Re: routing with in a network

kidem · ‎03-04-2004

I have a question, if i have an existing network

router>switch> =LAN

can i put a router in the lan

like so, router > switch > lan > router >PC(crossover to fa0)

so i config one int for DHCP and static the other the existing network is 192.168.1.0 which one for DHCP will get that network Ip E0 =192.168.1.60 and the other static int Fa0 = 192.168.2.2,

reason im asking is im trouble shoooting a client which cant get to intrernet now when i have the router at our network like explained above, i can ping from in side the router to 192.168.1.0 netowrk i cannot get to the internet though, but from Pc i cannot ping past 192.168.2.0 network,here is the config ,very basic but thought i should ateast get out.

Router is cisco 1721

Current configuration : 2455 bytes

!

version 12.2

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Router

!

no logging console

enable secret xxx

!

ip name-server 192.168.1.1

!

interface Ethernet0

ip address dhcp (192.168.1.60)

!

interface FastEthernet0

ip address 192.168.2.2 255.255.255.0

!

line con 0

line aux 0

line vty 0 4

password xxxx

login

!

end

Router#

jamey · ‎03-04-2004

There are a couple of things going on here.

Your network:

routerA > switch > lan > routerB >PC(crossover to fa0)

(I put A and B on your routers so we can tell them apart)

For one, you need to enter a default gateway on router B that points to router A:

On router B:

ip route 0.0.0.0 0.0.0.0

On router A you need to enter a route to the 192.168.2.0 network via router B:

ip route 192.168.2.0 255.255.255.0 192.168.1.60

Also I would hard code the 192.168.1.60 IP address on router B instead of using DHCP.

Additionally, you may need to add to your firewall to NAT 192.168.2.0 for the 192.168.2.x client to be able to access the Internet. You may also have to add a route on your firewall to get to 192.168.2.0 255.255.255.0 go via the routerA interface pointing to the Internet...it all depends on what you have set up...

-HTH

kidem · ‎03-04-2004

geeesss,,, you are so right, i totally forgot about static route gateway ip, this router has been given me headaches it just stopped working at client site, but now i think they got hacked cause all that would have been in there to be working correctly the first time, they didnt have static gateway ip, they did have how ever ip route 0.0.0.0 0.0.0.0 e0 ,which i thought would work, i will keep trying this, also is there a test i can do on the WIC card?

jamey · ‎03-05-2004

Hmmm...if they got hacked I suspect the attacker would have done something more malicious than change a router config a bit. What is more likely is that somebody made some config changes on the router and forgot to save them and the router lost power or rebooted or something, or proxy arp was enabled on the upstream router and somebody disabled it.

If you do default static routes via the interface like ip route 0.0.0.0 0.0.0.0 e0, you have to have proxy arp enabled on the next upstream router. Most people use the next hop IP like ip route 0.0.0.0 0.0.0.0 192.168.10.1 or whatever.

Not sure what is wrong with your WIC...what kind of problems are you having there?

-HTH

kidem · ‎03-05-2004

im not sure i have had this thing at three different locations, starting fresh and still cant get out, i think its just pilot error, cause i can ping using console to and 192 address other than that i cant go farther. I have done this before too, which is why im puzzled , there were the older 2500 series routers that i configed, but IOS 12.2 isnt that different than 11.3 or whatever still same basic commands....

jamey · ‎03-05-2004

Not sure if it will help or not but go to config mode and type these commands:

ip classless

ip subnet-zero

ip routing

-HTH