Network doesn't see its own network

Posted on 2000-04-17
Last Modified: 2010-04-17
I have setup a router and XYZ company's 128Kbps Frame Relay line at my office. (I will call this frame relay service company XYZ to explain) I also setup a web server and connected to the router.  I have been using the line quite a while without any problem. I can access outside and from the out side, I can access the router and the web server.  And recently I noticed a very serious problem.

From any where else, I can access the web server without any problem.  However, when I use the same company(XYZ) DSL or phone dial-up service to get on to the Internet and type the web server address, it cannot find the web server.

I can telnet to the router, but I cannot access the web server from any network of XYZ.  I cannot even ping to the web server if I am on the XYZ network through DSL or dial-up line.

Is this something about the router table on the router or the web server?

Here is the current information on the router
Destination        Gateway         IF       Flg   Pref Met     Use     Age     wan5     SG       0   1   59524  286710     wan5     rGPT    60   1       0   69016     wan5     rPT     60   1      68   69016     wan5     *SP    120   7       3  286710    -               ie0      C        0   0    2537  286710  -               ie0      C        0   0   61061  286710  -               local    CP       0   0   15254  286710        -               bh0      CP       0   0       0  286710       -               local    CP       0   0       0  286710       -               rj0      CP       0   0       0  286710     wan5     SGP    120   7       0  286710     wan5     SGP    120   7       0  286710        -               mcast    CP       0   0       0  286710       -               bh0      CP       0   0       0  286711       -               bh0      CP       0   0       0  286711       -               local    CP       0   0       0  286711 -               ie0      CP       0   0    7922  286711
Information on the webserver
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface  *      UH    0      0        0 eth0       *            U     0      0        0 lo        *            U     0      0        0 eth0
default         UG    0      0        0 eth0
Numbers are slightly modified, but best represent the configuration.                                                                                                              

So to sum up the long story, it is basically that within the LAN, I can access the web server. From out side, I can access the web server except from the own company's Internet service.

Any help is greatly appreciated.
Question by:yjh123

Expert Comment

ID: 2726037
the company(XYZ) did not gave you the facility to connect to your router or server through dial-up line or dsl,so you can only connect through the frame relay connection (whatever it is (leased-line) maybe). so go back to your provider and ask him if their system can accept other connection type to get to your router or server,so check their system's ability for that.

Author Comment

ID: 2727596
Here is the situation.

We setup a frame relay line and we have a web server connected to the router.  This line is from one of two major ISP companies in the nation.

Everyone can ping the web server and browse the contents on the server fine.

Only problem is that if you are connected to the Internet via this company's own network (e.g., dial-up or DSL subscribers, or anything), you cannot get to this web server.

So the situation is that if you are on your own network (other than LAN), you can not access the router.


Expert Comment

ID: 2728600
Ok. Is your web server on your end of the Leased Line, or over at the ISP's office?

Can you do it the other way around? Can you connect via dial-up, and ping your dial-up connection from the Web server?

Do you have any type of security system running, either on your net or on the ISP's end? (Firewall, NAT, etc...)

What type of router is it on your end? (Just so I know what type of info I can ask.)



Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.


Expert Comment

ID: 2728931
It may be that your provider has an erroneous route somewhere that doesn't affect traffic from outside, but does inside. When you are dialed up, try tracerouting to your webserver and see where it dies. This will at least give you an idea of what is happening internally. Also, try doing a traceroute from outside their network and compare the two.


Expert Comment

ID: 2728987
What kind of router is this?

Try pinging the web server from the interface that your web traffic comes from . (specific ping)

Also, make sure that your web server has the correct subnet mask /28. This can cause nodes to be unreachable from certain router interfaces.



Author Comment

ID: 2729032
It's Lucent Superpipe 155.

The other way around works fine.

I verified the IP address and mask...


Expert Comment

ID: 2729251
The funny thing is this:

If you can do it the other way around, meaning you can ping the Dial-up connection from your web server, you have all your routes correctly configured. (Since when the "echo reply" packets need to get to your web server, the route is found), it works)

Is it possible that you have some type of access list, either locally on your router or on the ISP's router, filtering out some types of inbound packets?

This is my best guess right now.



Expert Comment

ID: 2790350
Any feedback?

Accepted Solution

snkhad earned 200 total points
ID: 2896802
You can access the web server from
within the LAN as well as from a third
party network but not from your own
network via the DSL or dialup link.

This means either the connecting
address or the responding address is
being recognized as one assigned to the
internal LAN and being deliberately
dropped as a forged attack packet since
it is seen coming from the WAN

Check any firewall configuration and
VPN setup at both the frame relay link
and the DSL/dialup link.

If you really want to do this, you
could implement NAT at one or both
sides and use the public address(es)
when connecting the long way round.

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the hope of saving someone else's sanity... About a year ago we bought a Cisco 1921 router with two ADSL/VDSL EHWIC cards to load balance local network traffic over the two broadband lines we have, but we couldn't get the routing to work consi…
There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

791 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question