Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
605
Views
0
Helpful
4
Replies

Can't get clients on one network to see clients the other side

Go to solution
joseph.hennig
Level 1
Level 1

‎01-28-2014 07:08 AM - edited ‎03-07-2019 05:50 PM

Hello folks,

I have a simple issue, but with some interesting twists.

I work for a subsidiary of a larger company, and we have run out of addresses on our original network (192.6.118.0 /24), so we have been given a new network to utilize (192.8.66.0 /24), by our parent company. We do not really control much of the network, nor the routers, so we have to wait for the parent company to send us a new router, but that is going to take 3 months, and we run out of IPs every single day.

I've gone ahead and grabbed a decommissioned Cisco 2600XM router out of storage to see if I can band-aid the situation until we get an official router. The problems are that I am not going to get much guidance from the parent company, and I have no idea how the current router is actually configured, and we have no Cisco experts on staff (since all of our routers are shipped to us pre-configured).

Here is the setup. Router A (official router) is the gateway on the 192.6.118.0 network. I would like to make Router B (2600 I pulled out of the closet) a client on that network, and the gateway for the 192.8.66.0 network, since I cannot add a new network to Router A's routing table.

I can see Router B from any client on Router A's network. Client's on Router B's network can see both ports on Router B, but cannot see anything else on Router A's network, meaning that I can't Ping, I can't RDP, I can't access network shares.

At one point we had a Linksys BEFSR41 as a substitute for Router B, and it worked somewhat, until we put a large number of clients on it and probably fried it. I've also had the 2600 working with NAT, but it was terribly slow, and emails wouldn't come through (probably due to the fact that our off-site Exchange server does not like to allow connections if they are weak or slow).

Here's the running config from my Packet Tracer Modeling

Current configuration : 936 bytes

!

version 12.4

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

!

hostname RouterB

!

!

!

enable secret XXXXXX

!

!

ip dhcp excluded-address 192.6.118.0

ip dhcp excluded-address 192.8.66.1 192.8.66.99

ip dhcp excluded-address 192.8.66.201 192.8.66.254

!

ip dhcp pool Joe

network 192.8.66.0 255.255.255.0

default-router 192.8.66.1

dns-server 192.6.118.19

!

!

!

!

!

!

!

no ip domain-lookup

!

!

spanning-tree mode pvst

!

!

!

!

interface FastEthernet0/0

ip address 192.6.118.11 255.255.255.0

ip access-group 10 out

duplex auto

speed auto

!

interface FastEthernet0/1

ip address 192.8.66.1 255.255.255.0

duplex auto

speed auto

!

interface Vlan1

no ip address

shutdown

!

ip classless

!

!

access-list 10 permit 192.6.118.0 0.0.0.255

access-list 10 permit 192.8.66.0 0.0.0.255

!

!

!

!

!

line con 0

!

line aux 0

!

line vty 0 4

login

!

!

!

end

What can I try?

Thank you!

Joe

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to joseph.hennig

‎01-29-2014 06:41 AM

Joe

I'm not sure why it worked with the Linksys unless it was also doing NAT but it just did better. 

My somewhat saving grace is that I don't need to really do anything where client's on the old network need to access the new network

that's the problem though ie. any communication is two way so you do actually need the existing clients to be able to access the new network.

Unfortunately without using NAT on router B i can't see a way to achieve what you want because existing clients will always send their return traffic to router A as this will be their default gateway and router A will simply drop the packets.

Jon

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎01-28-2014 12:57 PM

Joe

The issue is that router A needs a route adding so it can get to the new client network. So unless you can get a route configured on router A your only other option is to NAT overload all your new client IPs to the faa0/0 IP address but you have said you have already tried this.

So from the new network clients can ping both 2600 interface IPs because they are on the same router. As soon as they try to get to a client on the existing network they will get there but the client will send the return traffic back to router A because that will be their default gateway and router A has no knowledge of the new network.

Jon

0 Helpful

Go to solution
joseph.hennig
Level 1
Level 1
In response to Jon Marshall

‎01-29-2014 06:32 AM

Thanks for your reply Jon.

My original thinking was along the lines of your response, but what makes me question it somewhat is that clients on the new network were able to go about their business without much issue when I used the home Linksys router instead of the 2600? My somewhat saving grace is that I don't need to really do anything where client's on the old network need to access the new network, I just need the people on the new network to access file shares on the old network.

Joe

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to joseph.hennig

‎01-29-2014 06:41 AM

Joe

I'm not sure why it worked with the Linksys unless it was also doing NAT but it just did better. 

My somewhat saving grace is that I don't need to really do anything where client's on the old network need to access the new network

that's the problem though ie. any communication is two way so you do actually need the existing clients to be able to access the new network.

Unfortunately without using NAT on router B i can't see a way to achieve what you want because existing clients will always send their return traffic to router A as this will be their default gateway and router A will simply drop the packets.

Jon

0 Helpful

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to Jon Marshall

‎01-29-2014 10:01 AM

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Jon already touched on this, but to use your "new" network, without NAT, the subnet needs to be "known".

With NAT, you can place multiple hosts behind one (or several) IPs on your existing subnet.  I.e. you new subnet doesn't need to be known.  (In fact, you could use any subnet you want.)

The reason the Linksys worked well yet the 2600 did not, "Enterprise" class routers generally don't handle PAT as well many consumer class routers.  (NB: True NAT would probably work just fine, but what you need is to overload an IP, i.e. PAT).  So, many applications won't work.  (NB: I believe newer IOS versions do better, though.)

Many small Cisco Enterprise class routers, especially those from two generatations ago, were designed for "slow" WAN links, like single T1s or partial T1s, or perhaps for a few Mbps DSL.  If your link has more bandwidth the router may not have the performance to support it effectively.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card