Two LANs: home network (ISP) can't access Lab network

CJCLAES · ‎01-26-2019

I have two private LANs. I've connected my router 1941 (ZR1941) and my switch SW2970 to my home wirelesss ISP router. Devices connected to the switch (192.168.99.0/24) can access the internet. They can also acdess devices connected to my home wireless ISP router (192.168.2.0/24).

However, the devices connected to my home wireless ISP router can't access the one connected to the switch SW2970. Unfortunately, there's no option to setup static IP route on the home wireless ISP router.

Is there any way to allow traffic from laptop0 192.168.2.2/24 to my other LAN 192.168.99.0/24?

Thanks for any help!

Here's ZR1941 running-config:

Current configuration : 1175 bytes
!
version 15.1
service timestamps log datetime msec
service timestamps debug datetime msec
no service password-encryption
!
hostname ZR1941
!
!
!
ip dhcp excluded-address 192.168.99.1 192.168.99.30
!
ip dhcp pool mylan2
network 192.168.99.0 255.255.255.0
default-router 192.168.99.1
!
!
aaa new-model
!
!
!
ip cef
no ipv6 cef
!
!
!
ip domain-name lab.net
!
!
spanning-tree mode pvst
!
!
!
interface GigabitEthernet0/0
ip address 192.168.2.9 255.255.255.0
ip nat outside
duplex auto
speed auto
!
interface GigabitEthernet0/1
ip address 192.168.99.1 255.255.255.0
ip nat inside
duplex auto
speed auto
!
interface GigabitEthernet0/0/0
no ip address
!
interface Vlan1
no ip address
!
ip nat inside source list 1 interface GigabitEthernet0/0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.2.1
!
ip flow-export version 9
!
!
access-list 1 permit 192.168.99.0 0.0.0.255
!
!
!
line con 0
!
line aux 0
!
line vty 0 4
transport input ssh
!
!
end

Here's my switch SW2970 running-config:

Current configuration : 1098 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname SW2970
!
!
!
ip name-server 68.66.181.11
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
ip address dhcp
!
!
!
!
line con 0
!
line vty 0 4
login
line vty 5 15
login
!
!
!
!
end

ngkin2010 · ‎01-26-2019

Hi,

May I know is your wireless access point running in pure-layer 2 (WAN interface is not connected) or layer 3 (WAN interface connected to router)?

And I see you have enabled dynamic NAT, you would need to setup static NAT to allow access from outside (notebook subnet) to inside subnet.

Deepak Kumar · ‎01-26-2019

Hi,

I can see that you have configured NAT on the router so it is not allowing the outside to inside access. Make it some simple and Connect ISP on the Cisco router and configure routing and NAting on it.

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!