05-26-2015 12:35 PM - edited 03-05-2019 01:32 AM
I´m tryin to ping my LAN interface 192.168.55.1 from host 192.168.0.211 that is at WAN interface 192.168.0.56 .
I already input at the host 211 the route add 192.168.55.0 MASK 255.255.255.0 192.168.0.56
But I´m getting nothing.
Here´s my running :
Current configuration : 1769 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname LafeRouter
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$SYOW$1d/154C9R0oAxuf0s4CeO/
enable password 7 1411145C545D3A383C
!
no aaa new-model
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.10.1 192.168.10.10
ip dhcp excluded-address 192.168.55.1 192.168.55.10
!
ip dhcp pool LAN
network 192.168.55.0 255.255.255.0
dns-server 192.168.0.254
default-router 192.168.55.1
!
ip dhcp pool lan
!
!
ip name-server 192.168.0.254
multilink bundle-name authenticated
!
!
archive
log config
hidekeys
!
!
!
!
!
interface FastEthernet0/0
ip address 192.168.0.59 255.255.255.0
ip access-group 100 in
ip access-group 100 out
ip nat outside
ip virtual-reassembly
speed auto
full-duplex
no mop enabled
!
interface FastEthernet0/1
ip address 192.168.55.1 255.255.255.0
ip access-group 101 in
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
ip default-gateway 192.168.0.254
ip default-network 10.0.0.0
ip route 0.0.0.0 0.0.0.0 192.168.0.254
ip route 192.168.0.0 255.255.255.0 192.168.0.254
!
!
ip http server
ip nat inside source list 100 interface FastEthernet0/0 overload
ip nat inside source static tcp 192.168.55.1 23 interface FastEthernet0/0 23
!
access-list 100 permit ip any any
access-list 101 permit ip any any
access-list 199 permit tcp 192.168.0.0 0.0.0.255 any
snmp-server community public RO
!
!
control-plane
!
!
line con 0
exec-timeout 0 0
line aux 0
exec-timeout 0 0
line vty 0
access-class 199 in
exec-timeout 0 0
password 7 1411145C545D3A383C
login
line vty 1 4
access-class 199 in
password 7 1411145C545D3A383C
login
!
scheduler allocate 20000 1000
end
Thanks in advance
05-27-2015 11:29 AM
I assume there is another router in the mix here.
Clients on the 192.168.0.0/24 have another router they're going through.
Does that router include the route to get to the 192.168.55.0/24 network?
It looks like the address is 192.168.0.254
So on 192.168.0.254 you need to update the routing table to include:
ip route 192.168.55.0 255.255.255.0 192.168.0.59
That lets the hosts on the 192.168.0.0/24 network to know that the 192.168.55.0/24 network is reachable through 192.168.0.59
Just my best shot in the dark at this point.
I'm confused why you would put ACLs on the interfaces on the router at 192.168.0.59 for both in and out on the inside and outside interface and have them set to permit ip any any
Why not just not have any ACLs at all since you're allowing all traffic anyways.
05-28-2015 09:13 AM
Thanks Wiliam Benson for the reply.
About the another router at 0.0/24 i was using "route add" directly at the host 0.211 to reach the 55.0/24 from which use 0.56 as gateway
I attached a screen of the scenario.
I know that i could setup a router at 0.0/24 and the configure the routes, but I want the host to reach it.
Thanks in advance.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide