Re: Routing Between point-point with DSL Internet on one side. - Page 2

cfdata · ‎10-31-2002

I am having problems getting the remote network access to the Interent using the DSL from the Host network.

Here are the IP addresses and network layout

Host:

Eth: 192.168.1.2

Serial: 192.168.0.1

Remote:

Eth: 192.168.2.1

Serial: 192.168.0.2

There is a SonicWall firewall on the Host side providing NAT to the Internet

Firewall IP Eth: 192.168.1.1

I can communicate between both networks, but cannot access the Internet from the Remote location. I know it's a routing statement that I'm missing. Can anyone assist?

Greatly appreciated..

CF

cfdata · ‎10-31-2002

I do have Rip as displayed in the config's I posted.

If I put the default route back in it works fine. 0.0.0.0 0.0.0.0 serial0

I think I'll call CISCO for assistance...

thisisshanky · ‎10-31-2002

Your packets from remote site are not going to internet, because the HOST 1720 doesnt have a default route pointing to the inside interface of firewall.

Please paste your routing table output (show ip route) for reference.

The default route on 1720 should really be pointing to the firewall

ip route 0.0.0.0 0.0.0.0 192.168.1.2 (firewall insideIP).

You dont really need the default route pointing to serial 0, as you are running RIP. I see that subnet masks for both the lan and wan segments are different (/24 and /30) but RIP version 2 wont have a problem advertising these routes across the wan.

Paste your show ip route on both routers, for reference.

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus

thisisshanky · ‎10-31-2002

Here you go, here is the final solution.

You need to just remove the default route on HOST router. The default route on the REMOTE should remain on the router.

Configs would look like this..

Host

ip route 0.0.0.0 0.0.0.0 192.168.1.2 (where 1.2 is the ip address of inside interface of firewall)

ReMOTE

ip route 0.0.0.0 0.0.0.0 serial 0 1

Dont remove this route.

The above configs should work.

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus

cfdata · ‎10-31-2002

I actually tried that solution a little while ago, and it still didn't work.

I'm bummed.

If traffic from the remote lan is sent out through the leased line to the firewall on the host side, it does not know where to return the packets to. I would assume the firewall needs to have a route somewhere.

thisisshanky · ‎10-31-2002

Firewall should know how to reach remote lan. For this you can just set default gateway on the firewall inside lan as the HOST 1720 router.

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus

cfdata · ‎10-31-2002

Show Ip Route

Host Router:

Gateway of Last Resort is 0.0.0.0 to network 0.0.0.0

192.168.0.0/30 is subnetted, 1 subnet

c 192.168.0.0 is directly connected, serial 0

c 192.168.1.0/24 is directly connected, fast eth 0

s* 0.0.0.0/0 is directly connected, serial 0

Remote Router:

Gateway of Last Resort is 0.0.0.0 to network 0.0.0.0

192.168.0.0/30 is subnetted, 1 subnet

c 192.168.0.0 is directly connected, serial 0

c 192.168.2.0/24 is directly connected, fast eth 0

s* 0.0.0.0/0 is directly connected, serial 0

thisisshanky · ‎10-31-2002

Routing table looks fine...

You just need to remove default route on Host router and point the default route to the inside address of firewall.

On the remote router, the default route needs to kept as it is

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus

cfdata · ‎11-01-2002

The default route is 0.0.0.0 0.0.0.0 192.168.1.1 (firewall)

I believe my problem is this:

The firewall needs to be physically attached to the 1720 LAN

DSL->Sonicwall->1720->LAN

in this senario, I would need to ethernet adapters in the 1720, one for the firewall, and one for the switch.

Thoughts??