Solved

Cisco Static routing problem

Posted on 2007-03-20
2
219 Views
Last Modified: 2010-08-05
I'm having a routing problem I could use some help with. Here is my network.

       
                                                                            DSL to Internet
                                                                                   |
                                                                                   |
192.168.2.0/24 network----cisco 2600 #1----T1----cisco 2600 #2-----firewall-----192.168.0.0/24


Here are the important details of Cisco 2600 #2 config

interface f/o
ip addr 192.168.0.5 255.255.255.0   (This is the ethernet port that looks at the firewall)
ip nat inside

interface s/0/0
ip addr 192.168.1.1 25 (This is the serial to the T1)
ip nat inside

int f1/0
ip addr 65.xxx.xxx.xxx 255.255.255.128
ip nat outside

ip nat inside source list 1 int f1/0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 65.xxx.xxx.xxx.xxx
ip route 192.168.2.0 255.255.255.0 192.168.1.2

access list 1 permit 192.168.0.0 0.0.3.255

Withe this config I can ping from 192.168.2.0 to the Internet, but not 192.168.0.0/24

Am I missing a route that would allow that? I have bypassed the FW so i don't think that's my problem. Appreceate some help. Thanks.

Rick
0
Comment
Question by:BigfootSunRa
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 10

Accepted Solution

by:
Sorenson earned 500 total points
ID: 18759037
post "show ip route" from 2600 #1 and 2600 #2 please.
If it is not a routing issue, you may need to exclude the networks from the "overload" statement.

(create new access-list 100)
access-list 100 deny ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 100 deny ip 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 100 permit ip 192.168.0.0 0.0.3.255 any

(then attach it to the overload command)
(turn off nat (disrupt internet :)  )  )
========
!
int f1/0
 no ip nat outside
!
do clear ip nat trans *
!
no ip nat inside source list 1 intf1/0 overload
ip nat inside source list 100 intf1/0 overload
!
int f1/0
 ip nat outside
!
==========
access-list 100 will then not allow packets from 192.168.1.x <--> 192.168.2.x to be translated.
all other internet will pick up nat.
0
 

Author Comment

by:BigfootSunRa
ID: 18760325
It looks like I've found the answer. I think it was firewall problem after all. Thanks.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is a guide to configure bridging on Cisco Routers.  This is something I never knew was possible until after making a few phone calls to Cisco.  Using bridging saved our company money by not requiring us to purchase a new switch.  Bridgi…
There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question