Connecting two networks

Gregaku · ‎10-15-2024

Hey Guys

I'm actually practicing in my home lab, I have 3 networks : 172.16.50.0/24, 203.10.115.0/24 and 10.10.20.0/24. my ISP router is 192.168.1.0/24.

My DHCP is working fine, all my computer are able to ping each other, the internet works but only on the 172.16.50.0/24 I'm trying to route the internet to 10.10.20.1/0 but it doesn't' work. I will copy running config from 2 routers, let me know what's wrong in my config

R2 config

R2#sh
*Oct 16 02:13:12.935: %SYS-5-CONFIG_I: Configured from console by console run
Building configuration...

Current configuration : 1929 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
!
no aaa new-model
clock timezone EST -5
no network-clock-participate wic 0
no network-clock-participate aim 0
!
dot11 syslog
ip source-route
!
!
ip cef
ip dhcp excluded-address 172.16.50.1 172.16.50.5
ip dhcp excluded-address 203.10.115.1
ip dhcp excluded-address 10.10.20.1 10.10.20.5
!
ip dhcp pool LAB
network 172.16.50.0 255.255.255.0
dns-server 8.8.8.8
domain-name aku-sys.local
default-router 172.16.50.1
!
ip dhcp pool LINK
network 203.10.115.0 255.255.255.252
!
ip dhcp pool LAB2
network 10.10.20.0 255.255.255.0
dns-server 8.8.8.8
domain-name aku-sys.local
default-router 10.10.20.1
!
!
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
voice-card 0
no dspfarm
!
!
!
!
!
archive
log config
hidekeys
!
!
!
!
!
controller T1 0/0/0
framing esf
linecode b8zs
!
!
!
!
!
interface FastEthernet0/0
ip address 203.10.115.1 255.255.255.252
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet0/1
ip address dhcp
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet0/2/0
ip address 172.16.50.1 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
router ospf 10
log-adjacency-changes
network 172.16.50.0 0.0.0.255 area 0
network 192.168.1.0 0.0.0.255 area 0
network 203.10.115.0 0.0.0.3 area 0
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 FastEthernet0/1
no ip http server
no ip http secure-server
!
!
ip nat inside source list 1 interface FastEthernet0/1 overload
!
access-list 1 permit 172.16.50.0 0.0.0.255
!
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
login
!
scheduler allocate 20000 1000
end

R2 pinging ISP router

R2#ping 192.168.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
R2#

R1 pinging ISP

R1#ping 192.168.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R1#

M02@rt37 · ‎10-15-2024

Hello @Gregaku

It seems that the main issue is with routing and NAT configuration.

Currently, the NAT configuration is set up to translate traffic only for the 172.16.50.0/24 network (access-list 1 permit 172.16.50.0 0.0.0.255). Since you want to provide internet access for the 10.10.20.0/24 network as well, you need to modify the NAT access list to include this network. You can update the ACL:

access-list 1 permit 172.16.50.0 0.0.0.255
access-list 1 permit 10.10.20.0 0.0.0.255

This change will allow NAT to translate traffic from both 172.16.50.0/24 and 10.10.20.0/24 networks.

Also, make sure that R2 and ISP router know how to reach the 10.10.20.0/24 network. Since you have OSPF on R2 configured, ensure that the network statement for 10.10.20.0/24 is included in R2 routing table

#sh ip route

On ISP router, ensure network 10.10.20.0/24 is known also. Default route ?

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.