Hi,

yes they are correct. for example

a client connected to 3.0 subnet has IP 192.168.3.10 - 255.255.255.0 with Gateway 192.168.3.3 (GE 0/1 Interface IP)

this client can communicate with everyone on 1.0 subnet but cant go outside. below is my sh ip route result

my router can ping anyone outside such as 8.8.8.8, google.com or yahoo.com

Gateway of last resort is 192.168.4.1 to network 0.0.0.0

S*    0.0.0.0/0 [1/0] via 192.168.4.1

     192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks

C        192.168.1.0/24 is directly connected, GigabitEthernet0/2

L        192.168.1.5/32 is directly connected, GigabitEthernet0/2

R     192.168.2.0/24 [120/1] via 192.168.1.3, 00:00:06, GigabitEthernet0/2

     192.168.3.0/24 is variably subnetted, 2 subnets, 2 masks

C        192.168.3.0/24 is directly connected, GigabitEthernet0/1

L        192.168.3.3/32 is directly connected, GigabitEthernet0/1

     192.168.4.0/24 is variably subnetted, 2 subnets, 2 masks

C        192.168.4.0/24 is directly connected, GigabitEthernet0/0

L        192.168.4.3/32 is directly connected, GigabitEthernet0/0

Do you have nat configured on the router, or is something else natting for you?

HTH,
John

*** Please rate all useful posts ***

hi john,

am not sure about natting, but i think my modem is doing this job

http://support.linksys.com/en-us/support/gateways/WAG320N

above modem is one am using with an IP of 192.168.4.1 and my GE 0/0 is connecting to it via 192.168.4.3 IP

do i need to setup NAT ? inside or outside ? please advise

Have a look at your modem and see what subnet is being NATed.  It maybe NATing only one subnet and if that is the case add the other 2 subnets and try again.

Also, can you post sh run from the router?

HTH

Hi,

thanks for the update, but previously I was only running that modem with switch for around 220 clients in my network. its just a standard adsl router. nothing fancy, no static IP just simple connection.

router was required to add new subnet.

below is my sh run, am not quite sure if i need NAT here. as router should just forward any unknown traffic to modem IP 192.168.4.1.

Building configuration...

Current configuration : 3326 bytes

!

! Last configuration change at 08:32:57 PCTime Mon Sep 16 2013

version 15.2

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname RoutingGW

!

boot-start-marker

boot-end-marker

!

!

logging buffered 52000

!

no aaa new-model

clock timezone PCTime 3 0

!

ip cef

!

!

!

!

!

!

ip domain name edesign.com.sa

ip name-server 192.168.1.248

ip name-server 192.168.1.250

no ipv6 cef

multilink bundle-name authenticated

!

!

!

!

!

!

interface Embedded-Service-Engine0/0

no ip address

shutdown

!

interface GigabitEthernet0/0

description Subnet 10.0 - External$ETH-WAN$

ip address 192.168.4.3 255.255.255.0

duplex auto

speed auto

!

interface GigabitEthernet0/1

description Subnet-3.0$ETH-LAN$

ip address 192.168.3.3 255.255.255.0

duplex auto

speed auto

!

interface GigabitEthernet0/2

description Subnet 1.0$ETH-LAN$

ip address 192.168.1.5 255.255.255.0

duplex auto

speed auto

!

router rip

network 192.168.1.0

network 192.168.3.0

!

ip forward-protocol nd

!

ip http server

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

ip route 0.0.0.0 0.0.0.0 192.168.4.1

!

!

!

!

control-plane

!

!

!

line con 0

line aux 0

line 2

no activation-character

no exec

transport preferred none

transport input all

transport output pad telnet rlogin lapb-ta mop udptn v120 ssh

stopbits 1

line vty 0 4

privilege level 15

login local

transport input telnet ssh

transport output telnet ssh

!

scheduler allocate 20000 1000

!

end

There has been a recent discussion very similar to this in the forum where the original poster was having problems in accessing the internet from subnets connected to the router. He found that doing address translation on the router for the connected inside interfaces did solve his problem. But he was frustrated at needing to do double NAT. My comment to him was that the ISP knew about the one subnet that was connected to the ISP and was doing translation for that subnet. I believe that if he were to request that the ISP do translation for additional subnets that the ISP would be able to do that but that it probably would require a service at a higher level than what was currently in his contract and would probably result in a higher bill. If you do not want to do double NAT then talk to your ISP and request additional translations but be prepared to pay more for the service. If you want to maintain your current billing level then do the double translation on your router.

HTH

Rick

thanks john,

that actually helps, i have to setup NAT.

am a bit confused now, as i have 2 nattings in my network. trying to find a solution for that