cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1602
Views
0
Helpful
8
Replies

Router with 2 ethernet ports

sid916207
Level 1
Level 1

Dear All,

I have Cisco 1841 Router with e ports - fa0/0 and 0/1.

0/0 is configured for vlan trunking and 4 subnets are configured.

default gateway for router is inside IP of Pix 506 e 6.3(4).

The IP details are below.

Fa0/0 - 192.168.165.91

0.1 - 192.168.20.1

0.2 - 192.168.30.1

0.3 - 192.168.40.1

fa0/1 - 192.168.60.1 connected to ASA

default gateway - 192.168.165.1

Inter-vlan routing is working fine and hosts are able to ping e/o but not to 192.168.165.1.

I have to give all PC under vlans access to internet.

Now I want to use fa0/1 to access internet from all vlans.

But I'm unable to ping from fa0/1 to ASA 's IP.

Any help on this.

Many Thanks,

Siddhartha

8 Replies 8

Amit Singh
Cisco Employee
Cisco Employee

Siddhartha,

Please paste a network diagram.Where is pix506 connected ? ASA is connected to FA0/1, what is the inside ip address of the ASA interfaces.

Do you have static routes configured on ASA for the vlan traffic on the ASA? You have to configured reverse router on ASA i.e

route inside

Do it for all the vlans and also configured the ACL to allow the ICMP traffic from ASA to the respective vlans.

-amit singh

Hi Amit,

Thanks for reply. The complete network diagram is below.

VLANs--->Router(Inside192.168.165.91)--default gateway-> Pix1(same subnet.1) --> outside (public IP)

Router port fa0/1(192.168.60.2)-->ASA Gig0/2( 192.168.60.1) ASA 0/0 - Public IP.

Router is being used for Intervlan routing with RIP configured for all VLAN subnet and 192.168.165.0 subnet.

I want to use the fa0/1 on router to access Internet from VLANs.

Default route in VLan router is pointing to Pix (.1).

can you please tell the configuration commands?

I'm also online on skype - sid_lochan

Many thanks,

Siddhartha

flashsplash
Level 1
Level 1

first of all would u explane what ASA is pls.

Second ur saying that trunking is working.

If ur Ethernet ports are 100mb then it's oke, but if the are 10 mb i'm amased that the trunk is working cause the trunk must be at least 100mb.

Third i see that ur using 192.168.165.1 and 192.168.20.91

My question is in what vlan are the sub int 0.1, 0.2 and 0.3 cause the there default-gateway need to be in the same subnet.

looking at ur config the sub int need to use the address 192.168.165.91

ciao flash...

ps: paste ur conf if possible pls

Hi All,

Router's conf. attached.

Siddhartha,

Do you still want PIX or not in the picture?

If you want all the vlan traffic to be routed via ASA for internet, then point the default route on the router to the ASA IP. On ASA configure the reverse static routes as mentioned in my previous posts. Once that's is done then you will be OK to access the internet via ASA.

Let me know if you have more questions.

-amit singh

Hi Amit,

I get route already connected error on ASA when configuring route.

only one default route is configured on ASA - 0.0.0.0 0.0.0.0 outside (public ip)

its not letting me to insert any route.

Any suggestions.?

Thanks,

Siddhartha

hi sid,

i am doing the same config at my customer place. for vlan config customer requirment is 2 router (1841) , i hv configure vlan but not able to connect 2 routers back to back . hsrp is enable , i can't ping router to router.

any suggestion.

Thanks

pstebner1
Level 1
Level 1

Sid-

I am very confused with your config. You say that FA0/1 is 192.168.60.1 and is connected to your ASA, but in the config the IP address of FA0/1 is 172.16.15.2. Also, the access lists that you have applied to FA0/1 preclude anything from coming to or from 192.168.60.1, wherever that is - it's only allowing UDP from the host 192.168.60.2.

Also, what is the config on your ASA? Perhaps you have ICMP not being allowed on the inside interface?

I'm also confused as to why you are running RIP and also have static routes for the same networks.

Perhaps a diagram might be useful so that we can see what you are trying to achieve.

HTH,

Paul

Review Cisco Networking for a $25 gift card