cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1303
Views
3
Helpful
6
Replies

wan routing issue

I have 2 routers and 1 MLS. I have configured..

Router A is  internet router and its address is 2.2.2.2

router B as follows

ip cef

controller T1 0/0

framing esf

crc-threshold 1

linecode b8zs

channel-group 0 timeslots 1-32 speed 56

interface FastEthernet0/0

description ANH OLD LAN

ip address 172.18.100.10 255.255.255.0

speed 10

full-duplex

!

interface Serial0/0:0

description MPLS connection

ip address A.B.C.F  255.255.255.252

encapsulation ppp

!

interface FastEthernet0/1

description LAN Public IP

ip address 2.2.2.3.255.255.240

speed auto

full-duplex

router bgp 64513

no synchronization

bgp log-neighbor-changes

network X.X.X>X mask 255.255.255.240

redistribute connected

redistribute static

neighbor Y.T.R.R remote-as 65512

no auto-summary

no ip http server

ip classless

ip route 0.0.0.0 0.0.0.0 2.2.2.2

ip route 172.18.0.0 255.255.0.0 FastEthernet0/0

MLS as follows

mls flow ip destination

mls flow ipx destination

spanning-tree mode pvst

interface Vlan1

ip address 172.18.100.11 255.255.255.0

ip helper-address 172.18.100.1

!

interface Vlan2

description Wireless

ip address 172.18.101.11 255.255.255.0

ip helper-address 172.18.100.1

!

interface Vlan200

ip address 192.168.5.1  255.255.255.0

!

ip classless

ip route 0.0.0.0 0.0.0.0 172.18.100.10

ip route 172.16.0.0 255.255.0.0 172.18.100.10

no ip http server

Router A's fa 0 interface and router B's  FastEthernet0/1 connected together via a switch.

router B's

interface FastEthernet0/0 and MLS switch connected as default vlan.

router B learn all the routes via BGP

my clients default gateway is 172.18.100.11.

I can access internet with internet router. and also I can ping to fa0/1 of router B via client PC. But only thing is I cannot access/ping  internet.

My question is why I cannot access internet with these configurations??

Quick reply highly appreciated.

Thank you

Chamara

1 Accepted Solution

Accepted Solutions

shamax_1983
Level 3
Level 3

Hello Chamara,

You should have NAT setup for your Clients' internal subnet so it gets a public IP as it leaves your infrastructure.

When you try to ping Internet, the packet should have a routable (public) IP address.

In your case, as long as you ping your own infrastructure ( which you already have routes back for the private IP range you configured for your client ( 172.16.0.0 255.255.0.0 )) it will know how to get back.

But once it leaves your infrastructure and enters the Internet ( your ISP ) it will get dropped because Internet would not accept private IP addresses (RFC1918) as source addresses.

You can resolve this buy configuring NAT for your client's IP range on Router B

Let me know if you have more questions on this.

Also, please don't forget to rate/mark helpful answers.

Shamal

View solution in original post

6 Replies 6

cadet alain
VIP Alumni
VIP Alumni

Hi,

Can you ping f0/0 of Router A  from Router B  ? what gives a traceroute to 8.8.8.8 from the pc client ?

Regards.

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

I cannot access the internet router (Roouter A). But I can ping router B to roouter A fa0/0.  I can ping clients from the router B too. 

Even I cannot trace route from MLS (switch ) too. it just showing stars...

Thank you

Regards

Chamara

milan.kulik
Level 10
Level 10

Hi,

you might have forgotten to configure NAT for your clients using private IP addresses?

HTH,

Milan

shamax_1983
Level 3
Level 3

Hello Chamara,

You should have NAT setup for your Clients' internal subnet so it gets a public IP as it leaves your infrastructure.

When you try to ping Internet, the packet should have a routable (public) IP address.

In your case, as long as you ping your own infrastructure ( which you already have routes back for the private IP range you configured for your client ( 172.16.0.0 255.255.0.0 )) it will know how to get back.

But once it leaves your infrastructure and enters the Internet ( your ISP ) it will get dropped because Internet would not accept private IP addresses (RFC1918) as source addresses.

You can resolve this buy configuring NAT for your client's IP range on Router B

Let me know if you have more questions on this.

Also, please don't forget to rate/mark helpful answers.

Shamal

Damn.. I really forgot that.. Thank you so much Shamal and Milan.  much appreciated.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: