trenchant
asked on
Little loop somewhere in my config
I have a new public network I am trying to introduce on my network, using the 172.75.1.1/16 range. I can ping throughout my old networks, but I can't pring from my new to old network or from my old to new network. Might have something to do with subnetting.. not sure tho. Here's a copy of the config (private addresses changed of course ;) )
How can I make it so the 10.75.6.x, 172.75.1.x and 192.1.100.x networks can communicate?
version 12.3
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname DHS_2611R
!
boot-start-marker
boot-end-marker
!
enable password 7 011E43004311155F72
!
no aaa new-model
ip subnet-zero
ip cef
!
!
ip name-server 200.2.6.220
!
ip audit po max-events 100
!
!
interface Ethernet0/0
description connected to Internet
ip address 200.1.1.130 255.255.255.224
ip nat outside
full-duplex
!
interface Serial0/0
no ip address
shutdown
!
interface Ethernet0/1
description connected to EthernetLAN
ip address 172.75.1.1 255.255.0.0
ip nat inside
full-duplex
!
interface Ethernet1/0
description connected to EthernetLAN_1
ip address 10.75.6.253 255.255.255.0
ip nat inside
full-duplex
!
interface Ethernet1/1
no ip address
ip nat inside
shutdown
full-duplex
!
interface Ethernet1/2
no ip address
shutdown
half-duplex
!
interface Ethernet1/3
no ip address
shutdown
full-duplex
!
router rip
version 2
passive-interface Ethernet0/0
network 10.0.0.0
network 172.75.0.0
network 192.1.100.0
no auto-summary
!
ip nat pool Cisco2611-natpool-1 200.1.1.129 200.1.1.129 netmask 255.255.25
5.0
ip nat inside source list 1 interface Ethernet0/0 overload
ip nat inside source static 192.1.100.2 200.1.1.130
no ip http server
no ip http secure-server
ip classless
ip route 0.0.0.0 0.0.0.0 200.1.1.129
ip route 10.75.6.0 255.255.255.0 200.1.1.129
ip route 172.75.0.0 255.255.0.0 200.1.1.129
!
!
logging 200.2.5.130
access-list 1 permit 172.75.0.0 0.0.255.255
access-list 1 permit 10.75.6.0 0.0.0.255
access-list 1 permit 192.1.100.0 0.0.0.255
!
snmp-server community public RO
!
!
!
!
!
line con 0
exec-timeout 0 0
password 7 03165E0F425E731F
login
line aux 0
How can I make it so the 10.75.6.x, 172.75.1.x and 192.1.100.x networks can communicate?
version 12.3
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname DHS_2611R
!
boot-start-marker
boot-end-marker
!
enable password 7 011E43004311155F72
!
no aaa new-model
ip subnet-zero
ip cef
!
!
ip name-server 200.2.6.220
!
ip audit po max-events 100
!
!
interface Ethernet0/0
description connected to Internet
ip address 200.1.1.130 255.255.255.224
ip nat outside
full-duplex
!
interface Serial0/0
no ip address
shutdown
!
interface Ethernet0/1
description connected to EthernetLAN
ip address 172.75.1.1 255.255.0.0
ip nat inside
full-duplex
!
interface Ethernet1/0
description connected to EthernetLAN_1
ip address 10.75.6.253 255.255.255.0
ip nat inside
full-duplex
!
interface Ethernet1/1
no ip address
ip nat inside
shutdown
full-duplex
!
interface Ethernet1/2
no ip address
shutdown
half-duplex
!
interface Ethernet1/3
no ip address
shutdown
full-duplex
!
router rip
version 2
passive-interface Ethernet0/0
network 10.0.0.0
network 172.75.0.0
network 192.1.100.0
no auto-summary
!
ip nat pool Cisco2611-natpool-1 200.1.1.129 200.1.1.129 netmask 255.255.25
5.0
ip nat inside source list 1 interface Ethernet0/0 overload
ip nat inside source static 192.1.100.2 200.1.1.130
no ip http server
no ip http secure-server
ip classless
ip route 0.0.0.0 0.0.0.0 200.1.1.129
ip route 10.75.6.0 255.255.255.0 200.1.1.129
ip route 172.75.0.0 255.255.0.0 200.1.1.129
!
!
logging 200.2.5.130
access-list 1 permit 172.75.0.0 0.0.255.255
access-list 1 permit 10.75.6.0 0.0.0.255
access-list 1 permit 192.1.100.0 0.0.0.255
!
snmp-server community public RO
!
!
!
!
!
line con 0
exec-timeout 0 0
password 7 03165E0F425E731F
login
line aux 0
ASKER
heh good point.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Sorry about the late response, got caught up in an XP Migration, didn't have time to get back.
Our problems are all related to a Centurytel leased line, that is a quasi managed solution. We are required to connect to their network through an adtran they placed on our site, out of the ethernet port. I have no serial connection, and it has made everything very difficult because of a forced hop. I brought in a clearchannel T1 from ATT, go through my serial and I am set for now. I'm sure I will have more questions but for now, thanks much for the help!
Our problems are all related to a Centurytel leased line, that is a quasi managed solution. We are required to connect to their network through an adtran they placed on our site, out of the ethernet port. I have no serial connection, and it has made everything very difficult because of a forced hop. I brought in a clearchannel T1 from ATT, go through my serial and I am set for now. I'm sure I will have more questions but for now, thanks much for the help!
Please ask the Mods to remove these
>>enable password 7 011E43004311155F72
>> password 7 03165E0F425E731F
That password encryption is real weak and you donot want to put this in a public forum
SR