Re: routing between two lans

mseaman56 · ‎10-11-2007

I have one lan connect using a Linksys wireless nat router, i also have a testing/learning network with 5 pc's, Cisco 3550 switch and 2600 router with 2 ethernet interfaces. Lan A (Linksys wireless) 192.168.1.0 | Lan B (testing/learning) 192.168.2.0. The 2600 router e/0 address 192.168.2.1 e/1 192.168.1.2. Linksys address 192.168.1.1

I want to beable to get out to the internet from the test/learning network. I have rip protocal enabled, network 192.168.1.0 and .2.0

I can ping both interfaces...but can not get out. I have been searching for some direction to no luck. If someone can maybe point me in the right direction I would appreciate it. Network Diagram is attached for a better understanding of my home/learning network

nathancielieska · ‎10-11-2007

My guess is that your linksys router is the culprit. Here is how i would set it up.

Make your testing and learning hosts default gateway as 192.168.2.1

I would broadcast your wireless users the ip address of 192.168.1.1 as there default gateway. On the linksys i would have a default gateway pointing to your 2600 for routing (192.168.1.2). I would do NAT on your router making your internet connection your ip nat outside and your two ethernet interfaces as ip nat insides (please see Ciscos site for configuring NAT on routers).

This would allow your testing machines to get to the internet and your wireless users. It would also allow your wireless users to use the 2600 to get to the internet.

Hope it helps.

sundar.palaniappan · ‎10-11-2007

You can do this just with NAT.

Try this config on the 2600.

int e0

ip nat inside

int e1

ip nat outside

ip nat inside source list 10 int e1 overload

access-list 10 permit 192.168.2.0

HTH

Sundar

mseaman56 · ‎10-11-2007

I want to thank you for the help. I had thought about nat but was not sure. I will try the config you have and again thanks for the direction.

Mark

mseaman56 · ‎10-12-2007

I want to post my config on the router and see if anyone can point out any mistakes. I am thinking nathancielieska is right and the linksys is the problem.

Current configuration : 893 bytes

!

version 12.3

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname training

!

boot-start-marker

boot-end-marker

!

enable secret ??????????

enable password ????????

!

no aaa new-model

ip subnet-zero

ip cef

!

ip audit po max-events 100

!

interface Ethernet0/0

ip address 192.168.2.1 255.255.255.0

ip nat inside

half-duplex

!

interface Ethernet0/1

ip address 192.168.1.2 255.255.255.0

ip nat outside

half-duplex

!

router rip

network 192.168.1.0

network 192.168.2.0

!

ip nat pool training 192.168.2.2 192.168.2.50 netmask 255.255.255.0

ip nat inside source list 10 pool training overload

no ip http server

no ip http secure-server

ip classless

!

access-list 10 permit 192.168.2.0

!

line con 0

line aux 0

line vty 0 4

password ??????

login

!

end

hi.622823 · ‎10-12-2007

Hello,

Could you post a trace from pc1 to, say, www.yahoo.com, and also a "show ip route" from the Cisco router?

mseaman56 · ‎10-12-2007

Yes I can but will have to wait till I return home this evening, probably around 6pm EST.

thanks for the reply

hi.622823 · ‎10-12-2007

Hey, no problem at all.

Also, I don't think enabling NAT on the Cisco router will help, because you're translating one private IP into another --- this won't get you to the internet.

mseaman56 · ‎10-12-2007

The linksys wireless router is connect to the internet and is configured as a gateway and does the Nat for my home network 192.168.1.0. I have my training network as 2.0 with the 2600 e0/1 interface connected to the linksys with an static address of 1.2 The router will not route past the 192.168.2.1 e0/0 to the e0/1 interface or from my home network to my learning network.

I am looking to take my ccna sometime down the road and that is why I am playing with all of this; trying to expand my knowledge and learn, doing labs and creating my own network.

Thanks

jaipal · ‎10-12-2007

Hi,

I would suggest to have route specified on the cisco router pointing to LAN A

ip route 0.0.0.0 0.0.0.0 192.168.1.2

See if this would help you !!

Thanks,

sundar.palaniappan · ‎10-12-2007

Mark,

Did you try the NAT configuration I suggested? This configuration would make it appear all traffic is coming 192.168.1.2 from the Linksys router's perspective. The linksys then would NAT all traffic from the test network to it's global address. Basically you are doing double NAT here - on the Linksys and 2600.

The NAT configuration that you have in there to NAT all traffic to 192.168.2.2-50 isn't providing any benefit. For your configuration to work you need to do two things on the Linksys - Add 192.168.2.0/24 to the addresses to be NATted to the global address and a route to get to 192.168.2.0/24 to point to the 2600.

HTH

Sundar

mseaman56 · ‎10-12-2007

I thought I had tried. I have Cisco CCNA 1 & 2 books at home that I use for reference and maybe I didn't understand the correct way to enter the configuration for Nat. I posted the config of the router. I guess I am not understanding.

the nat pool that I have I thought would send all the address in that pool (which is my learning network) to the outside nat interface e0/1 and then on to the linksys.

My understanding is you either have to staticlly assign the addresses or have a pool of the addresses you want to use from the network.

If I am understanding you correctly I do not need to have this nat pool or specify any addresses.

The one thing I have not done is add the 192.168.2.0/24 to the addresses on the link sys. and the route to the 2.0

Thanks for allowing me to pick your brain.

Mark

sundar.palaniappan · ‎10-12-2007

You don't always need a NAT pool. Using a NAT pool is one of way doing dynamic NAT. You could also use the outside interface to NAT (PAT) all internal traffic. Let me try to explain how the configuration I suggested should work.

int e0

ip nat inside

int e1

ip nat outside

ip nat inside source list 10 int e1 overload

access-list 10 permit 192.168.2.0

All PCs on your test network would use the e0's IP of 192.168.2.1 as their gateway.

The above NAT inside command and access list would NAT (PAT) all traffic from 192.168.2.0/24 network to e1's IP address of 192.168.1.2 and send it over to the Linksys. You would also need to configure a default on the 2600 to point to the 192.168.1.1 (Linksys).

The Linksys would then route all traffic from any host on the 192.168.1.0/24 network, that includes 192.168.1.2 (2600), out to the ISP by NATting (PAT) the traffic using it's public IP address.

When the return traffic arrives at the Linksys it would know how to route the traffic back to the local client using the internal (192.168.1.x) address.

HTH

Sundar

mseaman56 · ‎10-12-2007

Thank you Sundar for the explaination and your valuable time...I believe I understand now. Will see if I do when I get home and change the configuration. Will post later to update.

Thanks,

Mark

sundar.palaniappan · ‎10-12-2007

No problem Mark.

Let us know how you did.