994------internet link
2xx.xx.xx.xx53 4 7349 12506458 345419 151819611 9 0 31w2d 302063--secondary internet link
Do you have to go through the firewall to get to the router ?
If so are you Natting/Patting source addresses as they go through the firewall. If you are that may well be the answer because the firewall changes the source address to it's outside interface which your border router knows how to get to.
Jon
12-16-2009 08:05 PM
Hi John,
I just did a traceroute from the snmp server..since i am using a public address to pull snmp from-( the router only has 2 ips configured on it..both public ip's).....I get routed to the internet and back to the router in question,,,
However...whats odd is can pull just the basic snmp information -router hostname, IOS version..but not things such and bandwidth utilization
isnt this using the same port?..161?
i believe all outband traffic is free from the internet..and this router is directly connected to the internet.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: