Problem with routing - Need help

it4sb0001 · ‎04-29-2014

Hello,

I need a little direction with what I think is a routing problem. Any help will be appreciated. My setup is as follows:

————————

Cable Modem

27.177.21.9

————————

WAN - Gi0/0

27.177.21.10

Cisco 2901

LAN - Gi0/1

192.168.1.250

————————

Client

192.168.1.10

————————

The Problem

Router can ping LAN interface

Router cannot ping WAN interface -X

Router can ping Cable Modem

Client

Client can ping LAN interface

Client can ping WAN interface

Client cannot ping Cable Modem -X

Here is my routing table:

Gateway of last resort is 27.177.21.9 to network 0.0.0.0 (this is my cable modem)

S* 0.0.0.0/0 [1/0] via 27.177.21.9

is directly connected, GigabitEthernet0/0

27.0.0.0/8 is variably subnetted, 2 subnets, 2 masks

C 27.177.21.8/30 is directly connected, GigabitEthernet0/0

L 27.177.21.10/32 is directly connected, GigabitEthernet0/0

192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks

C 192.168.1.0/24 is directly connected, GigabitEthernet0/1

L 192.168.1.250/32 is directly connected, GigabitEthernet0/1

Here is a portion of my configuration:

!

interface GigabitEthernet0/0

description Cable Internet$FW_OUTSIDE$$ETH-WAN$

ip address 27.177.21.10 255.255.255.252

zone-member security out-zone

duplex auto

speed auto

!

interface GigabitEthernet0/1

description hbc_staff$FW_INSIDE$$ETH-LAN$

ip address 192.168.1.250 255.255.255.0

zone-member security in-zone

duplex auto

speed auto

no mop enabled

!

ip default-gateway 27.177.21.9

ip forward-protocol nd

!

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 600 life 86400 requests 10000

!

ip route 0.0.0.0 0.0.0.0 27.177.21.9

ip route 192.168.1.0 255.255.255.0 27.177.21.9

!

Thanks in advance

it4sb0001 · ‎04-29-2014

Hello every one,

Another day has gone by and we are still facing the same connection issues with our new router, any help getting it working will be appreciated. Please see the first post for an explanation of our problem.

Thank you in advance.

Jon Marshall · ‎04-30-2014

Is the main issue internet access ?

If so where is the NAT being done for the 192.168.1.x IPs ?

1) if it is being done on the cable modem then you need a route on that device for the 192.168.1.x subnet pointing to the outside interface of your router

or

2) if you don't want to add a route to the modem (or can't) then you can NAT all 192.168.1.x IPs to the outside interface IP of your router. This way the modem knows where to send the return packets.

So what is the situation with NAT currently ?

Jon

it4sb0001 · ‎04-30-2014

Hello Jon and thanks for your reply.

For now I just want to make sure I can send packets from the LAN client thru the router, to the modem, and the Internet.

The status of NAT at this point is zero, I have not configure it yet. I did not think, at this point, my problem was NAT because I am able to ping from the LAN client PC to the modem and NAT will eventually happen at the WAN interface of the router later on. For now all I’m trying to accomplish is pinging to the WAN, the modem, and the Internet.

Please correct me if you still think my problem is with NAT and not with routing.

thank you in advance

Jon Marshall · ‎04-30-2014

In your original post you said the client could not ping the modem whereas you now say it can.

Which is it ?

Jon

it4sb0001 · ‎05-01-2014

Hello Jon,

I continue to try different configurations to get my router to connect without success. I am now trying NAT and this is where we stand now. Any help will be much appreciated.

The problem

Router now pings everything by ip address or name

Client PC from inside the LAN cannot ping modem or Internet

Relevant parts of configuration:

ip domain name mydomain.org

ip name-server 24.247.15.53

ip name-server 66.189.0.100

!

interface GigabitEthernet0/0

description Internet$FW_OUTSIDE$ETH-WAN$

ip address 27.177.21.10 255.255.255.252

ip nat outside

ip virtual-reassembly in

duplex auto

speed auto

!

interface GigabitEthernet0/1

description hbc_staff$FW_INSIDE$$ETH-LAN$

ip address 192.168.1.250 255.255.255.0

ip nat inside

ip virtual-reassembly in

zone-member security in-zone

duplex auto

speed auto

no mop enabled

!

ip nat pool HBC-I 27.177.21.10 27.177.21.10 prefix-length 24

ip nat inside source list 7 pool HBC-I overload

ip route 0.0.0.0 0.0.0.0 27.177.21.9

ip route 192.168.1.0 255.255.255.0 GigabitEthernet0/1

!

access-list 7 permit 192.168.1.0 0.0.0.255

#show ip route

Gateway of last resort is 27.177.21.9 to network 0.0.0.0

S* 0.0.0.0/0 [1/0] via 27.177.21.9

27.0.0.0/8 is variably subnetted, 2 subnets, 2 masks

C 27.177.21.8/30 is directly connected, GigabitEthernet0/0

L 27.177.21.10/32 is directly connected, GigabitEthernet0/0

192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks

C 192.168.1.0/24 is directly connected, GigabitEthernet0/1

L 192.168.1.250/32 is directly connected, GigabitEthernet0/1

When pinging the modem from a client inside the LAN this is what I get from NAT translations and statistics:

#sho ip nat translations ver

Pro Inside global Inside local Outside local Outside global

icmp 27.177.21.10:40709 192.168.1.8:40709 27.177.21.9:40709 27.177.21.9:40709

create 00:00:05, use 00:00:00 timeout:60000, left 00:00:59, Map-Id(In): 1,

flags:

extended, use_count: 0, entry-id: 4, lc_entries: 0

#sho ip nat statistics

Total active translations: 2 (0 static, 2 dynamic; 2 extended)

Peak translations: 2, occurred 00:00:04 ago

Outside interfaces:

GigabitEthernet0/0

Inside interfaces:

GigabitEthernet0/1

Hits: 104 Misses: 0

CEF Translated packets: 104, CEF Punted packets: 0

Expired translations: 7

Dynamic mappings:

-- Inside Source

[Id: 1] access-list 7 pool HBC-I refcount 2

pool HBC-I: netmask 255.255.255.0

start 27.177.21.10 end 27.177.21.10

type generic, total addresses 1, allocated 1 (100%), misses 0

Total doors: 0

Appl doors: 0

Normal doors: 0

Queued Packets: 0

Chandhuru sekaran marimuthu · ‎04-30-2014

Hi,

Instead of this" ip route 192.168.1.0 255.255.255.0 27.177.21.9"

Change it to "ip route 192.168.1.0 255.255.255.0 gig0/0"

Regards,

Chandhuru.M

Thanks and regards, Chandhuru.M

it4sb0001 · ‎04-30-2014

Hello Chandhuru.M and thanks for your reply.

After changing the route to what you suggested, I still have the same problem pinging across to the WAN interface and the modem. Now the LAN client PC and the router can only ping the LAN interface. Please refer back to the original post for a description of my setup. After the change you proposed, this is what I have:

Please note the Gateway of last resort is now not set.

hbc_gateway#show run | include route

ip route 0.0.0.0 0.0.0.0 24.176.21.9

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0

ip route 192.168.1.0 255.255.255.0 GigabitEthernet0/0

hbc_gateway#sho ip route

Gateway of last resort is not set

192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks

C 192.168.1.0/24 is directly connected, GigabitEthernet0/1

L 192.168.1.250/32 is directly connected, GigabitEthernet0/1

Any other suggestions at this point?