Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Help! Stub network can't see hosts...

Users on a "stub" network can't access a particular host on the adjacent network (through which they successfully access the Internet via a PIX).

The "stub" network is 192.168.40.x/255.255.255.0, that connects via WAN to a 92.168.39.x/255.255.255.0 network.

39.1 is the gateway at the 39.x network (a PIX515E connected to the Internet).

40.1 is the gateway address for the users on the 40.x subnet.

Users on 40.x need to access a host at 39.8. They can ping 39.1, but not 39.8.

Tracert from 40.x users stop at 39.10, which is the LAN interface on the router in the 39.x network that connects back to the 40.x network.

I'm using static routes - this is a simple network with no changes planned or needed.

Can anyone suggest how I might correct the routing scheme to allow this to work?

Here's a diagram of the route:

[Internet]-Router-PIX515E (39.1)-LAN-(39.10)RouterA(41.2)-WAN-(41.1)RouterB(40.1)-LAN-40.x hosts

Thanks!

10 REPLIES
New Member

Re: Help! Stub network can't see hosts...

I think I posted this in the wrong forum...reposting to Beginning LAN forum.

Bronze

Re: Help! Stub network can't see hosts...

Make sure that the gateway router for the devices in the .39. network has a route to the .40. net.

New Member

Re: Help! Stub network can't see hosts...

Thanks for the reply! The gateway for the .39 folks is the PIX at 39.1...I've got a static routes entered as:

route inside 192.168.40.0 255.255.255.0 192.168.39.10 2

route inside 192.168.41.0 255.255.255.0 192.168.39.10 1

I still can't seem to get it to work...anything else I should check? Would turning on RIP everywhere possibly solve the problem?

Thanks!

Bronze

Re: Help! Stub network can't see hosts...

Your problem is that the pix is not a router!!! It cannot redirect traffic on the same interface.

Point the .39. users at the router .39.10. Give it a default route to the pix and a route to .40. over the wan (it probably already has those).

When .39. users go to the internet the router will redirect them so they send their traffic diretly to the pix.

New Member

Re: Help! Stub network can't see hosts...

Thanks for the reply...it is the users at .40 who can't get to the 39.8 server. The users on 39.x can see it just fine.

If the users can get to the router at 39.10, which is directly connected to the 39.x segment, shouldn't it work? The 39.10 router has a route entry for the 40.x network.

Thanks again for any help you can give!

Bronze

Re: Help! Stub network can't see hosts...

The users on 40 are getting to 39. 39 cant find a way back to respond to them because they are sending their responses to the pix which cannot forward them to 39.10. Routing is a two way process. Each host has to find it own way to the other. Dont assume that just because you are not getting a response that your data isn't getting there. Seems like 90% of the time the problem is that the destination host cant find its way back to respond.

Your pc on .40. has a gateway pointed to the .40. router. It uses the gateway because the destination is not its network.

The .40. router has a route for the destination that points over the wan to the .39.10 router.

The .39. router is on the destination network so it arps for the host and sends the packet to it.

The dest host wants to respond and uses its gateway because .40. is in a different network. The gateway is the pix which drops the packet.

Change the gateway to 39.10 and it uses its route to send the packet over the wan to the .40. router. That router arps for your pc and sends it the packet.

The pc's on .39. gong to the internet will send their packet to 39.10. It will see that the next hop is in the same network (the pix) and send an icmp redirect message to the pc telling it to use the pix's addresses for that destination.

New Member

Re: Help! Stub network can't see hosts...

Wow - thanks for the excellent and clear explanation! It really filled in some gaps in my knowledge. I think I understand the issue now (for the first time).

For logistical reasons, since the only host (other than the PIX) that users on .40 need to access is 39.8, could I just change 39.8's gateway to 39.10 and leave all of the other 39.x's gateway set to 39.1?

Thanks again!!

Bronze

Re: Help! Stub network can't see hosts...

New Member

Re: Help! Stub network can't see hosts...

Great link - very helpful in understanding my problem. Thanks for providing it!

Bronze

Re: Help! Stub network can't see hosts...

Yes, it will work to just change the gateway on the hosts in 39 that need to reach the 40 network.

Have fun, this stuff is really cool when you start to understand how it works.

116
Views
0
Helpful
10
Replies