Routing traffic between segments

I have a Cisco 2811 router sittinng between to seperate network segments.
I put a static route on the ASA of route inside 10.10.20.0 255.255.255.0 10.10.0.5
On the 2811 router I have ip routing turned on.  I need to access the server on the seperate segment via RDP, ping, drive mappings, etc.. Why is not working or what am I missing?


Server                         FA0/1 10.10.20.3        FA0/0 10.10.0.5                         FA0/0 10.10.0.1         FA0/1 public ip to internet
10.10.20.10 -------------------------------|(2811)|---------------------[SW]------------------------|ASA 5510|----------------
                                                                                                   |
                                                                                                   |
                                                                                                   |
                                                                                                   |
                                                                                                 wkst 10.10.0.145
                                                                                                 GW 10.10.0.1
cisco_2k2Asked:
Who is Participating?
 
Scotty_ciscoCommented:
well there is the problem if you do a route print how does it know to get to the workstation.... try putting a route add 10.10.0.0 mask 255.255.255.0 10.10.20.3 -p in the server from the command prompt.

see if that fixes the problem the VPN could be causing issues if that does not work post a route print.

Thanks
Scott
0
 
Scotty_ciscoCommented:
The ASA is probably a lot like the pix turn your DF gw to the FA 0/0 or 10.10.0.5 many security devices can not route a packet out the same interface which they recieve the packet on they usually eat them.

Thanks
Scott
0
 
cisco_2k2Author Commented:
Even if I switch my GW to 10.10.0.5 or add a route to my workstation, I can not get past the 10.10.20.3 interface of the router to the seperate segment.  I can successfully ping the interface for the segment but any other hosts do not respond to pings or connection attempts.
0
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
Scotty_ciscoCommented:
what is the servers gateway and does it have any static routes?  Are there any ACL's in place on the router?

Thanks
Scott
0
 
cisco_2k2Author Commented:
The servers GW is 10.10.20.1 which goes out to a separate Internet/VPN connection.  I currently do not have any static routes set on the server.  Here is the cfg from the router:

Current configuration : 1024 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname 2811RTR
!
boot-start-marker
boot-end-marker
!
logging buffered 4096 debugging
enable secret 5 xxxxxxxxxxxxxxxxxxxxxxxx
enable password xxxxxxxxxxxxxxxx
!
clock timezone NewYork -5
clock summer-time NewYork date Apr 6 2003 2:00 Oct 26 2003 2:00
no network-clock-participate aim 0
no network-clock-participate aim 1
no aaa new-model
ip subnet-zero
!
!
ip cef
!
!
ip name-server 10.10.0.201
no ftp-server write-enable
!
!
!
!
interface FastEthernet0/0
 description $ETH-LAN$
 ip address 10.10.0.5 255.255.255.0
 duplex auto
 speed auto
 no mop enabled
!
interface FastEthernet0/1
 description $ETH-LAN$
 ip address 10.10.20.2 255.255.255.0
 duplex auto
 speed auto
!
ip classless
ip http server
!
!
access-list 101 permit icmp any any echo
access-list 101 permit icmp any any
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
 password xxxxxxxx
 login
!
scheduler allocate 20000 1000
!
end
0
 
cisco_2k2Author Commented:
Thanks scott for the help!  Considering I have some developers making changes onn the server, they removed the route statement and turned on the windows firewall after turning it over to them.   I just assumed that the server was in the same state.  It is working again.

Thanks
Cisco_2k2
0
 
Scotty_ciscoCommented:
Ah Developers..... got to love to hate them!!! I have a pretty good crew of them now but in past jobs not so lucky they always blame the network as well think it is their favorite pastime.

Thanks
scott
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.