cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
617
Views
5
Helpful
17
Replies

Newbie needs basic help

thoppenrath
Level 1
Level 1

I have two internal private networks that I'm trying to connect using a 1721 router. I am able to telnet from network 1 to the router, and ping from router the gw on network 2, but I can't ping anything back on network 1. Also, I can't ping network 2 from network 1. Can someone give me the correct route or other commands I need to get started. I'm not worried about security, this is just for testing. Once I make the connections, I can start playing around with more advanced commands. Network 1 is 10.10.x.x/16 and Network 2 is 10.20.20.x/24. Thanks.

17 Replies 17

Jon Marshall
Hall of Fame
Hall of Fame

Tony

Do you have 2 ethernet interfaces in the 1721 ?

You need to set the default-gateway on your clients to be the interface on the 1721 for their respective vlans so if the 10.20.20.x network uses e0 on the 1721 and the IP address on e0 is 10.20.20.1 then on a client in that network the default-gateway would need to be 10.20.20.1.

Could you post the config of the 1721

Jon

Istvan_Rabai
Level 7
Level 7

Hi Tony,

Please post the running-config of the 1721 router.

Thanks:

Istvan

Ok, don't laugh I know there is mistakes....

show config

Using 838 out of 29688 bytes

!

! Last configuration change at 15:45:58 UTC Sun Mar 30 2008

! NVRAM config last updated at 15:47:11 UTC Sun Mar 30 2008

!

version 12.2

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname TestRouter

!

logging queue-limit 100

enable secret xxx

enable password xxxx

!

ip subnet-zero

!

!

!

!

!

!

!

interface Ethernet0

ip address 10.20.20.77 255.255.255.0

ip access-group 101 in

half-duplex

!

interface FastEthernet0

ip address 10.10.7.1 255.255.0.0

ip access-group 111 in

speed auto

!

ip classless

ip route 10.20.0.0 255.255.255.0 10.10.3.10

no ip http server

!

!

access-list 111 permit tcp host 10.10.3.10 any

!

line con 0

exec-timeout 0 0

password xxxx

login

line aux 0

line vty 0 4

password xxxx

login

!

no scheduler allocate

end

Tony

You can't ping net2 from net1 because of your access-list.

access-list 111 permit tcp host 10.10.3.10 any

There is an implicit deny at the end of any access-list so you will not be able to ping through.

The access-list also looks wrong. Could you remove the access-lists from both the e0 and fa0 interfaces and retest

Jon

I removed the access-list and access group statements. Now when I'm telneted to the router, I can ping both networks from the router. However I still can't ping 10.20.20.1 from 10.10.3.10. Any ideas?

Tony

What device is 10.10.3.10 ?

Jon

It's my workstation. At first I was trying to get the configuration so I could only access the other network, but it's not a necessary security measure at this time.

Tony

Can you remove the following from your config

ip route 10.20.0.0 255.255.255.0 10.10.3.10

Is 10.20.20.1 a server/workstation on the 10.20.20.x network ?

Jon

I removed the ip route line but still can't ping the other network. (10.20.20.1). 10.20.20.1 is a workstation. Actually the whole network is setup with automated forklifts each with it's own computer. That particular 10.10.20.1 is on truck #1 and is the gateway for the network.

Tony

Not sure what you mean by the gateway. Do you have the default-gateway on 10.20.20.1 set to the 10.20.20.77 IP address ?

Jon

No. I haven't changed that network. I think all workstations are setup like 10.20.20.n subnet: 255.255.255.0 gw:10.20.20.1 Again the 10.20.20.1 is also the IP address of workstation #1. Not sure why it was setup that way, but I didn't want to change any settings. Is the problem that I need to change the gw to point to the router e0 interface?

Tony

That would be the problem. I'm not sure why the clients on the 10.20.20.x subnet are pointing to a workstation so i agree until you know what is going on best you don't change anything.

If the workstation (10.20.20.1) is a Windows 2000/2003/XP machine you could try adding a route to it ie. in a dos window

route add 10.10.0.0 mask 255.255.0.0 10.20.20.77

and then retry but you need to be careful of making changes without a full understanding of what is going on.

The 10.20.20.1 workstation - does it only have one NIC and one IP address ?

Jon

Jon, I need to verify your questions about the NIC and IP address but it is running Win 2000. I'll also try to get an idea of why it was setup that way. I will have to do that tomorrow and get back on here and let you know. Thanks for all the help, I'm getting closer. You guys are good!

Here is more info...

Second Network

NT Server Computer

IP: 10.20.20.254

SN: 255.255.255.0

GW: 10.20.20.1

-------------------------------------

ALL Workstations have WIRELESS NICS

Workstation 1

IP: 10.20.20.1

SN: 255.255.240.0

GW: 10.20.20.254

Worksation 2

IP: 10.20.20.2

SN: 255.255.240.0

GW: 10.20.20.254

Workstation 3

IP: 10.20.20.3

SN: 255.255.240.0

GW: 10.20.20.254

---------------------------------------

Wireless ORINOCO AP

AP1

IP: 10.20.20.21

SB: 255.255.255.0

GW: 10.20.20.1

AP2

IP: 10.20.20.25

SB: 255.255.255.0

GW: 169.245.128.133

-----------------------------------------

Not sure why the GW on the server is the IP address of WS #1. Also

not sure why the GW on AP2 is different. Seems to work ok. Notice that

the Subnet is different on the worksations.

I will try to get in touch with the people that set it up to see if the GW makes any difference.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco