Mentor
•
36 Messages
3800RG, Cisco Routers and Static IPs
I've got a block of 8 static IPs, one A.B.C.64 /29 - A.B.C.70 is my default gateway, my Cisco E2000 router runs my main home LAN and is doing just fine. I am using two of the RG's ports to run my U-verse set-top boxes via Ethernet, one for the WAN link on the E2000 and one goes to a 4-port DLink switch that then goes to a Cisco 2621XM. Everythings works super except the 2621... I have fa0/1 setup to A.B.C.66 (the E2000 is .65, btw) and I have fa0/0 set to 172.16.1.1 /24 and one PC connected to it set to 172.16.1.10 /24 with a default gateway of 172.16.1.1. I can ping A.B.C.70 from the 2621 just fine and I can ping an outside address such as Google, Apple, etc just fine. What is puzzling me to no end is why I CAN ping A.B.C.66 from the PC, and I CANNOT ping A.B.C.70???? What the heck, it's a directly connected interface; I cannot for the life of me understand this. The only thing I can come up with is that somehow the RG is not setting up a return route.
Accepted Solution
Official Solution
SomeJoe7777
Expert
•
9.4K Messages
12 years ago
1. The ip nat inside source statement is NATting to the wrong interface. Correct line:
ip nat inside source list 1 interface FastEthernet0/1 overload
2. The inside interface needs to be marked as such. Add this line in the FastEthernet0/0 interface config:
ip nat inside
The reason you need both the ip default-gateway statement as well as the static default route statement is that the Cisco's use those two statements in different ways. The static default route statement affects packets that are passing through the router (i.e. being routed). The ip default gateway statement affects packets originating or terminating on the router (i.e. a ping command given at the Cisco IOS prompt).
0
0
Accepted Solution
Official Solution
SomeJoe7777
Expert
•
9.4K Messages
12 years ago
Try to telnet into that address from a computer that's connected directly to the 2Wire router and on a private IP address (192.168.x.x). This will rule out any issue with the Cisco R1 router.
If that works, you should be able to telnet in from outside on the Internet as well.
Make sure the firewall is turned off for the Cisco (on the 2Wire router, go to Settings -> LAN -> IP Address Allocation, look for the Cisco R1 device, and set the firewall to disabled.)
Note that if you disable the firewall like this, you probably will want to enable some kind of firewall on the Cisco. Use the Context-Based Access Control (CBAC) style of firewall, it's the easiest to set up.
0
0
SomeJoe7777
Expert
•
9.4K Messages
12 years ago
Post the Cisco config (xxx out your public IPs and any passwords) and we'll take a look.
0
0
ttx336
Mentor
•
36 Messages
12 years ago
0
0
ttx336
Mentor
•
36 Messages
12 years ago
thanks for the reply, I have corrected these via http and will test it when I get home tonight.
0
0
SomeJoe7777
Expert
•
9.4K Messages
12 years ago
By the way, on your last question about why the static default route has to point to xxx.xxx.xxx.70 vice pointing to FastEthernet0/1 is because having a default route point to an interface is a valid configuration only for point-to-point interfaces, like T1, Frame-Relay, serial, etc. In the point-to-point interface case, there is only one other host that the interface can talk to.
FastEthernet is a multipoint interface, so pointing the default route to the interface itself is not valid. It must point to an IP address within the subnet of that interface so that a single host on that logical network is designated as the default gateway.
0
0
ttx336
Mentor
•
36 Messages
12 years ago
awww geez! now I feel stupid!!! since you expalined it, that makes perfect sense, there's my inexperience showing, I have never used a static route except in lab and always pointing to a point-to-point connected interface...
btw, I had my son wake up the computer at home and I pinged it, it replied so I may be good now!! Once I get home and check it out and am sure I will post that this is solved....
Thanks, -Gary
0
0
ttx336
Mentor
•
36 Messages
12 years ago
my son tested pings to xxx.xxx.xxx.70 as well as out to the WAN and said it reported 100% success!!
it's so nice to have computer literate kids at home, lol!!
Thanks again so very much,
Gary
0
0
SomeJoe7777
Expert
•
9.4K Messages
12 years ago
0
0
ttx336
Mentor
•
36 Messages
12 years ago
I've hit another snag in trying to get my complete lab running... R1 is doing great thanks to you... I added on R2 and R3 via WIC2T cards and Smart Serial cables. I have S0/0 on R1 set to 10.0.0.1 /30 and S0/1 set to 10.0.0.10 /30, R2 has S0/0 set to 10.0.0.2 /30 and S0/1 set to 10.0.0.5 /30; R3 has S0/1 set to 10.0.0.6 /30 and S0/0 set to 10.0.0.9 /30 I have EIGRP set up, all of the serial routes seems fine, but once again, I cannot ping the xxx.xxx.xxx.70 I took some shots in the dark with various static routes and NAT but to no avial. I have an EIGRP advertised route on R1 = xxx.xxx.xxx.64 and used "redistribute static"
so that 0.0.0.0 0.0.0.0 xxx.xxx.xxx.70 is shown as "gateway of last resort" on the other two routers.
I thought I had this working before, but maybe not, I had copied the running-config to the startup-config so they are as they were before I shut them (R2 and R3) off to concentrate on getting R1 working. It seems like with the PC connected to R1 being able to ping the .70 address the other two router surely should be able to, but that is not the case.
0
0