Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1045
Views
0
Helpful
6
Replies

Routing issue eludes me

pi_networks
Level 1
Level 1

‎07-31-2015 10:00 AM - edited ‎03-08-2019 01:12 AM

I have a test network setup that works 90% ... the last 10% is, I suspect, related to a single command that I just can't remember ..

Here's what works and what doesn't...

Any host in 10.1.15.0/24 (including the 3750 interface) can ping 192.168.59.221, 192.168.59.1, and any address on the internet. However, they CANNOT ping any other host on 192.168.59.0/24. (Firewalls have been rulled out)

Any host in 192.168.59.0/24 CAN ping any address on the internet AND any address 10.1.15.0/24. If I telnet from a host in 192.168.59.0/24 to the vlan 11 interface of the 3750 (10.1.15.1), the connection establishes, but beyond that there is no response from it. I even tried entering a static route on the host directing 10.1.15.0/24 to 192.168.59.221 to rule out the actiontec and had the exact same result.

 

Setup looks like this ...

 

internet gateway (fios - actiontec)

192.168.59.1/24 (inside interface)

|

|---192.168.59.0/24 hosts

|

192.168.59.221/24 (vlan 1)

cisco 3750

10.1.15.1/24 (vlan 11)

|

|---10.1.15.0/24 hosts

 

The actiontec has a route to 10.1.15.0/24 via 192.168.59.221 this all works.

The 3750 config is basically default with the vlans added and IP routing enabled.  It has a default route to 192.168.59.1 and there are no ACL's.

 

The worst part is that I'm sure I've run into this before and solved it with something simple .. but at this point I'm banging my head.

Any bright ideas would be appreaciated.

 

Labels:
0 Helpful
6 Replies 6

Martin Carr
Level 4
Level 4

‎07-31-2015 11:32 AM

Can you post the client network config?

Martin

0 Helpful

pi_networks
Level 1
Level 1
In response to Martin Carr

‎07-31-2015 12:05 PM

All clients in 192.168.59.0/24 use 192.168.59.1 as their default gateway.

All clients in 10.1.15.0/24 use 10.1.15.1.

Is that what you are referring to?, or are you looking for configuration out of the 3750?  (I attached the 3750 Config)

Preview file
4 KB
0 Helpful

Martin Carr
Level 4
Level 4
In response to pi_networks

‎07-31-2015 01:30 PM

The problem is you have set the incorrect gateway... it should be 192.168.59.221 for that network.

Martin

0 Helpful

pi_networks
Level 1
Level 1
In response to Martin Carr

‎07-31-2015 01:57 PM

192.168.59.1 is an edge router with a defined route for 10.1.15.0/24 via 192.168.59.221.

As stated, any device on 192.168.59.0/24 can ping into 10.1.15.0/24 when initiated from the 192.168.59.X hosts ... I seem to be having a scenerio where one directly connected subnet can see into another, but not vice versa.

0 Helpful

Martin Carr
Level 4
Level 4
In response to pi_networks

‎07-31-2015 02:58 PM

I know and what I have stated will work.

The problem is the class A network has no route back from the switch.

Martin

0 Helpful

pi_networks
Level 1
Level 1
In response to Martin Carr

‎08-01-2015 11:25 PM

I found the issue, and it wasn't routing after all (I had only ruled out software firewalls on the clients).  The Actiontec, despite knowing the routes, properly handling NAT for both ranges, and that the relevant ranges were on the same interface; was applying firewall rules before routing it's own internal traffic.  Once the rules were added, everything worked like a charm.

Thanks for your input.

0 Helpful
Customers Also Viewed These Support Documents