• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 415
  • Last Modified:

Cisco Routing Issue

I have Router 1 plugged into the UnWired modem. The UnWired modem assigns a global DHCP address to the fa 0/0 of Router 1.

I have a notebook and a NAS plugged into another Cisco router, Router 2, through a 1900 switch.

Router 1 is connected to Router 2 through serial interface. The private networks being used between router 1 and router 2 are 172.16.0.0 255.255.0.0

The private network being used between Router 2 and the end devices is 192.168.0.0 255.255.255.0.

I have enabled NAT on router 1, the one connected to unWired. I have also enabled RIP version 2 between the two routers.  I have used the command default information-originate on Router 1 so that the default route assigned by the DHCP on unwired gets propagated down to router 2.

Router 1, can ping any domain name on the internet. However, for some reason Router 2's traffic cannot be routed to the public internet by router 1.

When I try to do a debug ip ICMP, i get the following errors

ICMP: time exceeded (time to live) sent to 192.168.0.10 (dest was 72.14.207.99)  
ICMP: time exceeded (time to live) sent to 192.168.0.10 (dest was 72.14.207.99)

192.168.0.10 is the IP address of my notebook.

When I do a tracert from my notebook I note that Router 2 correctly sends the traffic to router 1. but some how router 1 doesnt know what to do with it although there is a default route set on it.

I am copy pasting the config files over here.

Config for Router 1.(The one connected to UnWired Modem)

Hostname UnWired
interface FastEthernet0/0
 description Connection to the UnWired Mmodem
 ip address dhcp client-id FastEthernet0/0
 ip nat outside
 duplex auto
 speed auto

interface Serial0/0
 description Connection to the Middle Router
 ip address 172.16.0.1 255.255.0.0
 ip nat inside
 no fair-queue
!

router rip
 version 2
 network 172.16.0.0
 default-information originate
!
ip nat inside source list 15 interface Serial0/0 overload
ip nat inside source list 16 interface Serial0/0 overload
ip http server
!
access-list 15 permit 192.168.0.0 0.0.0.255
access-list 16 permit 172.16.0.0 0.0.255.255

Config for Router 2. The one connecting the notebook and NAS.


Hostname Middle
interface FastEthernet0/0
 description Connection to NAS and Notebook
 ip address 192.168.0.1 255.255.255.0
 duplex auto
 speed auto
!


interface Serial0/1
 description Connection to the UnWired Router
 ip address 172.16.0.2 255.255.0.0
 clock rate 56000
!
router rip
 version 2
 network 172.16.0.0
 network 192.168.0.0


Here are the routing tables from Router 1 and Router 2.

Router 1
 
                    Gateway of last resort is 125.63.133.1 to network 0.0.0.0

C   172.16.0.0/16 is directly connected, Serial0/0
     10.0.0.0/32 is subnetted, 1 subnets

S   10.11.1.11 [254/0] via 125.63.133.1, FastEthernet0/0
     125.0.0.0/24 is subnetted, 1 subnets

C   125.63.133.0 is directly connected, FastEthernet0/0

R   192.168.0.0/24 [120/1] via 172.16.0.2, 00:00:00, Serial0/0

S*   0.0.0.0/0 [254/0] via 125.63.133.1

Router 2
 
                    Gateway of last resort is 172.16.0.1 to network 0.0.0.0

C    172.16.0.0/16 is directly connected, Serial0/1
C    192.168.0.0/24 is directly connected, FastEthernet0/0
R*   0.0.0.0/0 [120/1] via 172.16.0.1, 00:00:07, Serial0/1

Any idea whats wrong?

Why cant my notebook access the internet? I have set the DNS servers to the IP address of the DNS servers of UnWired.
Config for Router 1.(The one connected to UnWired Modem)
 
Hostname UnWired
interface FastEthernet0/0
 description Connection to the UnWired Mmodem
 ip address dhcp client-id FastEthernet0/0
 ip nat outside
 duplex auto
 speed auto
 
interface Serial0/0
 description Connection to the Middle Router
 ip address 172.16.0.1 255.255.0.0
 ip nat inside
 no fair-queue
!
 
router rip
 version 2
 network 172.16.0.0
 default-information originate
!
ip nat inside source list 15 interface Serial0/0 overload
ip nat inside source list 16 interface Serial0/0 overload
ip http server
!
access-list 15 permit 192.168.0.0 0.0.0.255
access-list 16 permit 172.16.0.0 0.0.255.255
 
Config for Router 2. The one connecting the notebook and NAS.
 
 
Hostname Middle
interface FastEthernet0/0
 description Connection to NAS and Notebook
 ip address 192.168.0.1 255.255.255.0
 duplex auto
 speed auto
!
 
 
interface Serial0/1
 description Connection to the UnWired Router
 ip address 172.16.0.2 255.255.0.0
 clock rate 56000
!
router rip
 version 2
 network 172.16.0.0
 network 192.168.0.0
 
 
Here are the routing tables from Router 1 and Router 2.
 
Router 1
 
                    Gateway of last resort is 125.63.133.1 to network 0.0.0.0
 
C   172.16.0.0/16 is directly connected, Serial0/0
     10.0.0.0/32 is subnetted, 1 subnets
 
S   10.11.1.11 [254/0] via 125.63.133.1, FastEthernet0/0
     125.0.0.0/24 is subnetted, 1 subnets
 
C   125.63.133.0 is directly connected, FastEthernet0/0
 
R   192.168.0.0/24 [120/1] via 172.16.0.2, 00:00:00, Serial0/0
 
S*   0.0.0.0/0 [254/0] via 125.63.133.1
 
Router 2
 
                    Gateway of last resort is 172.16.0.1 to network 0.0.0.0
 
C    172.16.0.0/16 is directly connected, Serial0/1
C    192.168.0.0/24 is directly connected, FastEthernet0/0
R*   0.0.0.0/0 [120/1] via 172.16.0.1, 00:00:07, Serial0/1

Open in new window

0
zorawar_bahadur
Asked:
zorawar_bahadur
  • 5
  • 4
1 Solution
 
Don JohnstonInstructorCommented:
You need to change the NAT statements
ip nat inside source list 15 interface Serial0/0 overload
!
access-list 15 permit 192.168.0.0 0.0.0.255
access-list 15 permit 172.16.0.0 0.0.255.255

Open in new window

0
 
zorawar_bahadurAuthor Commented:
that didnt work either.

I tried static NAT, and it worked but the speed is crap.

0
 
Don JohnstonInstructorCommented:
This message would indicate that the packet is looping.

> ICMP: time exceeded (time to live) sent to 192.168.0.10 (dest was 72.14.207.99)

Can Router 2 get to the internet? If not, can you change the IP address for the serial link? Something like 192.168.1.0/24.

This shouldn't be necessary, but when troubleshooting...
0
Get Certified for a Job in Cybersecurity

Want an exciting career in an emerging field? Earn your MS in Cybersecurity and get certified in ethical hacking or computer forensic investigation. WGU’s MSCSIA degree program was designed to meet the most recent U.S. Department of Homeland Security (DHS) and NSA guidelines.  

 
zorawar_bahadurAuthor Commented:
forget about router 2.

Even router 1's internal IP address cannot ping google.com

I tried extended ping and used the serial 0/0 as the source IP address. it didnt work.

its the issue with NATing.

static NAT worked.
0
 
Don JohnstonInstructorCommented:
Please ping from a host and then post the output (from Router1) of a "show ip nat stat" and "show ip nat trans"
0
 
zorawar_bahadurAuthor Commented:
Should I do it with the config I have posted above? or with the one I changed and made it work? I used static one to one NAT and it worked. but the speed is so crap.
0
 
Don JohnstonInstructorCommented:
Try it with PAT (overloading).
0
 
zorawar_bahadurAuthor Commented:
Ok will do that a little bit later.

in another 3 or 4 hours.

I am at office right now.
0
 
Don JohnstonInstructorCommented:
So what was the problem?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Become an IT Security Management Expert

In today’s fast-paced, digitally transformed world of business, the need to protect network data and ensure cloud privacy has never been greater. With a B.S. in Network Operations and Security, you can get the credentials it takes to become an IT security management expert.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now