Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Problem with routing - Need help

Hello,

I need a little direction with what I think is a routing problem. Any help will be appreciated. My setup is as follows:

 

————————

Cable Modem

27.177.21.9

————————

 

WAN - Gi0/0

27.177.21.10

 

Cisco 2901

 

LAN - Gi0/1

192.168.1.250

 

————————

Client

192.168.1.10

————————

 

The Problem

Router can ping LAN interface

Router cannot ping WAN interface -X

Router can ping Cable Modem

 

Client

Client can ping LAN interface

Client can ping WAN interface

Client cannot ping Cable Modem -X

 

 

Here is my routing table:

 

Gateway of last resort is 27.177.21.9 to network 0.0.0.0 (this is my cable modem)

 

S*    0.0.0.0/0 [1/0] via 27.177.21.9

                is directly connected, GigabitEthernet0/0

      27.0.0.0/8 is variably subnetted, 2 subnets, 2 masks

C        27.177.21.8/30 is directly connected, GigabitEthernet0/0

L        27.177.21.10/32 is directly connected, GigabitEthernet0/0

      192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks

C        192.168.1.0/24 is directly connected, GigabitEthernet0/1

L        192.168.1.250/32 is directly connected, GigabitEthernet0/1

 

 

Here is a portion of my configuration:

 

!

interface GigabitEthernet0/0

 description Cable Internet$FW_OUTSIDE$$ETH-WAN$

 ip address 27.177.21.10 255.255.255.252

 zone-member security out-zone

 duplex auto

 speed auto

!

interface GigabitEthernet0/1

 description hbc_staff$FW_INSIDE$$ETH-LAN$

 ip address 192.168.1.250 255.255.255.0

 zone-member security in-zone

 duplex auto

 speed auto

 no mop enabled

!

ip default-gateway 27.177.21.9

ip forward-protocol nd

!

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 600 life 86400 requests 10000

!

ip route 0.0.0.0 0.0.0.0 27.177.21.9

ip route 192.168.1.0 255.255.255.0 27.177.21.9

!

 Thanks in advance

7 REPLIES
New Member

Hello every one,Another day

Hello every one,

Another day has gone by and we are still facing the same connection issues with our new router, any help getting it working will be appreciated. Please see the first post for an explanation of our problem.

 

Thank you in advance.

Hall of Fame Super Blue

Is the main issue internet

Is the main issue internet access ?

If so where is the NAT being done for the 192.168.1.x IPs ?

1) if it is being done on the cable modem then you need a route on that device for the 192.168.1.x subnet pointing to the outside interface of your router

or

2) if you don't want to add a route to the modem (or can't) then you can NAT all 192.168.1.x IPs to the outside interface IP of your router. This way the modem knows where to send the return packets.

So what is the situation with NAT currently ?

Jon


 

New Member

Hello Jon and thanks for your

Hello Jon and thanks for your reply.

 

For now I just want to make sure I can send packets from the LAN client thru the router, to the modem, and the Internet.

 

The status of NAT at this point is zero, I have not configure it yet. I did not think, at this point, my problem was NAT because I am able to ping from the LAN client PC to the modem and NAT will eventually happen at the WAN interface of the router later on. For now all I’m trying to accomplish is pinging to the WAN, the modem, and the Internet.

 

Please correct me if you still think my problem is with NAT and not with routing.

 

thank you in advance

Hall of Fame Super Blue

In your original post you

In your original post you said the client could not ping the modem whereas you now say it can. 

Which is it ?

Jon

New Member

Hello Jon, I continue to try

Hello Jon,

 

I continue to try different configurations to get my router to connect without success. I am now trying NAT and this is where we stand now. Any help will be much appreciated.

 

The problem

Router now pings everything by ip address or name

 

Client PC from inside the LAN cannot ping modem or Internet

 

 

Relevant parts of configuration:

 

ip domain name mydomain.org

ip name-server 24.247.15.53

ip name-server 66.189.0.100

!

interface GigabitEthernet0/0

 description Internet$FW_OUTSIDE$ETH-WAN$

 ip address 27.177.21.10 255.255.255.252

 ip nat outside

 ip virtual-reassembly in

 duplex auto

 speed auto

!

interface GigabitEthernet0/1

 description hbc_staff$FW_INSIDE$$ETH-LAN$

 ip address 192.168.1.250 255.255.255.0

 ip nat inside

 ip virtual-reassembly in

 zone-member security in-zone

 duplex auto

 speed auto

 no mop enabled

!

ip nat pool HBC-I 27.177.21.10 27.177.21.10 prefix-length 24

ip nat inside source list 7 pool HBC-I overload

ip route 0.0.0.0 0.0.0.0 27.177.21.9

ip route 192.168.1.0 255.255.255.0 GigabitEthernet0/1

!

access-list 7 permit 192.168.1.0 0.0.0.255

 

 

#show ip route

Gateway of last resort is 27.177.21.9 to network 0.0.0.0

 

S*    0.0.0.0/0 [1/0] via 27.177.21.9

      27.0.0.0/8 is variably subnetted, 2 subnets, 2 masks

C        27.177.21.8/30 is directly connected, GigabitEthernet0/0

L        27.177.21.10/32 is directly connected, GigabitEthernet0/0

      192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks

C        192.168.1.0/24 is directly connected, GigabitEthernet0/1

L        192.168.1.250/32 is directly connected, GigabitEthernet0/1

 

 

When pinging the modem from a client inside the LAN this is what I get from NAT translations and statistics:

 

#sho ip nat translations ver

Pro Inside global         Inside local          Outside local         Outside global

icmp 27.177.21.10:40709   192.168.1.8:40709     27.177.21.9:40709     27.177.21.9:40709

    create 00:00:05, use 00:00:00 timeout:60000, left 00:00:59, Map-Id(In): 1, 

    flags: 

extended, use_count: 0, entry-id: 4, lc_entries: 0

 

 

 

#sho ip nat statistics

Total active translations: 2 (0 static, 2 dynamic; 2 extended)

Peak translations: 2, occurred 00:00:04 ago

Outside interfaces:

  GigabitEthernet0/0

Inside interfaces: 

  GigabitEthernet0/1

Hits: 104  Misses: 0

CEF Translated packets: 104, CEF Punted packets: 0

Expired translations: 7

Dynamic mappings:

-- Inside Source

[Id: 1] access-list 7 pool HBC-I refcount 2

 pool HBC-I: netmask 255.255.255.0

    start 27.177.21.10 end 27.177.21.10

    type generic, total addresses 1, allocated 1 (100%), misses 0

 

Total doors: 0

Appl doors: 0

Normal doors: 0

Queued Packets: 0

Hi,      Instead of this" ip

Hi,

      Instead of this" ip route 192.168.1.0 255.255.255.0 27.177.21.9"

        Change it to "ip route 192.168.1.0 255.255.255.0 gig0/0"

 

Regards,

Chandhuru.M

 

Thanks and regards, Chandhuru.M
New Member

Hello Chandhuru.M and thanks

Hello Chandhuru.M and thanks for your reply.

 

After changing the route to what you suggested, I still have the same problem pinging across to the WAN interface and the modem. Now the LAN client PC and the router can only ping the LAN interface. Please refer back to the original post for a description of my setup. After the change you proposed, this is what I have:

 

Please note the Gateway of last resort is now not set.

 

hbc_gateway#show run | include route                 

ip route 0.0.0.0 0.0.0.0 24.176.21.9

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0

ip route 192.168.1.0 255.255.255.0 GigabitEthernet0/0

 

hbc_gateway#sho ip route

Gateway of last resort is not set

 

      192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks

C        192.168.1.0/24 is directly connected, GigabitEthernet0/1

L        192.168.1.250/32 is directly connected, GigabitEthernet0/1

 

Any other suggestions at this point?

166
Views
0
Helpful
7
Replies
CreatePlease login to create content