Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
652
Views
15
Helpful
4
Replies

Route traffic out to Internet on same subnet

jonasbk11
Level 1
Level 1

‎01-14-2012 03:03 AM - edited ‎03-07-2019 04:20 AM

I’m just brainstorming a lab network setup and also studying for an exam and I simply need help to understand something. VERY basic network, no VLANs so I think you experts can answer it easily.

Very basic question: Will the 192.168.1.50 be able to communicate to the Internet?

ip source-redirect and default GW same subnet.png

Correct me if I’m wrong, but aren’t there any security issues I have to consider (ICMP redirect?)

Yes, I know several alternative solutions like static routes on client, changing the topology but the above setup is what I’m wondering about.

Is there any additional things I need to configure on the firewall, router, switch or computer to get the above setup to work if we consider all network devices are Cisco? What commands? Will it probably work in some scenarios when using more basic switches without security features?

Labels:
0 Helpful
4 Replies 4

johnlloyd_13
Level 9
Level 9

‎01-14-2012 05:17 AM

Hi Jonas,

The answer is no since the 192.168.1.50 is a private IP address. You would need NAT (try to do a quick Google search) for this to work.

Sent from Cisco Technical Support iPhone App

John Blakley
VIP Alumni
VIP Alumni

‎01-14-2012 05:21 AM

You would need to configure nat on the firewall, but other than that everything else looks fine...

The commands will depend on what type of firewall you have.

HTH,

John

HTH, John *** Please rate all useful posts ***

jonasbk11
Level 1
Level 1
In response to John Blakley

‎01-14-2012 05:30 AM

Ah, yes, of course I should have mentioned that NAT is needed in the FW to the Internet.

But there's no need for anything to be configured on the LAN side (switch?) to allow the traffic going from the client to the router to exit on the same interface LAN again to reach the FW?

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to jonasbk11

‎01-14-2012 03:30 PM

Jonas

You have not provided details about what kind of equipment, what models etc, you are dealing with. And there could be exceptions. But in general there is no problem and no special configuration required for a local host to send traffic to its default gateway (192.168.1.1 in this case) and for the gateway to forward the packet to another device (192.168.1.2 in this case) out the same interface.

HTH

Rick

HTH

Rick
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card