Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1784
Views
0
Helpful
4
Replies

Cisco 2811 and routing two networks

tourless27
Level 1
Level 1

‎06-22-2011 12:56 PM - edited ‎03-04-2019 12:47 PM

Hi Folks,

I have in production a 2811 ISR which works just fine.  Also in production I have a small NetGear wireless router hooked into it providing wireless access to my local network and internet for any of my traveling sales people and laptops.  I have just built another wireless network, completely seperate from anything else I have in production.  This new network is for nothing more than an IP security camera system with 25 cameras, three wireless access points, and a wireless router.

My production network is 192.168.16.x

My Camera network is 10.10.10.x

If I hang the new wirelss router by it's WAN port off of my existing network I can get a DHCP address as expected, can broswer the internet, and can even ping machines on my 192 network.  What I can't do is see single PC on my IP Camera network in my production network (same domain etc), nor can I ping any of my 10 addresses from my 192 side.

I've looked at access-lists and ip routes trying various combinations with no success.  I have a feeling I'm too deep into this to be seeing clearly and that I might have skipped over or forgotten something simple.  Or, quite simply, I have no idea what' I'm doing

Any help would be greatly appreciated.

TIA!

Labels:
0 Helpful
4 Replies 4

cadet alain
VIP Alumni
VIP Alumni

‎06-22-2011 01:34 PM

Hi,

provide an annoted diagram indicating what you want to achieve  so we can see which infos we need to try to help you.

Regards.

Alain.

Don't forget to rate helpful posts.
0 Helpful

tourless27
Level 1
Level 1
In response to cadet alain

‎06-22-2011 01:55 PM

let's see what light i can shed...

I have the existing network.

192.168.16.1/x - with 16.1 being my 2811

255.255.255.0

I have the wireless

10.10.10.1/x - with 10.1 being the wirelss router

255.255.255.0

*10.10.10.5 is a PC which has been previously joined to the windows domain on the 192 side.

I would like to see that pc on the 10 network when browsing on the 192 side.

From the 192 side I need to be able to pull up various webadmin gui's for the camera system, as well as give users the ability to open a browser, type 10.10.10.5 and get the user interface for the camera system (for remote veiwing).

If you need more specifics such as configs or screen shots, please let me know.

I hope this was helpful.

thanks.

0 Helpful

dan.blickensderfer
Level 1
Level 1

‎06-22-2011 04:51 PM

The issue is with the wireless router.  It's factory setup is NAT routing and that is the normal characteristics of the setup. You have a few options.

1.     Try setting the DMZ in wireless router to the ip address of your computer

2.     If you have an additional Ethernet interface in your Cisco router, set it up with your 10.X network and configure DHCP on that interface. Turn off DHCP in your wireless router and connect the LAN side of the wireless router to that Cisco Ethernet interface, that will make your wireless router just a plain old access point. You will also need to configure your Nat and access list in the Cisco router to allow that 10.X to gain access to the Internet and access to the other 192.X network.

3.     If you don’t have an additional Ethernet interface in the Cisco router and you have a Layer2 switch. You can setup a Vlan on the Ethernet interface for the wireless network. In the Layer2 switch configure the wireless Vlan and configure an Ethernet port in the switch to be native on the wireless Vlan.

I hope this helps.

0 Helpful

tourless27
Level 1
Level 1
In response to dan.blickensderfer

‎06-24-2011 08:13 AM

Thanks for the replys but I'm still having issues...

As it stands right now I can ping and connect remotely via VNC sessions or Remote Desktops to any machine on my 192.168 side from my 10.10 side, but the reverse is not true.  I've tried setting the DMZ on the wirelss router to the PC on the 10.10 side, tried various combinations of ip route and access list statements with and without setting an availalbe FE port with it's own 10.10 address and wiring it to a LAN port on the wireless router,  I do not have a switch available and I ran out of time on site, so I'm left to attempting to resolve this remotely through my 2811 (my 192.168 side).

I did go so far as to turn off any security of firewall on both the wireless router and pc on the 10 side so I can rule that out, but I just can't wrap my head around where the disconnect is and I feel like it's something on my 192 side that just doesn't now how to route to my 10.10 side.

I hope this sheds more light.

tia.

*******UPDATE*******

I'm albe to get into the wireless router's web gui via it's WAN port address which is a 192 address.  From there I can run a trace route to another part of my network and get the following results...

Tracing route to 192.168.1.1 over a maximum of 20 hops

1    1ms    1ms    1ms    192.168.16.1

2 16ms 15ms    8ms    10.250.250.5

3 18ms 60ms 27ms    10.247.23.239

4 27ms 12ms 28ms    10.255.255.129

5 34ms 18ms 15ms    10.255.255.130

6 24ms 17ms 17ms    10.250.250.252

7 36ms 18ms 18ms    10.250.250.10

8 19ms 18ms 18ms    192.168.1.1

Trace complete.

... which to me makes sence cause I can see out from the wireless network, just not back in.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card