Yes the router is connected to the ISP. Yes the IP block has been assigned by the service provider. The hosts are connected to a 2924 switch then to the router. They are in a VLAN on the switch. When attempting to connect to one of the hosts from a separate ISP the packets make it as far as the static ip of the WAN on the router. Hope this helps.

Thanks.

Hi there,

If i understand well your scenario should look like this:

hosts -> 2924 Switch --> 827 router --> Internet

To do it routing all the way with no NAT --> You'll need 2 public IP subnets, 1 for LAN and 1 for WAN, and your ISP shall route your LAN IPs to your WAN ips and you should use default route towards your provider, then you should configure the public IPs on your hosts manually, but here comes the most important question, how many hosts do u have (and accordingly the LAN subnet that you need).

HTH,

Mohammed Mahmoud.

What is the gateway of the ip hosts. Is it the static ip address of the WAN router?

hosts-->switch--->router--->ISP

If the topology looks something like the above, then make sure you have a default route configured on your edge router.

HTH,

Narayan

I have six usable ips for my LAN with a subnet of 255.255.255.248 I have assigned one of those ips to the LAN side of my router. I have also manually configured the ips of the hosts with default gateway listed as the ip of the LAN port of the router. Your topology of my network is correct. Is the problem the different subnets of the LAN vs WAN ie. x.248 x.255 ?

Friend,

Your Gateway IP should have the same Subnet mask as that of the configured hosts.

Change the LAN IP of the router to x.x.x.142 255.255.255.248 and confgiure the default route to the ISP

HTH, rate if it does

Narayan

Did you mean change the WAN netmask to 255.255.255.248 ? The LAN netmask is already 255.255.255.248 And by default route to the ISP do you mean the IP of the next hop after my router ?

Thanks

Hi there,

No the subnet mask of the LAN and the WAN should not match, what are the LAN and WAN subnets you acquired from your ISP ?

regards,

Mohammed Mahmoud.

The LAN subnet is 255.255.255.248 The WAN subnet is 255.255.255.0

Thanks

Hi there,

Weird, the WAN is /24, are both LAN ips and WAN ips public ips ?

regards,

Mohammed Mahmoud.

Let me give an example

host-->switch-->(lan)router(wan)-->ISP

Host: - 10.10.10.2/29

router LAN:-10.10.10.1/29

router WAN:-20.20.20.2/30

ISP WAN:- 20.20.20.1/30

your host should have a gateway configured as 10.10.10.1

How many VLANs have been configured on the switch and the public hosts belong to which VLAN?

Naayan

Are multiple VLANS configured on the switch?

if yes then i think i understand your problem

You have to create a trunk connection from the router to the switch with subinterfaces

HTH

Narayan

I eliminated the switch and connected the server directly to the router. Still unable to connect with the server on the LAN side from another ISP. Or able to ping out beyond the LAN interface.

version 12.2

no service pad

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

mmi polling-interval 60

no mmi auto-configure

no mmi pvc

mmi snmp-timeout 180

ip subnet-zero

ip name-server xxx.xxx.xxx.xxx

ip name-server xxx.xxx.xxx.xxx

!

vpdn enable

vpdn-group 1

request-dialin

protocol pppoe

!

partition flash 2 6 2

!

!

!

!

interface Ethernet0

ip address xxx.xxx.xxx.xxx 255.255.255.248

ip nat inside

ip tcp adjust-mss 1452

hold-queue 100 out

!

interface ATM0

no ip address

no atm ilmi-keepalive

pvc 0/35

pppoe-client dial-pool-number 1

!

dsl operating-mode auto

interface Dialer1

ip address yyy.yyy.yyy.yyy 255.255.255.0

ip mtu 1492

ip nat outside

encapsulation ppp

ip tcp adjust-mss 1452

dialer pool 1

dialer-group 1

ppp authentication chap pap callin

ppp chap hostname xxxxxxxxxxxxxxxxxxxx

ppp chap password yyyyyyyyyyyyyyyyyyyy

ppp pap sent-username xxxxxx password yyyyyyy

!

ip nat inside source list 102 interface Dialer1 overload

ip classless

ip route 0.0.0.0 0.0.0.0 Dialer1

ip http server

ip http access-class 23

!

!

access-list 23 permit xxx.xxx.xxx.0 0.0.0.7

access-list 102 permit ip xxx.xxx.xxx.0 0.0.0.7 any

dialer-list 1 protocol ip permit

!

line con 0

stopbits 1

line vty 0 4

access-class 23 in

exec-timeout 120 0

login

length 0

!

scheduler max-task-time 5000

end

Hi there,

Can you ping from the router to the internet ?

/24 public ip on WAN is a weired thing, are you sure its a public ip ?

regards,

Mohammed.