Re: Cisco 1841 ip routing problem - Page 5

mmunoz2000 · ‎09-03-2018

Hello everyone!

I'm completely lost here, since I'm a newbie on this networking area.

I recently had a problem with a cisco router 1841 that lost all configuration after a power outage. Long story short, i've been able to restore most of it, but i'm still having issues with the ip routing. This is the scenario:

I have 2 internal VLANS (1010 and 3040) configured in a ZyXEL switch.
1010 has an ip 192.168.170.1
3040 has an ip 192.168.160.1

I have a Sonicwall on the other end that acts as a gateway with ip 192.168.168.1

On the router I have interface 0/0 as outside with ip 192.168.168.54
I also have 2 subinterfaces for the vlans with the ips mentioned before.

Everything works fine on the internal network, which is 192.168.168.x

I want traffic from VLANS to go outside to the internet
I want traffic to go inside to those VLANS from the internet

So far, from the router, i can ping all the gateways and the internet.

PC inside the 192.168.170.x network can reach the internet, but no one can reach that computer from the outside.

Please help me, i've been trying to figure this out a week from now, but no clue what am i missing!!!

See my current configuration:

!
interface FastEthernet0/0
ip address 192.168.168.54 255.255.255.0
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
ip nat inside
ip nat enable
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet0/1.1
encapsulation dot1Q 1010
ip address 192.168.170.1 255.255.255.0
ip nat inside
ip nat enable
ip virtual-reassembly
!
interface FastEthernet0/1.2
encapsulation dot1Q 3040
ip address 192.168.160.1 255.255.255.0
ip nat inside
ip nat enable
ip virtual-reassembly
!
interface Serial0/0/0
no ip address
shutdown
!
interface Serial0/1/0
no ip address
shutdown
!
ip route 0.0.0.0 0.0.0.0 192.168.168.1
!
!
no ip http server
no ip http secure-server
ip nat source list 1 interface FastEthernet0/0 overload
ip nat inside source list 1 interface FastEthernet0/0 overload
!
access-list 1 permit 192.168.170.0 0.0.0.255
access-list 1 permit 192.168.160.0 0.0.0.255
!
!
!

I would really appreciate any insight on this matter, since i need to have these up and running in a couple of days.

I hope you guys can help!

paul driver · ‎09-05-2018

Hello

You are providing incorrect information - I i asked you a while back to confirm if your rtr lan facing jnterface is set as a trunk on the switch and you confirm it was now your saying isn’t -

apart from this you that stated that nothing has never been changed on the switch or Fw only the rtr - is this still the case?

SO to be clear for your your Fw port this dosent need to be a trunk on the switch but your rtr port to the switch does

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

mmunoz2000 · ‎09-05-2018

Thank you all for your help.

After all the troubleshooting and help i've received, I've managed to get it working.

Following all your suggestions, I decided to rearrange the whole topology of the network and it is running as expected.

We have the router behind the firewall and the 3 vlans behind the router.

I understand this was not very clear from the beginning, but really all your ideas and input helped me tremendously to solve this problem.

Again...thank you very much for your time and effort. I'm happy this is solved.

Thanks!!

Georg Pauwen · ‎09-05-2018

In order to avoid further confusion, can you provide a brief schematic drawing of what your physical and logical setup looks like, including which ports are connected to which ports ?