×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Route traffic out to Internet on same subnet

Unanswered Question
Jan 14th, 2012
User Badges:

I’m just brainstorming a lab network setup and also studying for an exam and I simply need help to understand something. VERY basic network, no VLANs so I think you experts can answer it easily.


Very basic question: Will the 192.168.1.50 be able to communicate to the Internet?

ip source-redirect and default GW same subnet.png

Correct me if I’m wrong, but aren’t there any security issues I have to consider (ICMP redirect?)


Yes, I know several alternative solutions like static routes on client, changing the topology but the above setup is what I’m wondering about.


Is there any additional things I need to configure on the firewall, router, switch or computer to get the above setup to work if we consider all network devices are Cisco? What commands? Will it probably work in some scenarios when using more basic switches without security features?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (3 ratings)
Loading.
johnlloyd_13 Sat, 01/14/2012 - 05:17
User Badges:
  • Blue, 1500 points or more

Hi Jonas,


The answer is no since the 192.168.1.50 is a private IP address. You would need NAT (try to do a quick Google search) for this to work.


Sent from Cisco Technical Support iPhone App

John Blakley Sat, 01/14/2012 - 05:21
User Badges:
  • Purple, 4500 points or more

You would need to configure nat on the firewall, but other than that everything else looks fine...


The commands will depend on what type of firewall you have.


HTH,

John

jonasbk11 Sat, 01/14/2012 - 05:30
User Badges:

Ah, yes, of course I should have mentioned that NAT is needed in the FW to the Internet.


But there's no need for anything to be configured on the LAN side (switch?) to allow the traffic going from the client to the router to exit on the same interface LAN again to reach the FW?

Richard Burts Sat, 01/14/2012 - 15:30
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Jonas


You have not provided details about what kind of equipment, what models etc, you are dealing with. And there could be exceptions. But in general there is no problem and no special configuration required for a local host to send traffic to its default gateway (192.168.1.1 in this case) and for the gateway to forward the packet to another device (192.168.1.2 in this case) out the same interface.


HTH


Rick

Actions

This Discussion