12-29-2014 10:06 PM - edited 03-05-2019 12:27 AM
Hi Everyone.... I need urgent help on the below scenario....
ISP Managed Router connected to ADSL & looked for me to view or change configuration.... i have successfully configured my own 2921 to work with ISP router with IP NAT, Internet is working for all my LAN Users.
After connecting the VPN from outside to managed services router... i am able to reach my 2921 (10.10.10,100) but unable to access Internal LAN interface which is (10.10.100.1) on-wards....
ISP Managed Router (10.10.10.1) >>>>>>>>>> (10.10.10.100) MY Router (2921) (10.10.100.1)>>>>>>>>>>DHCP Users (10.10.100.21 to 100)
CONFIGURATION OF 2921 Attached.
Please give suggestions and advise if i need to so some more settings on 2921.
12-29-2014 11:15 PM
Hello
You don't say how you are trying to connect to the internal users ? Telnet/Http/FTP etc..
I can see you have a default-gateway applied and also multiple static routes which seems unnecessary -
Lastly, do you have 192.168.1.0/24 users and is 10.10.10.1 the ISP next hop address.
Can you try tidying this config up a little?
no ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0
no ip route 10.10.100.0 255.255.255.0 10.10.10.1
no access-list 10
no ip default-gateway 10.10.10.1
access-list 10 permit 10.10.100.0 0.0.0.255
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 10.10.10.1
res
Paul
12-30-2014 01:26 AM
Hi Paul,
I have changed the config as required.... yes ISP router side is 10.10.10.1
Still issues.... Internet is working fine for my LAN users...
When i connect VPN on ISP managed router - 78.93.181.41 its connected....
I can ping 10.10.10.0 range.... and able to reach my router which is 10.10.100.1.... but unable to access anything on 10.10.100.0 (which is my LAN)
Any ideas.... as i asked ISP to allow this in their router which they did....
access-list 10 permit 10.10.100.0 0.0.0.255
this what i get from 2921 now....
RGTSTHALIA2900#show ip nat translations
Pro Inside global Inside local Outside local Outside global
udp 10.10.10.100:1031 10.10.100.21:1031 192.168.1.111:161 192.168.1.111:161
udp 10.10.10.100:1031 10.10.100.21:1031 192.168.100.11:161 192.168.100.11:161
udp 10.10.10.100:1031 10.10.100.21:1031 192.168.100.111:161 192.168.100.111:161
udp 10.10.10.100:1031 10.10.100.21:1031 192.168.100.112:161 192.168.100.112:161
tcp 10.10.10.100:1674 10.10.100.21:1674 2.21.39.117:80 2.21.39.117:80
tcp 10.10.10.100:1734 10.10.100.21:1734 2.21.39.117:80 2.21.39.117:80
tcp 10.10.10.100:1735 10.10.100.21:1735 2.21.39.117:80 2.21.39.117:80
RGTSTHALIA2900#show ip route
Gateway of last resort is 10.10.10.1 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 10.10.10.1, GigabitEthernet0/0
10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
C 10.10.10.0/24 is directly connected, GigabitEthernet0/0
L 10.10.10.100/32 is directly connected, GigabitEthernet0/0
C 10.10.100.0/24 is directly connected, GigabitEthernet0/1
L 10.10.100.1/32 is directly connected, GigabitEthernet0/1
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide