×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Routing between 2 interfaces

Unanswered Question
Sep 12th, 2005
User Badges:

Hi all,


I have a Cisco 2606 router with 2 ethernet interfaces. One of them is connected to the internet. (IP of internetgateway: 192.168.1.1 255.255.255.0) The other interface is connected to a switch with 8 clients, which are in the network : 192.168.0.0 255.255.255.0) How to make it possible to give the clients access to 192.168.1.1.. which routes do i need and how to enter them (newb :) )


Greetz


Heiko

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
spremkumar Mon, 09/12/2005 - 02:14
User Badges:
  • Red, 2250 points or more

hi


i feel u want to enable/extend the internet connectivity to your clients,if you want to connect all your local lan to the internet and allow them to access the net i would suggest to do simple PAT.


just try this commands under your interface which will enable the local to go out and access the net.


interface fastethernet 0/0

ip address 192.168.1.1 255.255.255.0

ip nat outside


interface fastethernet 0/1

ip address 192.168.0.1 255.255.255.0

ip nat inside


ip nat inside source list 101 interface fastethernet 0/0 overload


access-list 101 permit ip 192.168.0.0 0.0.0.255 any


regds


HGroeschl Mon, 09/12/2005 - 02:54
User Badges:

Thank you for the fast reply!


The problem is, that ethernet0/0 ist connected to an network 192.168.1.0, where another router with 192.168.1.1 is connected to the internet. When I change ethernet0/0 to 192.168.1.1 there would be a conflict :)

Are there other ways to allow the 192.168.0.0 user on 1/0 to use the 192.168.1.1 router which is connected to 0/0 ?


Greetz


spremkumar Mon, 09/12/2005 - 03:03
User Badges:
  • Red, 2250 points or more

Hi


is it possible to post out a small/brief topological figure representing the connectivity of your equipments and also the ip address space being used in them at present?


regds


HGroeschl Mon, 09/12/2005 - 03:21
User Badges:

Yes sure :


Client 1-8 (192.168.0.10-18)

|

|

switch

|

|

Cisco 2606 (1/0 :192.168.0.6,

| 0/0 :192.168.1.6)

|

Internetrouter (192.168.1.1)

|

|

other Clients (192.168.1.10-30)



All have 255.255.255.0 as SN


Client 1-8 want to use the Internetrouter :)


Greetz



spremkumar Mon, 09/12/2005 - 03:33
User Badges:
  • Red, 2250 points or more

hi



is your default route in 192.168.1.6 router pointing towards 192.168.1.1 ? if not do configure the same.


ip route 0.0.0.0 0.0.0.0 192.168.1.1


And also add route for the client ips i.e., host specific routes since u hve got less amount of hosts to be routed 192.168.0.10-18 towards 192.168.1.6 in 192.168.1.1.


ip route 192.168.0.10 255.255.255.255 192.168.1.6

+

+

ip route 192.168.0.18 255.255.255.255 192.168.1.6


regds


Richard Burts Mon, 09/12/2005 - 04:46
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

I agree that there should be a default route on 192.168.1.6 pointing to 192.168.1.1. I am not sure why you suggest a group of host specific routes rather than just having a route like

ip route 192.168.0.0 255.255.255.0 192.168.1.6.

One route is simpler than a group of host specific routes and provides for the possibility that additional hosts may be added to the network at some point.


Or perhaps it would be good to suugest to have a dynamic routing protocol run between the routers to exchange routes?


HTH


Rick

spremkumar Mon, 09/12/2005 - 21:18
User Badges:
  • Red, 2250 points or more

hi rick


I totally agree with your point in adding a static for the whole /24 address space instead of host specific ,Its good that you have pointed out the same ,i thought of avoiding some kinda recursive lookup for the /24 which is not the case here :-) .


regds


HGroeschl Mon, 09/12/2005 - 22:27
User Badges:

Hi all,


I`ve tried to add the routes you suggested, but my

router dont like them... you know why ?


testrouter(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.1

testrouter(config)#ip route 192.168.0.100 255.255.255.0 192.168.1.6

%Inconsistent address and mask

testrouter(config)#ip route 192.168.0.100 255.255.255.255 192.168.1.6

%Invalid next hop address (it's this router)

testrouter(config)#


and


testrouter(config)#ip route 192.168.0.0 255.255.255.0 192.168.1.6

%Invalid next hop address (it's this router)

testrouter(config)#


doesnt work, too :(


here is my config :


interface Loopback0

ip address 192.168.42.1 255.255.255.255

!

interface Ethernet0/0

ip address 192.168.0.1 255.255.255.0

!

interface Ethernet1/0

ip address 192.168.1.6 255.255.255.0

!

router igrp 1

redistribute connected

network 192.168.0.0

!

ip local pool setup_pool 192.168.0.1 192.168.0.3

ip classless

ip route 0.0.0.0 0.0.0.0 192.168.1.1

dialer-list 1 protocol ip permit

dialer-list 1 protocol ipx permit

banner motd ^C


Greetz

spremkumar Mon, 09/12/2005 - 22:34
User Badges:
  • Red, 2250 points or more

hi


As far as default route is concerned you are adding up it on the rite router (192.168.1.6 which has 192.168.0.0 too),but the route for 192.168.0.0/24 has to be added in 192.168.1.1 router and not in your test router (192.168.1.6).

thts basically added for the reverse traffic to come in to the 192.168.0.0 network.

would suggest to edit ur static route statement similar like this and paste it in your 192.168.1.1 rotuer.


ip route 192.168.0.0 255.255.255.0 192.168.1.6


btw with which routers you are running igrp ???

is that between 192.168.1.1 and your router or with something else ?do confirm about that.



regds


HGroeschl Mon, 09/12/2005 - 22:56
User Badges:

Hi again :=)


192.168.1.1 is a cheap netgear router without ios... so i cant add a route :( Is there a possibility to solve my problem another way ?


With the standartroute 0.0.0.0 0.0.0.0 192.168.1.1 on 192.168.1.6 router I can ping 192.168.1.1 from the 192.168.0.x clients :) But internet is not working.. As Gateway/DNS I use 192.168.1.1...


Greetz



spremkumar Mon, 09/12/2005 - 23:34
User Badges:
  • Red, 2250 points or more

Hi


i feel instead of getting more n more complicated , would suggest to configure your cisco box with 192.168.1.1 instead of 1.6.

is it doable ? coz as u said your netgear box may not support whatever other features too if u want work in some of them or to check with.


regds


HGroeschl Mon, 09/12/2005 - 23:55
User Badges:

Hi,


yes you are right. Very complicated. Thank you for your help. Maybe some "playing" with the router helps :=)


And sorry, in my last post I said that I can ping 192.168.1.1... but only 192.168.1.6 is possible.. do you know why ? In my opinion every client in 192.168.1.x should be pingable, if 192.168.1.6 is possible... %)

spremkumar Tue, 09/13/2005 - 00:41
User Badges:
  • Red, 2250 points or more

hi


I was wondering about the reachability of your clients (192.168.0.x) to the ip - 192.168.1.1 which u have mentioned in your last mail,and again in your very recent post you have mentioned that clients from 192.168.1.x should be pingable but u have got ur clients in 192.168.0.0 rite ? do clarify ...


regds


HGroeschl Sun, 09/18/2005 - 23:39
User Badges:

Hi again,


I have a new plan, because i can´t configure the 192.168.1.1 mashine. Is it possible to do a nat on a cisco 2606 ? I found the option "ip nat...", but i`dont know how to use this option.


Maybe there are a database on inet with FAQ`s or "How to`s" ?


Greetz





HGroeschl Tue, 09/20/2005 - 05:20
User Badges:

Hi all / spremkumar


It finally works :)


interface Ethernet0/0

ip address 192.168.0.6 255.255.255.0

ip nat inside

!

interface Ethernet1/0

ip address 192.168.1.6 255.255.255.0

ip nat outside

!

ip local pool setup_pool 192.168.0.1 192.168.0.3

ip classless

ip route 0.0.0.0 0.0.0.0 192.168.1.1

access-list 1 permit 192.168.0.0 0.0.0.255


Greetz


PS:


Anybody knows why to write

access-list 1 permit 192.168.0.0 0.0.0.255

and not

access-list 1 permit 192.168.0.0 255.255.255.0 ?


Richard Burts Tue, 09/20/2005 - 16:16
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

It may be helpful to briefly review the functionality of masks (both subnet and access list masks). In general the purpose of the mask is to indicate which bits in the address are significant and must match and which bits do not have to match.


In a subnet mask the binary 1 bits indicate significant must match bits. So in a subnet mask 255.255.255.0 says that the first three octets must match and we do not care what is in the fourth octet. A subnet mask of 0.0.0.255 would say that we do not care what is in the first three octets and do care what is in the fourth octet (and this maks is not logical for subnetting).


A mask for access lists is an inverse mask and in these masks the 0 bit indicates that it is significant and must match while a 1 bit means it does not need to match. So in an access list a mask of 0.0.0.255 means that the first three octets must match and the fourth octet does not matter. An access list mask of 255.255.255.0 would mean that we care only about the fourth octet. So the access list of:

access-list 1 permit 192.168.0.0 0.0.0.255

would mean that the first octet must be 192, the second octet must be 168, the third octet must be 0, and the fourth octet can be anything (which is what you want).

The access list of:

access-list 1 permit 192.168.0.0 255.255.255.0

would mean that the first octet can be anything, the second octet can be anything, the third octet can be anything, and the fourth octet must be 0.


There are two kinds of masks. You must remember which kind are used with subnets and which kind are used with access lists.


HTH


Rick

HGroeschl Tue, 09/20/2005 - 23:22
User Badges:

Hi Rick,


thank you very much for the explanation.


Greetz



Actions

This Discussion