georgeong
asked on
CISCO 2821 router internal routing across 2 GigabitEthernet interface
Hi,
I have to do routing across 2 GigabitEthernet interface on 2 x CISCO 2821
Router 1
Gig0/0 - 10.1.1.1 / 24
Gig0/1 - 192.168.2.200 / 24
ip route 192.168.1.0 255.255.255.255 gigabitethernet0/0
Router 2
Gig0/0 - 10.1.1.2 / 24
Gig0/1 - 192.168.1.200 / 24
ip route 192.168.2.0 255.255.255.255 gigbitethernet0/0
Network description;
1.Both Gig0/0 interface is connected via a dedicated private Point-to-Point Lease line w/o internet access.
2.users on both Gig0/1 interface basically need full access to both network
3.Default gateway(internet firewall) is on the 192.168.2.x network
i am able to ping both Gig0/0 interface from both network
but i can't ping both internal network interface
Please help me cos i am new to routing.
Thanks
I have to do routing across 2 GigabitEthernet interface on 2 x CISCO 2821
Router 1
Gig0/0 - 10.1.1.1 / 24
Gig0/1 - 192.168.2.200 / 24
ip route 192.168.1.0 255.255.255.255 gigabitethernet0/0
Router 2
Gig0/0 - 10.1.1.2 / 24
Gig0/1 - 192.168.1.200 / 24
ip route 192.168.2.0 255.255.255.255 gigbitethernet0/0
Network description;
1.Both Gig0/0 interface is connected via a dedicated private Point-to-Point Lease line w/o internet access.
2.users on both Gig0/1 interface basically need full access to both network
3.Default gateway(internet firewall) is on the 192.168.2.x network
i am able to ping both Gig0/0 interface from both network
but i can't ping both internal network interface
Please help me cos i am new to routing.
Thanks
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hi lmore you can use the interface or the next hop address/ also you are missing the subnet and antoher thing george do you have internet access in both networks or do you whant to route everithing to one site???
Cheers
Cheers
I hate to argue, but it is not recommended by Cisco to use the interface if the interface is Ethernet. It works fine for dialer interface, serial interfaces, but not Ethernet. Here's Cisco's story regarding the problem with ARP on a broadcast (Ethernet) interface:
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800ef7b2.shtml
Yes, I did forget the mask for the default on R2
ip route 0.0.0.0 10.1.1.1 should be:
ip route 0.0.0.0 0.0.0.0 10.1.1.1
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800ef7b2.shtml
Yes, I did forget the mask for the default on R2
ip route 0.0.0.0 10.1.1.1 should be:
ip route 0.0.0.0 0.0.0.0 10.1.1.1
Nice article
So we can post the final config if you have your internet access in router 2 netwrk:
Router 1
Gig0/0 - 10.1.1.1 / 24
Gig0/1 - 192.168.2.200 / 24
ip route 192.168.1.0 255.255.255.0 10.1.1.2
ip route 10.1.1.0 255.255.255.0 10.1.1.2
Router 2
Gig0/0 - 10.1.1.2 / 24
Gig0/1 - 192.168.1.200 / 24
ip route 0.0.0.0 0.0.0.0 10.1.1.1
255.255.255.0 255.255.255.0
10.1.1.1 10.1.1.2
network 192.168.2.0 Gig0/1------ROUTER1------G
subnet 255.255.255.0 subnet 255.255.255.0
Remember to add a route from your firewall to your Router 1 Gig0/1 Interface in order to gain access to internet.
Cheers
So we can post the final config if you have your internet access in router 2 netwrk:
Router 1
Gig0/0 - 10.1.1.1 / 24
Gig0/1 - 192.168.2.200 / 24
ip route 192.168.1.0 255.255.255.0 10.1.1.2
ip route 10.1.1.0 255.255.255.0 10.1.1.2
Router 2
Gig0/0 - 10.1.1.2 / 24
Gig0/1 - 192.168.1.200 / 24
ip route 0.0.0.0 0.0.0.0 10.1.1.1
255.255.255.0 255.255.255.0
10.1.1.1 10.1.1.2
network 192.168.2.0 Gig0/1------ROUTER1------G
subnet 255.255.255.0 subnet 255.255.255.0
Remember to add a route from your firewall to your Router 1 Gig0/1 Interface in order to gain access to internet.
Cheers
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Thanks lmore for your pointer, if you need to ping the interface you will need it rigth???
> if you need to ping the interface you will need it rigth???
I'm assuming that you mean a route statement to its own directly connected network?
No. Never. The router knows what networks are directly connected to it.
I'm assuming that you mean a route statement to its own directly connected network?
No. Never. The router knows what networks are directly connected to it.
ASKER
Hi guys,
Thanks for your quick reply.
camacho.
Your diagram is right.
We are using a dedicated private fiber lease line (local ISP) for connection between 2 building.
We need to make sure all users on both internal network need to access both network.
lrmoore,
Default gateway for R1 is their firewall.
we already set a a route for the 192.168.1.0 network pointing to R1 LAN IP.
Thanks for the pointers.
So, after reading your postings,
Is the following config correct
Router 1
Gig0/0 - 10.1.1.1 / 24
Gig0/1 - 192.168.2.200 / 24
ip route 192.168.1.0 255.255.255.0 10.1.1.2
Router 2
Gig0/0 - 10.1.1.2 / 24
Gig0/1 - 192.168.1.200 / 24
ip route 0.0.0.0 0.0.0.0 10.1.1.1
255.255.255.0 255.255.255.0
10.1.1.1 10.1.1.2
network 192.168.2.0 Gig0/1------ROUTER1------G
subnet 255.255.255.0 subnet 255.255.255.0
i omitted the following as mention in the lrmoore's post
>ip route 10.1.1.0 255.255.255.0 10.1.1.2
Guys,
i will have to test this tomorrow, cause its abt midnight now.
i will award the points between both of you.
Is it ok?
Thanks for your quick reply.
camacho.
Your diagram is right.
We are using a dedicated private fiber lease line (local ISP) for connection between 2 building.
We need to make sure all users on both internal network need to access both network.
lrmoore,
Default gateway for R1 is their firewall.
we already set a a route for the 192.168.1.0 network pointing to R1 LAN IP.
Thanks for the pointers.
So, after reading your postings,
Is the following config correct
Router 1
Gig0/0 - 10.1.1.1 / 24
Gig0/1 - 192.168.2.200 / 24
ip route 192.168.1.0 255.255.255.0 10.1.1.2
Router 2
Gig0/0 - 10.1.1.2 / 24
Gig0/1 - 192.168.1.200 / 24
ip route 0.0.0.0 0.0.0.0 10.1.1.1
255.255.255.0 255.255.255.0
10.1.1.1 10.1.1.2
network 192.168.2.0 Gig0/1------ROUTER1------G
subnet 255.255.255.0 subnet 255.255.255.0
i omitted the following as mention in the lrmoore's post
>ip route 10.1.1.0 255.255.255.0 10.1.1.2
Guys,
i will have to test this tomorrow, cause its abt midnight now.
i will award the points between both of you.
Is it ok?
R1 also needs a default to the firewall
ip route 0.0.0.0 0.0.0.0 192.168.2.xxx <== xxx = firewall
>Default gateway for R1 is their firewall
What kind of firewall is it? I know for a fact that Cisco PIX will not re-direct packets and the Default gateway absolutely has to change to the R1 LAN interface IP 192.168.2.200
Everything else is good to go
ip route 0.0.0.0 0.0.0.0 192.168.2.xxx <== xxx = firewall
>Default gateway for R1 is their firewall
What kind of firewall is it? I know for a fact that Cisco PIX will not re-direct packets and the Default gateway absolutely has to change to the R1 LAN interface IP 192.168.2.200
Everything else is good to go
Sure no prob. We are glad to help.
lmoore nice to team up with you
Cheers
lmoore nice to team up with you
Cheers
ASKER
Hi guys,
Sorry for the late reply..
Stuck @ customer site last few days.. no internet access.
Your configuration works fine...
Both networks are functioning well.
1 thing to add though.
On Fortigate firewall, have to add a static route for the 10.1.1.0 network in-between the 2 routers.
Such as the following static route (example);
10.1.1.0 255.255.255.0 192.168.2.200
if not, R2 network (192.168.1.0) would not receive any reply from the Firewall interface on R1 network.
For R1 network (192.168.2.0), we point gateway to R1 gig0/1 - 192.168.2.200
**we add the following on Router 1 as recommend by Irmoore;
R1 also needs a default to the firewall
ip route 0.0.0.0 0.0.0.0 192.168.2.xxx <== xxx = firewall
For R2 network (192.168.1.0), we point gateway to R2 gig0/1 - 192.168.1.200
Final question, how to split the points between the both of you guy?
Sorry for the late reply..
Stuck @ customer site last few days.. no internet access.
Your configuration works fine...
Both networks are functioning well.
1 thing to add though.
On Fortigate firewall, have to add a static route for the 10.1.1.0 network in-between the 2 routers.
Such as the following static route (example);
10.1.1.0 255.255.255.0 192.168.2.200
if not, R2 network (192.168.1.0) would not receive any reply from the Firewall interface on R1 network.
For R1 network (192.168.2.0), we point gateway to R1 gig0/1 - 192.168.2.200
**we add the following on Router 1 as recommend by Irmoore;
R1 also needs a default to the firewall
ip route 0.0.0.0 0.0.0.0 192.168.2.xxx <== xxx = firewall
For R2 network (192.168.1.0), we point gateway to R2 gig0/1 - 192.168.1.200
Final question, how to split the points between the both of you guy?
ASKER
hi guys,
Found the Split points option...
Have already split the points equally between the both of you.
Thanks for your help & assistance..
both of you had been a great help to us.
Found the Split points option...
Have already split the points equally between the both of you.
Thanks for your help & assistance..
both of you had been a great help to us.
Thanks 4 the points Amigo, and glad to help
Cheers
Cheers
You should not use the interface as a gateway with Ethernet interfaces. Use instead the IP address of the next hop
Also look at the mask that you have applied. It should be 255.255.255.0 /24 instead of /32 that you show
R1
no ip route 192.168.1.0 255.255.255.255 gigabitethernet0/0
ip route 192.168.1.0 255.255.255.0 10.1.1.2
>Default gateway(internet firewall) is on the 192.168.2.x network
R2
no ip route 192.168.2.0 255.255.255.255 gigbitethernet0/0
ip route 0.0.0.0 10.1.1.1