i have 2 lans 192.168.17.x and 10.10.255.x
i configured 1841 router with fe0 192.168.17.2 and fe1 10.10.255.1
fe0 is connected to a switch1 and fe1 to switch2
i have 2 issues.
i have pc connected on the 192.168.17.x network and i can ping to 192.168.17.2 but not 10.10.255.1. i think i need to configre route for this but not sure.
i only want some ip hosts from 192.168.17.x to communicate to 10.10.255.x network and want to know how i can do this?
ex. ip 192.168.17.5 - 192.168.17.10 to communicate to 10.10.255.x hosts.
i hope i can get help on this.
1. The router knows how to get to both destinations since they're locally connected, so you don't need routes. What you will need is default routes on the host that you are pinging from/to. They'll need to know where to send their traffic that they can't resolve for. Make sure the firewalls are turned off on both PCs as well.
2. You'll need either acls, zbfw, or cbac configured to block those hosts. The easiest is going to be acls. You'll permit hosts to talk to the 10.10.255.x hosts and then deny the rest like:
access-list 100 permit ip host 192.168.17.5 10.10.255.0 0.0.0.255
access-list 100 permit ip host 192.168.17.6 10.10.255.0.0.0.0 255
access-list 100 deny ip any 10.10.255.0 0.0.0.255
access-list 100 permit ip any any
Then you would apply the acl to the interface that is for the 192.168.17.0/24 subnet:
ip access-group 100 in
*** Please rate all useful posts ***
John, thanks for the info so with this i can ping from my host thats on 192.168.17.5 to the fe1 10.10.255.1 and i get reply but i cant ping any host thats on the 10.10.255.x network. do i need to specify any route?
my ip route info.
Gateway of last resort is not set
10.0.0.0/24 is subnetted, 1 subnets
C 10.10.255.0 is directly connected, FastEthernet0/1
C 192.168.17.0/24 is directly connected, FastEthernet0/0
As John said, router has full information about subnets, no routing needs to be configured.
You said that you are able to ping Fa1 interface from host x.17.5, that is good.
1. check botch interfaces if some ACL is not configured, post outputs from
- show run int Fa0/0
- show run int Fa0/1
2. you said that any host from 10.10.255.0 subnet is not reachable. Can you check if hosts on this subnets have configured default gateway correctly?
Please rate all helpful posts and close solved questions