06-10-2008 10:54 AM - edited 03-03-2019 10:18 PM
I have routers that are setup using point to point T1's and static routing. I am coming from a remote location with ip address of 10.101.x.x The DHCP server and other resources are on the 10.150.x.x and the 10.1.x.x networks. The interfaces for the T1's are 192.158.162.2 for the remote rtr 1 and 192.158.162.1 for corp router 2. I am able to ping and trace the inside interface but I am unable to get to the other resources I have included the configs but I cant get it to route past the inside interface of the corp router
CORP CONFIG
hostname "corp"
enable password
!
clock timezone -6-Central-America
clock no-auto-correct-DST
!
ip subnet-zero
ip classless
ip domain-name ""
ip name-server 10.1.1.10 10.101.0.254 10.1.1.12
ip default-gateway 10.150.0.1
ip routing
!
no auto-config
!
event-history on
no logging forwarding
logging forwarding priority-level info
no logging email
logging email priority-level info
!
no service password-encryption
!
username "admin" password
username "Admin" password
!
ip policy-timeout tcp telnet 14400
!
no ip firewall alg msn
no ip firewall alg h323
!
aaa on
aaa authentication login default local
interface eth 0/1
ip address 10.150.0.2 255.255.0.0
no shutdown
interface eth 0/2
no ip address
shutdown
interface t1 1/1
tdm-group 1 timeslots 1-24 speed 64
no shutdown
!
interface t1 2/1
tdm-group 2 timeslots 1-24 speed 64
no shutdown
!
interface t1 2/2
shutdown
!
interface ppp 1
ip address 192.158.162.1 255.255.255.252
ppp multilink
mtu 1520
no shutdown
cross-connect 1 t1 1/1 1 ppp 1
cross-connect 2 t1 2/1 2 ppp 1
ip route 0.0.0.0 0.0.0.0 10.150.0.9
ip route 10.1.0.0 255.255.0.0 10.150.0.2
ip route 10.101.0.0 255.255.0.0 192.158.162.2
ip route 192.158.162.0 255.255.255.0 10.150.0.1
!
no ip tftp server
no ip tftp server overwrite
no ip http server
no ip http secure-server
ip snmp agent
no ip ftp server
no ip scp server
no ip sntp server
snmp-server enable traps
snmp-server community j520aau RO
snmp-server community public RO
line con 0
!
line telnet 0 4
password
no shutdown
line ssh 0 4
no shutdown
!
sntp server 10.1.1.1
!
end
CORP#
REMOTE CONFIG
!
hostname "REMOTE"
enable password
!
clock timezone -8
!
ip subnet-zero
ip classless
ip domain-name ""
ip name-server 10.150.0.254 10.1.1.12
ip default-gateway 192.158.162.2
ip routing
!
no auto-config
!
event-history on
no logging forwarding
logging forwarding priority-level info
no logging email
logging email priority-level info
!
no service password-encryption
!
username "admin" password ""
!
!
no ip firewall alg msn
no ip firewall alg h323
!
aaa on
interface eth 0/1
no ip address
shutdown
interface eth 0/2
ip address 10.101.0.2 255.255.0.0
no shutdown
interface t1 1/1
clock source internal
tdm-group 1 timeslots 1-24 speed 64
no shutdown
!
interface t1 2/1
clock source internal
tdm-group 2 timeslots 1-24 speed 64
no shutdown
!
interface ppp 1
ip address 192.158.162.2 255.255.255.252
ppp multilink
username admin password
mtu 1520
no shutdown
cross-connect 1 t1 1/1 1 ppp 1
cross-connect 2 t1 2/1 2 ppp 1
router rip
version 2
network 10.0.0.0 0.0.0.0
network 192.158.162.0 255.255.255.0
ip route 0.0.0.0 0.0.0.0 10.150.0.1
ip route 10.1.0.0 255.255.0.0 192.158.162.1
ip route 10.101.0.0 255.255.0.0 192.158.162.1
ip route 10.150.0.0 255.255.0.0 192.158.162.1
!
no ip tftp server
no ip tftp server overwrite
ip http server
ip http secure-server
ip snmp agent
no ip ftp server
no ip scp server
no ip sntp server
snmp-server contact "IS"
snmp-server contact email ""
snmp-server management-url "http://10.101.0.2"
snmp-server location ""
snmp-server enable traps snmp
snmp-server community public RO
line con 0
!
line telnet 0 4
password
no shutdown
line ssh 0 4
no shutdown
!
sntp server 10.1.1.1
remote#
06-10-2008 11:16 AM
All your other routers will need a static route to 10.101.0.x. Do they?
06-10-2008 11:33 AM
Let's go over the remote router config first:
ip route 0.0.0.0 0.0.0.0 10.150.0.1
You have a recursive route here. 10.150.0.1 is not a directly connected interface. In order to reach 10.150.0.1, you need to go via 192.158.162.1. The correct gateway should be 192.158.162.1, not 10.150.0.1
_______________________________
ip route 10.1.0.0 255.255.0.0 192.158.162.1
This is fine
____________________________
ip route 10.101.0.0 255.255.0.0 192.158.162.1
you don't need this route. The network is directly connected on this router. Remove it.
______________________________
ip route 10.150.0.0 255.255.0.0 192.158.162.1
This is fine
_________________________________
router rip
version 2
network 10.0.0.0 0.0.0.0
network 192.158.162.0 255.255.255.0
Do you have RIP running on other routers?
___________________________
Comments on remote router:
Just have one default route pointing to 192.158.162.1
ip route 0.0.0.0 0.0.0.0 192.158.162.1
and remove all routes along with RIP. It will take care of all routing from the remote site towards HQ.
Let's go over the CORP router:
ip route 0.0.0.0 0.0.0.0 10.150.0.9
I'm assuming that's the internet FW, that's fine.
_______________________________
ip route 10.1.0.0 255.255.0.0 10.150.0.2
I don't see this subnet on any interface at this router. You should point the gateway to the device holding this subnet, not the router itself (10.150.0.2).
________________________________
ip route 10.101.0.0 255.255.0.0 192.158.162.2
This is fine.
________________________________
ip route 192.158.162.0 255.255.255.0 10.150.0.1
You don't need this route, that's a directly connected route. Remove it.
________________________________
The hosts at each location must point to their respective router LAN IP as the default gateway. Once you do that, you should have a working routed environment.
HTH,
__
Edison.
Please rate helpful posts
06-12-2008 08:38 AM
Hi,
I tried the configs that you suggested and still no luck any other ideas ?
Thanks
Don
06-12-2008 09:29 AM
Don
I raised this issue with the routing logic:
But corporate has a route for 10.1.0.0/16 with next hop of 10.150.0.2 which is its own ethernet interface. I suspect that this is a typo mistake. But it would explain problems in access to 10.1.x.x addresses.
have you done anything to address this yet?
HTH
Rick
06-12-2008 10:17 AM
I am sorry I dont know what your asking me to do I didnt see what your referring to ?
06-12-2008 09:48 AM
Please post the modified configs along with traceroute and ping outputs.
Thanks
06-12-2008 10:15 AM
06-12-2008 10:22 AM
I don't see anything wrong with the traceroute nor the configs.
__________________
Traceroute output:
TRACE ROUTE FROM 10.150.09
User Access Verification
Password:
T>en
Password:
#trace 10.101.0.2
Type escape sequence to abort.
Tracing the route to gw-dd6-wam.toddpacific.com (10.101.0.2)
1 192.158.162.1 0 msec 4 msec 0 msec
2 192.158.162.2 8 msec 8 msec 8 msec
T#
___________________
Are you able to ping from a workstation at the remote location to 10.150.0.2 (LAN Interface at the CORP router)?
Are you able to ping from the same workstation to a device located in the 10.150.0.0/16 subnet?
You need to make sure the devices at the CORP location have their default gateway set to 10.150.0.2 and devices at the remote location have their default gateway set to 10.101.0.2.
06-12-2008 10:40 AM
The next HOP from the CORP router interface 10.150.0.2 is 10.150.0.9 which is a 3550 and routing. all my pings from the remote rtr stop at 10.150.0.2. Right now I dont have any devices plugged in at the remote facility I am just trying to ping from the router. I will make sure the Default gateway is set appropriatly.I am able to ping from the remote router to 10.150.0.2. I am unable to ping anything past the 10.150.0.2 from the remote router.
EXAMPLE:
I am able to ping from the 3550 switch at 10.150.0.9 (next hop for 10.150.0.2,directly connected) to the remote router LAN interface at 10.101.0.2 BUT I am unable to ping from 10.101.0.2 to 10.150.0.9. Make sense ?
Thanks
06-12-2008 10:49 AM
I am unable to ping anything past the 10.150.0.2 from the remote router.
Is the device being pinged has the default gateway pointing to the CORP router LAN interface ?
Traffic goes both ways, the remote router knows how to reach the CORP devices but the CORP devices need to know how to respond back to the REMOTE location.
I am able to ping from the 3550 switch at 10.150.0.9 (next hop for 10.150.0.2,directly connected) to the remote router LAN interface at 10.101.0.2 BUT I am unable to ping from 10.101.0.2 to 10.150.0.9. Make sense ?
No, it doesn't. If it doesn't work, let's verify the 3550 doesn't have any ACL and the correct subnet mask is applied on the interfaces.
Can you post the output from the pinging results along with the output from show ip interface brief | ex una from the 3 devices (CORP, 3550 and REMOTE router).
Thanks
__
Edison.
06-10-2008 11:34 AM
Don
I do notice one issue in the config that you posted. the remote router has its route for 10.1.0.0/16 pointed to corporate which seems right. But corporate has a route for 10.1.0.0/16 with next hop of 10.150.0.2 which is its own ethernet interface. I suspect that this is a typo mistake. But it would explain problems in access to 10.1.x.x addresses.
HTH
Rick
06-10-2008 11:38 AM
Is it a new config on both sides? Pls paste the routing table.
Using tunnels on either ends wud not have this much problems.Anyways lets have a look @ ur routing table.
Rate if this helps!!!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide