Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

About route

Dear ALL,

I need your help about two questions:

I cannot ping (or getting other services) between two machines both connected to the inside zone.

One of them, is configured with public IP and a static is applied like this:

static (inside, outside) 213.212.a.b 213.212.a.b netmask 255.255.255.255

The other one is based on nat , 192.168.1.0 to the inside zone mapped through global / nat

Both machines are reachable from outside , but if you get access to one of them, then you'll not able to ping the other one or get a web page for example.

The last question is, if I add more than one subnet to the inside, do I have to insert manually specific route like this:

route outside subnet's address netmask outside's address

Regards

Alberto Brivio

1 ACCEPTED SOLUTION

Accepted Solutions

Re: About route

Hello Alberto,

the first thing a host does when setting up IP communication is to check: Is the destination address local or do I have to send it to the default gateway?

For that purpose the host checks the network mask configured, which tells which address can be reached by issuing an ARP and which should straight forward be sent to the default gateway, because it "is not local".

In your case none of the two hosts assumes the other is local, so both of them send the packets to the PIX resulting in no connectivity ... see the previous post.

Did this help? Then please rate this post

Martin

3 REPLIES

Re: About route

Hello,

the PIX will not forward a packet out of an interface the packet was received. It simply doesn´t support this, but it is exactly what you are asking for.

In order to get both devices to communicate place them either in the same subnet or engage a router with f.e.

interface ethernet0

ip address 213.212.a.r 255.255.255.248

ip address 192.168.1.123 255.255.255.0 secondary

which will route between the two networks.

Did this help?

Martin

New Member

Re: About route

Hi Martin,

thanks for your explanation.

This could be a good solution, but I wonder why those machines don't "talk" about them since they are on the same switch, so they could make it addressing each other with MAC address ?!

Regards

Alberto

Re: About route

Hello Alberto,

the first thing a host does when setting up IP communication is to check: Is the destination address local or do I have to send it to the default gateway?

For that purpose the host checks the network mask configured, which tells which address can be reached by issuing an ARP and which should straight forward be sent to the default gateway, because it "is not local".

In your case none of the two hosts assumes the other is local, so both of them send the packets to the PIX resulting in no connectivity ... see the previous post.

Did this help? Then please rate this post

Martin

88
Views
5
Helpful
3
Replies
CreatePlease login to create content