Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1046
Views
5
Helpful
6
Replies

1 Internet Connection - 2 cascaded routers

Go to solution
Allam Aly
Level 1
Level 1

‎04-13-2013 10:31 AM - edited ‎03-04-2019 07:35 PM

Hi All,

I have a problem reaching the internet from my second cascaded network 10.1.1.0 on Cisco 3550.

I  can reach the internet while I'm using the network 192.168.1.0, but  when ever I try from 10.1.1.0 I always get request timed out.

Here is the topology:

ScreenShot.bmp

Here is the configuration:

Linksys X300:

Not much on it 2 static routes.

ip route 10.1.1.0 255.255.255.0 192.168.1.3

ip route 41.68.42.89(public) 255.255.255.255 172.31.1.122(first hop)

Linksys E900: >> IP address only

Cisco 3550:

Enabled ip routing

default route >> ip route 0.0.0.0 0.0.0.0 192.168.1.1

Ip default-gateway 192.168.1.1

ip name-server 192.168.1.1

SVI interface vlan 10

ip add 10.1.1.3 255.255.255.0

int fa 0/24

no switchport

ip add 192.168.1.3 255.255.255.0

Tests

  • I can ping from 10.1.1.0 to 192.168.1.0 and vise versa
  • I can reach the internet from 192.168.1.0
  • When  I ping yahoo.com from 10.1.1.0 (computer) the dns work!! I mean it  translates yahoo.com to 206.190.36.45 but it gives me request timed out.

Lastly  I tried to ping from the cisco 3550 to 172.31.1.122 with source ip  10.1.1.3 and it also gave me the same request timed out.

Can you please help me guys I know I'm missing something and I dont know it and it is driving me nuts.

Thanks,

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
SOcchiogrosso
Level 4
Level 4

‎04-13-2013 05:57 PM

Are you NATing the affected subnet?

Sent from Cisco Technical Support Android App

-- CCNP, CCIP, CCDP, CCNA: Security/Wireless Blog: http://ccie-or-null.net/

View solution in original post

Go to solution
blau grana
Level 7
Level 7
In response to Allam Aly

‎04-14-2013 12:32 PM

Hello Allam,

As SOcchiogrosso said, it would be probably problem with NAT.

do I need to perform NATing for the second subnet? shouldn't it work as long as im routing it to the internet gateway?

Yes you have to perform NAT for both your private subnets (192.168.1.0/24 and 10.1.1.0/24).

I assume that you are NATing 192.168.1.0/24 on Linksys X300 to your public IP, so ISP can return traffic back. But if you do not NAT 10.1.1.0/24 subnet, ISP will drop these packets because they are destinated to private networks (which is not allowed in internet) and also for your ISP it is uknown traffic.

Best Regards

Please rate all helpful posts and close solved questions

Best Regards Please rate all helpful posts and close solved questions

View solution in original post

0 Helpful
6 Replies 6

Go to solution
SOcchiogrosso
Level 4
Level 4

‎04-13-2013 05:57 PM

Are you NATing the affected subnet?

Sent from Cisco Technical Support Android App

-- CCNP, CCIP, CCDP, CCNA: Security/Wireless Blog: http://ccie-or-null.net/

Go to solution
Allam Aly
Level 1
Level 1
In response to SOcchiogrosso

‎04-14-2013 03:03 AM

No. do I need to perform NATing for the second subnet? shouldn't it work as long as im routing it to the internet gateway?

Thanks for relping.

0 Helpful

Go to solution
paul driver
VIP
VIP

‎04-14-2013 02:17 AM

Hello

You don't state where this 172.x network is residing
It could be172.x hasn't a return path to 10.1.x network
Also on your 3560 you don't need ip default-gateway when you have routing enabled

A simple topology of this network would help us to understand this better

Res
Paul

Sent from Cisco Technical Support iPad App


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Go to solution
Allam Aly
Level 1
Level 1
In response to paul driver

‎04-14-2013 03:08 AM

Thanks for repling.

I didnt mention it as it out of my breach. It belongs to ISP, I've known about it when I did a trace route.

Tracing route to yahoo.com [98.139.183.24]

over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  X3000 [192.168.1.1]

  2     8 ms     7 ms     7 ms  172.31.1.122 <<<<<<<

  3     8 ms     7 ms     7 ms  172.21.28.178

  4    11 ms    10 ms    11 ms  ^C

0 Helpful

Go to solution
blau grana
Level 7
Level 7
In response to Allam Aly

‎04-14-2013 12:32 PM

Hello Allam,

As SOcchiogrosso said, it would be probably problem with NAT.

do I need to perform NATing for the second subnet? shouldn't it work as long as im routing it to the internet gateway?

Yes you have to perform NAT for both your private subnets (192.168.1.0/24 and 10.1.1.0/24).

I assume that you are NATing 192.168.1.0/24 on Linksys X300 to your public IP, so ISP can return traffic back. But if you do not NAT 10.1.1.0/24 subnet, ISP will drop these packets because they are destinated to private networks (which is not allowed in internet) and also for your ISP it is uknown traffic.

Best Regards

Please rate all helpful posts and close solved questions

Best Regards Please rate all helpful posts and close solved questions
0 Helpful

Go to solution
Allam Aly
Level 1
Level 1
In response to blau grana

‎04-16-2013 10:33 AM

Finally I can live in peace

Thank you all I appreciate it!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card