06-11-2007 09:20 AM - edited 03-03-2019 05:23 PM
Hi, I have 5(Cisco 1841)PPP T1's terminating to a 2851- from the 2851 ATT has a router with routable IP's on the LAN interface to go to the Internet. All the t1's can ping the Serial
interfaces.I can ping the Internet from the 2851 but cannot from the the Ethernet side.Can you direct me? Thanks
06-11-2007 09:29 AM
Van
I believe that it is a fairly simple issue. The 1841s have a route to the 2851 and from it to the Internet. The 2851 knows how to reach the 1841s on their serial interface because that is a connected network. But the 2851 has no routing knowledge of the Ethernet on the 1841 side. Either you need to run a dynamic routing protocol so that the 2851 will know these networks or you need a static route on the 2851 for each of the remote LAN networks.
HTH
Rick
06-11-2007 09:31 AM
in your routing table you have:
Gateway of last resort is 170.49.221.49
in your config you have a default route as:
ip route 0.0.0.0 0.0.0.0 192.168.10.1
shouldn't it be?
ip route 0.0.0.0 0.0.0.0 170.49.221.49
06-11-2007 09:46 AM
Jorge
The show ip route is from the 2851 router which has the route to the Internet. The route there appears to be right. The ip route 0.0.0.0 0.0.0.0 192.168.10.1 is on the 1841 router. And this route is correct since it point to the address of the serial on the 2851.
So I believe that the static routing is correct as given but is incomplete. In partucular if you look in the routing table given from the 2851 it is obvious that there are no routes for any of the LANs at the remote 1841s. That is the important issue which must be addressed.
HTH
Rick
06-11-2007 09:56 AM
Rick,
He is doing NAT on the 1841 and hence, he doesn't need a route on the 2851 for the remote LAN subnet. He's natting the traffic to an RFC 1918 address on the 1841 and I'm not sure if the traffic is being natted again to a public address on the 2851. We need to look at the full config on the 2851 and topology info to make the correct determination as to what's causing the lack of the internet connectivity.
HTH
Sundar
06-11-2007 10:16 AM
Sundar
I did miss the NAT on the 1841. I saw the routing table on the 2851 had only connected subnets and the default route and thought that I had found the problem. I agree that we need to see the config from the 2851 and additional topology information.
HTH
Rick
06-11-2007 01:20 PM
Hi and thanks to everyone who's replied to my help request -
The topology is fairly straight.I have the 2851 w/(3)2prt vwic-2mft handling all the 1841's (5). Please see the 2851 config (shortened for brevity).I need to add that the ATT(ISP)router is the Internet with IP 170.49.221.49 /28
interface GigabitEthernet0/0
description $FW_INSIDE$$ETH-LAN$$INTF-INFO-GE 0/0$
ip address 192.168.100.2 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
duplex auto
speed auto
no cdp enable
no mop enabled
interface GigabitEthernet0/1
ip address 170.49.221.50 255.255.255.240
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
duplex auto
speed auto
no cdp enable
no mop enabled
!
interface Serial0/0/0:0
ip address 192.168.10.1 255.255.255.252
encapsulation ppp
!
interface Serial0/0/1:0
ip address 192.168.10.5 255.255.255.252
encapsulation ppp
!
interface Serial0/1/0:0
ip address 192.168.10.9 255.255.255.252
encapsulation ppp
!
interface Serial0/1/1:0
ip address 192.168.10.13 255.255.255.252
encapsulation ppp
!
interface Serial0/2/0:0
ip address 192.168.10.17 255.255.255.252
encapsulation ppp
!
interface Serial0/2/1:0
no ip address
router eigrp 100
network 192.168.0.0 0.0.255.255
auto-summary
!
ip route 0.0.0.0 0.0.0.0 170.49.221.49
!
!
ip http server
ip http authentication local
no ip http secure-server
logging trap debugging
no cdp run
06-11-2007 01:28 PM
Van
Thanks for the additional information. I believe that the issue is as Sundar suggested. The LAN addresses from the 1841s are translated into 192.168.10.x addresses coming into the 2851. But there is no translation of these addresses as they are forwarded to your next hop of 170.49.221.49. So you are forwarding them out but there is no route for the return traffic. They get to the provider or to the Internet and there is no routing there for 192.168.10.x. The solution would be to provide translation of these private addresses before they are forwarded to your provider.
HTH
Rick
06-11-2007 02:00 PM
Again thanks, as you can very well tell, I'm new to this forum.
Should I NAT in/out on the 2851?
Can you point me to a sample config?
How do I rate the help I've received?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide