cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2406
Views
4
Helpful
3
Replies

Can't connect to internet - Home Lab question (CCNA)

aLeffingwell
Level 1
Level 1

Hi All,

Here is my intended setup:

ISP home router, plugged into Fa0/0 of a 2600 router (hostname COREROUTER)

Serial connection from S0/0 of COREROUTER down to S0/0 of another 2600 router (hostname DISTROUTER)

Ethernet connection from Fa0/0 of DISTROUTER to Fa0/24 of a 2950 switch (hostname SWITCH)

Ethernet connection from Fa0/1 of SWITCH to a PC.

All I'm trying to do is be able to get out to the internet from the PC attached to SWITCH. 

From COREROUTER I am able to ping a public DNS server just fine (the one provided by the ISP)

From DISTROUTER I cannot.  Here are the IP address schemes I put in place:

COREROUTER

Default-Gateway - 192.168.0.1

Fa0/0 - 192.168.0.10

S0/0 - 172.16.1.1

DISTROUTER

Default-Gateway - 172.16.1.1

S0/0 - 172.16.1.2

My understanding has to be incorrect - but my assumption was: I attempt to ping an outside address, not in the routing table of DISTROUTER, and it forwards the request to the default gateway, which is directly connected.  At the default gateway, the path still isn't in the routing table, so it gets forwarded to the next default gateway 192.168.0.1 which knows how to get to the DNS servers on the outside?

Thanks in advance for any insight into this issue, it's most puzzling!

Kindest Regards,

Alan

1 Accepted Solution

Accepted Solutions

Richard Burts
Hall of Fame
Hall of Fame

Alan

I believe that your logic about the forwarding of traffic outbound is correct. I believe that the problem you experience is not that you can not get to the name server but is that responses from the name server do not get back to you. I believe that there are several potential problems.

One potential problem is that some device does not have a route to the subnet where you are connected. I am assuming that the subnet where your address is would be a locally connected subnet on DISTROUTER. Does COREROUTER have a route to that subnet? Does the ISP home router have a route to that subnet? Does the ISP network have a route to that subnet? One way to test this would be to ping to each device along the path (can you ping COREROUTER, can you ping ISP router).

Another potential problem may be about address translation. For your traffic to get to the Internet and for responses to get back your private address needs to be translated. Is it possible that the ISP home router is translating for its local subnet but is not translating for the subnet of DISTROUTER?

HTH

Rick

HTH

Rick

View solution in original post

3 Replies 3

Richard Burts
Hall of Fame
Hall of Fame

Alan

I believe that your logic about the forwarding of traffic outbound is correct. I believe that the problem you experience is not that you can not get to the name server but is that responses from the name server do not get back to you. I believe that there are several potential problems.

One potential problem is that some device does not have a route to the subnet where you are connected. I am assuming that the subnet where your address is would be a locally connected subnet on DISTROUTER. Does COREROUTER have a route to that subnet? Does the ISP home router have a route to that subnet? Does the ISP network have a route to that subnet? One way to test this would be to ping to each device along the path (can you ping COREROUTER, can you ping ISP router).

Another potential problem may be about address translation. For your traffic to get to the Internet and for responses to get back your private address needs to be translated. Is it possible that the ISP home router is translating for its local subnet but is not translating for the subnet of DISTROUTER?

HTH

Rick

HTH

Rick

paulstone80
Level 3
Level 3

Hi Alan,

The problem will be that the ISP router doesn't know where the subnet 172.16.1.0 is. It can see the COREROUTER as they both have an interface in the same subnet, 192.168.0.0.

If you ping the ISP router from the COREROUTER with a source IP of 172.16.1.1 you will probably find the ping fails.

You need to add a route to the ISP router of 172.16.1.0/24 via 192.168.0.10 (i've assumed you're using a /24 mask).

Your understanding is nearly correct, however routers themselves don't normally have a default gateway, as they are usually connected to multiple subnets. Instead they have a default route (0.0.0.0 0.0.0.0) or a 'gateway of last resort', which tells the router where to send the packet if it can't find a match for the destination address in its routing table.

HTH

Paul

HTH Paul ****Please rate useful posts****

Hey Guys!

Thanks so much for the response, I've been on holiday so I didn't recognize the reply - my apologies.

@paulstone80 - I had thought similarly as well but I knew I had routes in place along each device and eventually settled on the fact that it was something in the ISP router that was out of my hands.

@Richard - and the NAT was the issue with the entire setup, once I ensured routes were not the issue and that on the 192.168.0.0/24 subnet everything worked fine, I decided to implement some translation to a pool in that subnet for everything outbound and voila we were up and running!

Thanks again for your detailed responses, I marked Richard's response as the correct answer since he mentioned the NAT'ing which ended up being the solution.  Not sure, how to award 'helpful' type responses.  Either way thank you both

Kindest Regards,

Review Cisco Networking for a $25 gift card