Internet over Point to Point link

jonnyk123 · ‎11-29-2012

We have two sites Site A and Site B

Site A has internet and Site B needs to access the internet from site A

I am using OSPF and both sites can see routes to the other site

Site B has the IP address of site A's end of the point to point as the Gateway of last resort however Site B cant access the internet still

When I do show ip route 0.0.0.0 it points towards the ip of site A's end of the point to point

I need to urgently solve this

Thanks in advance for you help

Raju Sekharan · ‎11-29-2012

Can you do a trace from Site B to any internet address and check where is it getting dropped

Raju

jonnyk123 · ‎11-29-2012

traceroute 209.244.0.3

Type escape sequence to abort.

Tracing the route to 209.244.0.3

VRF info: (vrf in name/id, vrf out name/id)

1 10.120.20.22 0 msec 9 msec 0 msec

2 * * *

3 * * *

this is the address of Site A's end of the point to point

Raju Sekharan · ‎11-29-2012

Hi Jonny

What is the next device after

10.120.20.22

Raju

John Blakley · ‎11-29-2012

What does site A go through to get to the internet? Does it redirect traffic to another device like a firewall or another router? What's site A's gateway of last resort?

HTH, John *** Please rate all useful posts ***

jonnyk123 · ‎11-29-2012

It goes through a firewall and Site A's gateway of last resort the IP of the firewall.

jonnyk123 · ‎11-29-2012

The next device after 10.120.20.22 is the core switch.

John Blakley · ‎11-29-2012

Your firewall needs a route back to site B. Does it have that? If not, you'll want to create a route on it pointing to it's next hop internally..possibly switch?

HTH,

John

**** Please rate all useful posts ****

HTH, John *** Please rate all useful posts ***

jonnyk123 · ‎11-29-2012

Site B core switch is conncted to switch 10.120.20.22 which is in site A and is then connected to the core switch in site A. The firewall is also connected to 10.120.20.22. Would I put the next hop as core switch or 10.120.20.22 ?

John Blakley · ‎11-29-2012

Yes. Put your route pointing to site b and the next hop as the .22 address. If your core knows how to get to site b, you should be good to go.

John

Sent from Cisco Technical Support iPhone App

HTH, John *** Please rate all useful posts ***

Raju Sekharan · ‎11-29-2012

1. Check if your Firewall has route back to Site B

2. Check if FW is configured to Allow the Site B IPs and configured to NAT those IP Addresses

Raju

ALIAOF_ · ‎11-29-2012

It would be best if you can post a diagram of your network with IP's and connections.

jonnyk123 · ‎12-03-2012

I can ping IPs on site B from the core switch and firewall on Site A

The firewall does not have any restrictions to stop Internet access from any range

John Blakley · ‎12-03-2012

Is your firewall natting? Do you have the range that site B hosts listed in the firewall to be natted? What type of firewall is it? Since you can ping from the firewall to site B, it's not a routing issue...

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

jonnyk123 · ‎12-03-2012