06-23-2004 11:46 PM - edited 03-02-2019 04:35 PM
I have 2 Routers connected to each other via Serial. Let say Router A and B. Router A is the one that connected with ISP.
From Router B, I can ping anywhere within the intranet but can't go out to Internet.
From Router A, I can go anywhere including Intranet and Internet.
Router A...........
interface FastEthernet0/0
ip address 202.147.38.193 255.255.255.192 secondary
ip address 192.168.65.1 255.255.255.0
ip route-cache flow
duplex auto
speed auto
no cdp enable
!
interface Serial1/0:0
ip address 192.168.66.1 255.255.255.0
ip route-cache flow
ip mroute-cache
fair-queue
no cdp enable
Router B..........
interface FastEthernet0/0
ip address 192.168.63.1 255.255.255.0
ip route-cache flow
duplex auto
speed auto
no cdp enable
!
interface Serial1/0:0
ip address 192.168.66.2 255.255.255.0
ip route-cache flow
no fair-queue
serial restart_delay 0
ip route 0.0.0.0 0.0.0.0 Serial1/0:0
How can i config to let network behind Router B to go to Internet?
06-24-2004 01:36 AM
Hello,
do you have any device performing NAT in between your router A and the Internet ? In your config I do not see any NAT, I guess that would be a way to allow hosts from router B to access the Internet.
How are your hosts on router A currently accessing the Internet ?
Regards,
Georg
06-24-2004 01:38 AM
yep..there is a firewall doing the NAT.
06-24-2004 02:04 AM
Hello,
can you try and allow network 192.168.63.0/24 in your firewall rule ? I guess if you configure that network in your firewall the same way as the network in Router A, NAT should translate address from 192.168.63.0/24. Which firewall do you have ?
Regards,
Georg
06-24-2004 07:07 PM
Hi Georg,
This 2 Routers are in the different locations. I have no idea how to add that 192.168.63.0/24 in Firewall rules and I dont wanna touch main network. Btw I am using netscreen 50.
User Access Verification
Password:
Router A>en
Password:
Router A#sh run
Building configuration...
Current configuration : 3324 bytes
!
! Last configuration change at 10:40:15 SIN Fri Jun 25 2004
!
version 12.2
no service timestamps debug uptime
service timestamps log datetime localtime
service password-encryption
!
hostname Gerann
!
boot system flash c3640-ix-mz_122-8_T1.bin
logging buffered 4096 debugging
!
clock timezone SIN 8
ip subnet-zero
ip cef
!
!
ip name-server 203.192.133.4
ip name-server 203.192.133.3
!
!
!
!
!
!
!
!
!
controller E1 1/0
framing NO-CRC4
clock source internal
channel-group 0 timeslots 1-31
description "2Mbps link to MY"
!
controller E1 1/1
clock source internal
channel-group 0 timeslots 1-31
description "Channel E1 to ANC"
!
!
!
interface FastEthernet0/0
bandwidth 100000
ip address 202.147.38.193 255.255.255.192 secondary
ip address 192.168.65.1 255.255.255.0
ip nat inside
ip route-cache flow
duplex auto
speed auto
no cdp enable
!
interface Serial1/0:0
description To Malaysia Office 2Mb link
bandwidth 2048
ip address 192.168.66.1 255.255.255.0
ip route-cache flow
ip mroute-cache
fair-queue
no cdp enable
!
interface Serial1/1:0
description To AsiaNetCom E1 CircuitID:0494000X
bandwidth 1984
ip address 203.192.163.170 255.255.255.252
ip nat outside
ip route-cache flow
ip mroute-cache
fair-queue
no cdp enable
!
!
ip classless
ip route 0.0.0.0 0.0.0.0 203.192.163.169
ip route 192.168.62.2 255.255.255.255 192.168.66.2
ip route 192.168.63.0 255.255.255.0 192.168.66.2
ip route 192.168.65.21 255.255.255.255 192.168.66.2
no ip http server
ip pim bidir-enable
!
!
no cdp run
!
dial-peer cor custom
!
!
!
!
!
line con 0
login
line aux 0
line vty 0 4
access-class 10 in
exec-timeout 5 0
login
history size 50
!
!
end
User Access Verification
Password:
Router B>en
Password:
Router B#sh run
Building configuration...
Current configuration : 2370 bytes
!
version 12.2
service timestamps debug datetime msec localtime
service timestamps log datetime msec localtime
service password-encryption
!
hostname Charminn
!
boot system flash c3640-ix-mz_122-8_T1.bin
!
clock timezone SIN 8
ip subnet-zero
ip cef
!
!
!
!
!
!
!
!
!
!
!
controller E1 1/0
framing NO-CRC4
clock source internal
channel-group 0 timeslots 1-31
description "2 Mbps link to SG"
!
controller E1 1/1
framing NO-CRC4
clock source internal
channel-group 0 timeslots 1-31
description "Spare"
!
!
!
interface FastEthernet0/0
ip address 192.168.63.1 255.255.255.0
ip route-cache flow
duplex auto
speed auto
no cdp enable
!
interface Serial1/0:0
bandwidth 2048
ip address 192.168.66.2 255.255.255.0
ip route-cache flow
no fair-queue
serial restart_delay 0
!
interface Serial1/1:0
no ip address
!
interface Serial2/0
!
interface Serial2/1
!
interface Serial2/2
!
interface Serial2/3
!
ip classless
ip route 0.0.0.0 0.0.0.0 Serial1/0:0
ip route 192.168.62.2 255.255.255.255 FastEthernet0/0
ip route 192.168.65.21 255.255.255.255 FastEthernet0/0
no ip http server
ip pim bidir-enable
!
!
!
dial-peer cor custom
!
!
!
!
!
!
line con 0
login
line aux 0
line vty 0 4
exec-timeout 35791 0
login
!
!
end
06-25-2004 08:27 AM
Can you explain where the firewall is located. Is there a static route from the firewall to the remote network
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide