Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
954
Views
5
Helpful
10
Replies

Ping to WAN

Kyujin Choi
Level 1
Level 1

‎11-11-2010 05:50 AM - edited ‎03-04-2019 10:26 AM

Hi, I have this topology for my simulation lab. Everything works fine. I used RIPv2 for routing for this (I have static route ; ip route 0.0.0.0 0.0.0.0.0 68.110.171.97 /and redistribute static) So I can ping everywhere, except 68.110.171.97 (but, I am able to ping from R1). Is it normal? I know I may need NAT for this.

Question 1: If i changed E0/1 of R1 as internal IP range such as, 10.x.x.x or 172.16.x.x and insert RIP v2 network command, can I ping it?

Q2: So, The reason that I can't ping WAN from R3 is due to public ip address (68.x.x.x) and not setup NAT?

Thanks for your time and precious knowledge.

You have great a day.

RIP.jpg

Labels:
Preview file
42 KB
0 Helpful
10 Replies 10

Jon Marshall
Hall of Fame
Hall of Fame

‎11-11-2010 06:07 AM 

choikyujin wrote:
Hi, I have this topology for my simulation lab. Everything works fine. I used RIPv2 for routing for this (I have static route ; ip route 0.0.0.0 0.0.0.0.0 68.110.171.97 /and redistribute static) So I can ping everywhere, except 68.110.171.97 (but, I am able to ping from R1). Is it normal? I know I may need NAT for this.
Question 1: If i changed E0/1 of R1 as internal IP range such as, 10.x.x.x or 172.16.x.x and insert RIP v2 network command, can I ping it?
Q2: So, The reason that I can't ping WAN from R3 is due to public ip address (68.x.x.x) and not setup NAT?
Thanks for your time and precious knowledge.
You have great a day.

1) Not sure what you mean. If you changed e0/1 to a private address then how would you ever route to the public IP 68.110.171.97 ? It simply wouldn't work.

2) Yes you need NAT. Something like this -

R1

==

int e0/0

ip nat inside

int e0/1

ip nat outside

access-list 101 permit ip 192.168.1.0 0.0.0.255 any

access-list 101 permit ip 192.168.2.0 0.0.0.255 any

access-list 101 permit ip 192.168.3.0 0.0.0.255 any

or if you prefer -

access-list 101 permit ip 192.168.0.0 0.0.0.3 any   - this would cover 192.168.1.0 -> 192.168.3.0 but also include 192.168.0.0/24

ip nat inside source list 101 interface e0/1 overload

Jon

Kyujin Choi
Level 1
Level 1
In response to Jon Marshall

‎11-11-2010 07:44 AM

Thank for your reply.

Q1 was this. Sorry for confusion. This is simulation, I setup cloud (remote router) as remote branch office, not internet. So R1 is gateway for remote branch office. you can think this way.

if gateway (this case R1) connects to another router 68.110.171.97 (let's say branch office, not internet). in this case, I can't ping remote router from R2, R3 or any computer connected this network even if I advertise RIP version 2 (like network 68.110.171.96) and see 68.0.0.0 in the show running command.   I can only ping remote router from R1. I can ping R1 (especially, public IP:68.110.171.98) from any PC or router, but I can't ping 68.110.171.97. Is it normal?  Is it what it's supposed to be? cause it doesn't have NAT?

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to Kyujin Choi

‎11-11-2010 07:49 AM 

choikyujin wrote:
Thank for your reply.
Q1 was this. Sorry for confusion. This is simulation, I setup cloud (remote router) as remote branch office, not internet. So R1 is gateway for remote branch office. you can think this way.
if gateway (this case R1) connects to another router 68.110.171.97 (let's say branch office, not internet). in this case, I can't ping remote router from R2, R3 or any computer connected this network even if I advertise RIP version 2 (like network 68.110.171.96) and see 68.0.0.0 in the show running command.   I can only ping remote router from R1. I can ping R1 (especially, public IP:68.110.171.98) from any PC or router, but I can't ping 68.110.171.97. Is it normal?  Is it what it's supposed to be? cause it doesn't have NAT?

Does the remote router have ie. the branch office router, have routes back to the 192.168.x.0 networks in it's routing tables.

From R3 try doing a traceroute to the remote branch router and post results together with a "sh ip route" from all routers.

Jon

0 Helpful

Kyujin Choi
Level 1
Level 1
In response to Jon Marshall

‎11-11-2010 07:58 AM

Thanks jon. you are so fast. ^^;

Since this is question based on my simulation. I can't do simulate traceroute.

Let's say branch office has class A 10.x.x.x. in this case, I am sure that I can ping from 192.168.x.x (branch 1) to 10.x.x.x (branch 2) as long as RIP routing is working fine. Only question that I have is that.

I can ping local computer to remote branch computer. (192.168.x.x -> 10.x.x.x), but why can't i ping local computer (192.168.x.x) to remote gateway (68.110.171.97)? even if I have routing information redistrubtued by R1. is it normal that even if I have routing table R 68.x.x.x in every router in the local area, I can't ping remote gateway from PC, except R1 (since R1 is directly connected remote router, it can ping it)

Thanks for you time and knowledge.

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to Kyujin Choi

‎11-11-2010 08:07 AM 

choikyujin wrote:
Thanks jon. you are so fast. ^^;
Since this is question based on my simulation. I can't do simulate traceroute.
Let's say branch office has class A 10.x.x.x. in this case, I am sure that I can ping from 192.168.x.x (branch 1) to 10.x.x.x (branch 2) as long as RIP routing is working fine. Only question that I have is that.
I can ping local computer to remote branch computer. (192.168.x.x -> 10.x.x.x), but why can't i ping local computer (192.168.x.x) to remote gateway (68.110.171.97)? even if I have routing information redistrubtued by R1. is it normal that even if I have routing table R 68.x.x.x in every router in the local area, I can't ping remote gateway from PC, except R1 (since R1 is directly connected remote router, it can ping it)
Thanks for you time and knowledge.


No it's not normal. There is no reason why, if you have routing correctly setup on all your routers and you do not have an access-lists blocking ICMP to the remote branch router WAN interface, then you should be able to ping anything within your setup.

Without seeing the complete routing tables it's not possible to say exactly what is wrong.

Jon

0 Helpful

Kyujin Choi
Level 1
Level 1
In response to Jon Marshall

‎11-11-2010 08:32 AM

Thanks Jon.

I know now, it is not normal, let me trouble shoot it. Thanks.

0 Helpful

MUKUL JOSHI
Level 1
Level 1

‎11-11-2010 11:42 AM

Hi Choi,

Have you redistributed the default route in ur internal network.

Try that and you can reach the outside network easily.

0 Helpful

Kyujin Choi
Level 1
Level 1
In response to MUKUL JOSHI

‎11-11-2010 01:49 PM

Thanks for your tips. I did "redistribute static" and from rest of routers, I can reach everywhere, except remote Router in remote site

0 Helpful

MUKUL JOSHI
Level 1
Level 1
In response to Kyujin Choi

‎11-11-2010 03:01 PM

Hi Choi,

Please provide the router configuration so we can chaeck and advice accordingly.

Bregards

Mukul

0 Helpful

Kyujin Choi
Level 1
Level 1
In response to MUKUL JOSHI

‎11-11-2010 06:08 PM

Thanks JOsh.

Now, I found where my problem is. It was remote router that doesn't have RIP routing protocol. That is why I can ping from R1 to Remote, but not from other router.

I really appreciate your helps.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card