• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 481
  • Last Modified:

Keystone 24mg routing question

I have a NuWave Keystone 24mg switch I can't seem to get to route.

Created two Vlans
VID  Name     IP address      Ports
 1  Default   1-4
 2  Local Lan          5-24

The switch has a default gateway of

From the Switch I can ping and  

From a computer on the subnet with an IP address of can ping all ports on the router including but cannot ping or, any help would be appreciated programming this rouing switch.
  • 4
  • 4
1 Solution
Joseph HornseyPresident and JanitorCommented:
You probably need to add a route to the router at that points back to the network.  Here's what I'm thinking:

PC ------  Switch -------- Router

The PC is
The Switch is on the PC side
The Switch is on the router side
The Router is
You can ping, so the switch knows how to talk to the PC
You can ping, so the switch knows how to route to doesn't respond, so it doesn't know about the network
Since the router doesn't know about the network, its default gateway won't be able to get back to the PC either.

So, the problme is at the router that your switch is using as the default gateway.  Define the route and point it to and it should work.

Which device, by the way, is doing NAT?

pollsterAuthor Commented:
Router A is the default gateway which is an Adtran TA 850.  The Adtran provides DHCP to the Network.  I installed a NuWave Keystone 24mg ( a Layer 3 Routing Switch) between my gateway and my network so I could segment my network into 4 separate networks.

Network A:      for public use
Network B: for       Corparate Wan
Network C:   POS System 1
Network D:       POS System 2

Network D is located on the other side of a Fiber link.

I didn't want to change ip addressing on my POS Systems.

Network D should not be able to see any of the other netwoks only the gateway rounter and the Internet.  

Network B needs to see and talk to the gateway router, the Internet, Network C and Network D.

Network C needs to talk to and see network D and occasionaly the Internet.

Network D needs to talk to the Gateway Router and the Internet..

Router B port that connects to teh Gateway Router is The port on Router A connected to Router B is

I understand what you are saying about configuring Router A with a pathway back to my other networks.

What confuses me, is if any network on the other side Router B such as Network B sends traffic to the Gateway Router, Doesn't the gateway Router only see that the traffic originiated from and know to return the traffic to

If you solution is correct, I will need to contact my ISP to re-program there Router.

Thanks, any more info woulf be appreciated.
Joseph HornseyPresident and JanitorCommented:
So, your network looks like this:

 -------------      -----------------
|Adtran Rtr |--------------------|Keystone 24mg|------------------- Corporate WAN
 -------------                            -----------------
                                               |              |
                |               |__________________ Fiber Link to Network D (POS 1)

So far, so good.  A couple of questions for you, and I think I can come up with a solution:  You said that Network D is located on the other side of a Fiber link.  How is this physically connected?  Is Network D connected directly into the Keystone, or are there routers between Network D and the Keystone?

Also, what are the IP addresses for the Keystone for each of its networks?

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

pollsterAuthor Commented:
Correct .

Location A (which includes Adtran, Corporate Wan, and POS1) is a Keystone 24mg.

Location B (which inlcudes POS 2) is a Keystone 24mg.

Fiber between port 26 of both Keystone switches.

Keystone A:
                Public Lan              Ports 1-4    Interface IP
                Corporate Lan        Ports  5-20 Interface IP
                POS 1                   Ports 21-24 Interface IP
                Fiber                     Port  26      Interface IP

Keystone B:
                POS 2                    Ports 1-8     Interface IP
                Fiber                      Port   26     Interface IP

Future will include putting a public lan off of Keystone B via VLan

I also realize, I may have a problem with the POS 1 and POS 2 because POS 1 has an network of
Joseph HornseyPresident and JanitorCommented:
Okay.  Here's what I think:

First of all, I'm assuming that you're using a subnet mask of on all of your networks.  Go through the following list to make sure your routing is set up correctly:

1. Make sure that the default gateway for every device on the Corporate LAN is set to
2. Make sure that the default gateway for every device on the POS 1 LAN is set to
3. Make sure that the default gateway for every device on the POS 2 LAN is set to
           (By the way, if your subnet mask is, the is fine for a network ID)
4. Make sure that the default gateway for Keystone A is set to
5. According to your comment above, you've assigned the same IP address to Port 26 on both Keystone A and Keystone B.  Assuming that this is the uplink between the two, this is a problem.  Change the IP address on Port 26 of Keystone B to
6. Make sure that the default gateway for Keystone B is set to

I'm pretty sure that the problem is NAT (or lack thereof).  If you're not familiar with Network Address Translation (NAT), it's the protocol that allows private non-routable addresses (such as your,, and networks) to be used on public networks (the Internet).  (See RFC 1918 for more details on private vs. public addressing).  Anyway, you've got to make sure that Keystone A knows that ports 1-4 are using  public addresses and that ports 5-26 are all using private addresses and that it should perform NAT accordingly.  In your original comment you said "From a computer on the subnet with an IP address of can ping all ports on the router including but cannot ping or".  If it is NAT, your PC would still be able to ping because Keystone A knows about both networks because they are connected to it physically.  Once you get to the Adtran, however, it sees as a non-routable address so it doesn't respond.  It will respond the same way to the 192.168 networks.

Hope that helps.

pollsterAuthor Commented:
Thanks for your help, from what I could tell after sniffing packets, teh Keystone 24mg switches don't provide a nating function.

I contacted my ISP who added routes in the Adran back to my internal networks and all is well.

Once again, thanks for your time and help.  
pollsterAuthor Commented:
I will leave question open for one more day, for feedback and then grant you the points with excellent help.

Joseph HornseyPresident and JanitorCommented:
Glad I could help!


Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now