mmbecks7
asked on
Configuring static default routes on a router
Hi Experts! i hope someone can help.
Here is the scenario:
Router
| | |
| | |
int1| int3
|
int2
int1 - 192.168.0.2/24 - Conected to firewall 192.168.0.1
int2 - 192.168.1.2/24 - Connected to firewall 192.168.1.1
int3 - 10.10.10.1/24 - pc connected to this interface - ip 10.10.10.2 with default gateway 10.10.10.1.
I would like to have 2 default routes on the router. e.g.
ip route 0.0.0.0 0.0.0.0 192.168.0.1
ip route 0.0.0.0. 0.0.0.0 192.168.1.1 250
I can establish connectivity to the outside from the router but not from the pc.
Is there something I am missing? Do I need to create a static route for the 10.10.10.0 range?
Thanks!
Here is the scenario:
Router
| | |
| | |
int1| int3
|
int2
int1 - 192.168.0.2/24 - Conected to firewall 192.168.0.1
int2 - 192.168.1.2/24 - Connected to firewall 192.168.1.1
int3 - 10.10.10.1/24 - pc connected to this interface - ip 10.10.10.2 with default gateway 10.10.10.1.
I would like to have 2 default routes on the router. e.g.
ip route 0.0.0.0 0.0.0.0 192.168.0.1
ip route 0.0.0.0. 0.0.0.0 192.168.1.1 250
I can establish connectivity to the outside from the router but not from the pc.
Is there something I am missing? Do I need to create a static route for the 10.10.10.0 range?
Thanks!
JFrederick29
Does the Firewall have a route to the 10.10.10.0/24 subnet via the router?
ASKER
No..How can I do that?
What type of Firewall is it?
ASKER
Cisco Pix 515
ASKER
Sorry..Pix 506
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I need to add this on both firewalls, right? Also this would this not interfere with the firewall as it is in use?
Thanks
Thanks
No, it won't interfere. Yes, you would add to both Firewalls but the route for the 192.168.1.1 Firewall would be this:
route inside 10.10.10.0 255.255.255.0 192.168.1.2
route inside 10.10.10.0 255.255.255.0 192.168.1.2
ASKER
Thanks for that! What does the NAT command actually do?
It translates the private addresses to public (Internet routable) addresses. It corresponds to the "global" command that should look like such:
global (outside) 1 interface
global (outside) 1 interface
ASKER
I thought it does that automatically...:)
It may NAT everything if setup with "nat (inside) 1 0.0.0.0 0.0.0.0"
ASKER
Thanks for that! I will give this a go tomorrow and let u know :) Would there be another statement with regards to this:
nat (inside) 1 10.10.10.0 255.255.255.0
for the 192.168.1.0 subnet? I always use the pdm for config and am not very familiar with the cli of the pix :)
Thanks
nat (inside) 1 10.10.10.0 255.255.255.0
for the 192.168.1.0 subnet? I always use the pdm for config and am not very familiar with the cli of the pix :)
Thanks
Yeah, there should be or there is a NAT statement that encompasses everything.
ASKER
Just out of curiousity, can I do this thru the pdm interface?
Thanks
Thanks
Yes, you can use PDM.
ASKER
Hi
That worked great! Thanks!! I noticed one thing, when I unplugged the secondary connection and plugged it back in the secondary took over the primary connection for some bizarre reason. I am actually using a Juniper router and used this statement:
set routing-options static route 0.0.0.0/0 next-hop 192.168.0.1
set routing-options static route 0.0.0.0/0 next-hop 192.168.0.1 preference 20
Not sure if I preference is the same as metric in Juniper?? There is also the metric option...Any ideas?
Thanks
That worked great! Thanks!! I noticed one thing, when I unplugged the secondary connection and plugged it back in the secondary took over the primary connection for some bizarre reason. I am actually using a Juniper router and used this statement:
set routing-options static route 0.0.0.0/0 next-hop 192.168.0.1
set routing-options static route 0.0.0.0/0 next-hop 192.168.0.1 preference 20
Not sure if I preference is the same as metric in Juniper?? There is also the metric option...Any ideas?
Thanks
ASKER
Sorry the second statement was:
set routing-options static route 0.0.0.0/0 next-hop 192.168.1.1 preference 20
set routing-options static route 0.0.0.0/0 next-hop 192.168.1.1 preference 20
I would assume it is the same as metric but I'm not sure, I'm not a big Juniper guy :)
ASKER
Would u know why the secondary was taking over? Is 20 not enough? Static route has a metric of 5 right?
The lower the value the better so your best route would be the one to 192.168.0.1. You can confirm by checking the routing table. You should see the default route to 192.168.0.1 in the routing table.
ASKER
Ok..Many thanks for ur help! Appreciated...Points awarded :)