Re: Access subnet not part of the default gateway - Page 2

hpatel23 · ‎04-25-2022

I have a Cisco ISR4451-X/K9. I set up interface GigabitEthernet0/0/1.1, secondary IP address as 10.19.194.1/24. I am connected to two nodes in a mesh connection with one port with IP 10.19.194.50 on first node connected to router and another port on first node with IP 10.19.193.2/24 which is part of different subnet.

On the cisco router I added a static route that has destination as 10.19.193.0/24 with next hop as IP 10.19.194.50. And I am able to ping 10.19.193.2 from cisco router. But if the port with 10.19.193.2/24 is connected to port on second node with IP 10.19.193.3/24, I am not able to pin 10.19.193.3 from Cisco router.

What are the configuration that I need to have on Cisco router to access a different subnet thats not part of the cisco router?

Jon Marshall · ‎04-25-2022

It sounds like the issue is not the router but the 10.19.193.3 device.

Does it have a default gateway of 10.19.193.2 and does it allow ping ie. is it running a firewall that could be blocking it ?

Jon

hpatel23 · ‎04-25-2022

Hi Jon,

No, there is no default gateway set for 10.19.193.2 and also for 10.19.193.3. Node 1 and Node 2 are able to discover each other fine. Node 2 can ping cisco router as well. But Cisco router can't reach Node 2.

I have attached the diagram for better clarification.

Also, FYI I am able to access Node 1 through 10.19.193.2 address. My aim is to access Node 2 as well with IP 10.19.193.3 but no able to reach that from Cisco router since no gateway has been setup.

Jon Marshall · ‎04-25-2022

If node 2 can ping the router then it must have a gateway set (or at least a route) as the router is on a different subnet.

If it doesn't then node 1 must be doing proxy arp (if it is capable).

Jon

hpatel23 · ‎04-25-2022

Node 2 has a static route

ip route 10.19.194.0 255.255.255.0 10.19.193.2

Node 1 and Node 2 are capable of Proxy ARP. But its set to false.

Jon Marshall · ‎04-25-2022

Then something must be blocking ping on node 2.

Jon

hpatel23 · ‎04-25-2022

There is no acl list or firewall issue that will be blocking the ping.

Jon Marshall · ‎04-25-2022

'

The cisco router has a route to 10.19.193.0/24 and can ping 10.19.193.2 so the routing is working correctly and I am not sure what else you can add to the router.

And node 1 can ping node 2 so it would seem that there is nothing blocking ping on node 2.

The only thing I can think is that node 2 will not respond to a ping from a remote subnet but again that would need some sort of firewall etc. on the node and you say there isn't.

Jon

hpatel23 · ‎04-25-2022

Thanks Jon! Thats what I thought as well. But it has worked before in past as well. And seems like config issue on the router side according to customer. So without setting the gateway on 2nd Node, What are the other options to access that node from Router and access the device.

Jon Marshall · ‎04-25-2022

Not sure what else you can do on the router other than what you have done ie. add a route which is working as you can ping 10.19.193.2.

In addition when you ping the router from node 2 it works so both the static route on the router and node 2 are working.

Is there any chance that when you ping from the router it is not using the secondary IP but the main IP on the interface and node 2 would not know how to get back to that ?

Jon

Access different subnet through management