I just intalled a new WAN link to our production facility.. At Site-A, I have a Firewall connected to the net and internal interface of 192.168.1.1 . I have the WAN router Eth0 192.168.1.2 . The Site-A WAN router is connected to the Site-B WAN router with a Frame.. The Site-B WAN router Eth0 is 192.168.2.1 ..
From the Site-A WAN router I can ping the Firewall's internal interface and the outside world. But from the Site-B router I cannot ping the Firewall or the outside world..
A trace route from a host on the Site-B network hits the Site-B WAN router (192.168.2.1), hits the Site-A WAN router (192.168.1.2) but then just stalls...
1 <10 ms <10 ms <10 ms 192.168.2.1
2 <10 ms <10 ms <10 ms 192.168.1.2
3 * * * Request timed out.
4 * * * Request timed out.
5 * ^C
This is the Site-A router config.....
Current configuration : 1206 bytes
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
enable password XXXXXX
memory-size iomem 25
no ip finger
ip name-server XXX.XXX.XXX.XXX
no ip address
service-module t1 remote-alarm-enable
frame-relay lmi-type ansi
interface Serial0.1 point-to-point
description connected to SITE-B-FR-01
ip unnumbered FastEthernet0
frame-relay interface-dlci 16
description connected to EthernetLAN_1
ip address 192.168.1.2 255.255.255.0
ip route 0.0.0.0 0.0.0.0 192.168.1.1
ip route 192.168.2.0 255.255.255.0 Serial0.1 permanent
Check the firewall config. Some firewalls wouldn't respond to icmp except from predefined addresses/networks, that a "stealth" rule. Also if you're just adding site B, the firewall needs to know about it and permit communication from the new subnet to the outside world.
Simply on firewalls everything is denied unless explicitly permitted!
I'm guessing that the Firewall doesn't know where the 192.168.2.0 network lives. You need to enter a route on the firewall to send all traffic for network 192.168.2.0 to 192.168.1.2 (your WAN router). Hope this helps.
Michael.. yeah it's a FireBoxII with version 4.61 running on it.. How do you add Static routes to it?? I don't see anyting in the manual about static routes and i didn't see anyting poking around in the GUI either.. any help would be great!!! I might shoot you an e-mail as well...
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...