Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
381
Views
0
Helpful
1
Replies

multiple subnet router to router through dsl

philip
Level 1
Level 1

‎06-17-2002 10:16 PM - edited ‎03-01-2019 10:14 PM

Hi there,

here is my situation. I have two 1720 routers and my company wish to route them to a single point entry. here is a simple graph

Firewall

|

|

|

1720A-------------------1720B

they wish to route 1720b through firewall out to the internet.

between 1720a and 1720b is a dedicated line using adsl VPN mode by ISP

1720a's ip information

wan 10.17.1.253 255.255.255.0

lan 10.0.0.10 255.255.255.0

gw 10.17.1.254 255.255.255.0

1720b's ip information

wan 10.16.1.253 255.255.255.0

lan 192.168.1.10 255.255.255.0

gw 10.16.1.254 255.255.255.0

Firewall

lan 10.0.0.2

wan 61.219.234.xxx

both 1720s are using NAT on all interfaces(WAN/LAN).

as you can probably guess, the subnet under 1720 b is using 192.168.1.10 as their gateway. my problem is how do i route 1720b's subnet pc to the internet through 1720a then firewall. do i do IP ROUTE 10.16.1.0 255.255.255.0 10.0.0.2 ?

btw, the 1720a is not used as a gw to the outside, the firewall 10.0.0.2 is the one that is used as a gw to the outer world. its presence is purely as a source to connect two sites together.

is policy routing and static ip direct the same thing? if not, is it possible for me to implement route map to solve my problem?

plz help me. i am desparate. i have ask many people, but they all are clueless.

Labels:
0 Helpful
1 Reply 1

brian-mcmahon
Level 1
Level 1

‎06-19-2002 12:27 PM

No, policy routing is not the same thing as static routing. This appears to be a very straightforward routing scenario, and static routes should be sufficient.

Based on your description, you want to have the default route on 1720A pointing to the firewall (ip route 0.0.0.0 0.0.0.0 10.0.0.2). That should allow users behind 1720B to get out.

Then you need to be sure that the 10.0.0.0/24 net (1720A LAN) can reach the 192.168.1.0/24 net (1720B LAN). On 1720A, use ip route 192.168.1.0 255.255.255.0 10.17.1.254 -- assuming that I understand your "ASDL VPN" connection setup properly.

How do the client systems on 10.0.0.0/24 currently reach 192.168.1.0/24? ( Or do they even need to?) Does the firewall have a route to 192.168.1.0? Do the clients?

When you say "gw", I presume you mean a default route of the form ip route 0.0.0.0 0.0.0.0 something; correct?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents