Help setting up static routes to alternate IP Block

Hello all,

Our ISP has assigned us two IP blocks (both /24).  We are using our Cisco 2811 to access the first IP block without any problems.

If we want to access the second IP block, the ISP is saying that everything on their end is setup correctly - we just need to setup our router (we own/manage it, so they cannot config it).

These blocks are completely different.  I believe all I have to do is setup a static route to the block, but when I've done this and I still can't seem to access anything.  The static statement I wrote is:

ip route 129.x.x.0 255.255.255.0 "WAN Network Side IP"
The ISP assigned us the WAN Network Side and Customer Side IP addresses for the block.  I tried both with the same result.

does any one have some guidance or perhaps a sample config showing a router accessing two different IP blocks?

Please let me know if you need any additional info.

Thanks all

ustdaAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

jonmckinlayCommented:
can you ping "WAN Network Side IP" from your router at present? if this address is unreachable then the routing statement won't become active.

You could as an alternative make the route connected by pointing the route to the interface, example "ip route 129.x.x.0 255.255.255.0 serial 1/0"

0
bhnmiCommented:
You need to assign the new IP's to an interface be it subinterface or as a secondary IP address.
0
ustdaAuthor Commented:
No, I can't, but funny enough I can ping the Customer Side IP address (which would technically be the IP of the Serial interface if this was the only IP block on the router) and I get a response from the Network Side IP address with a "TTL Expired in transit".

The IP block is setup like so:
129.x.x.0 / 24 is our block
65.x.x.88/30 is our Circuit block
.89 is the network side (i.e. the gateway)
.90 is the customer side (i.e. the serial interface)

I'll try the serial method you mentioned mckinlay.
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

ustdaAuthor Commented:
bhnmi - do you have any examples of how to do this?
0
bhnmiCommented:
Everything is coming over the same serial connection? Perhaps you can post a sample of your current configuration and I can see if I can show you what to change.
0
ustdaAuthor Commented:
Yes, everything is coming down the same serial connection (it's four bonded T1s).  Attached is my config less sensitive info:
ustdagw1#show config
Using 3354 out of 245752 bytes
!
! Last configuration change at 15:51:55 NewYork Mon Feb 4 2008 by ustdartr
! NVRAM config last updated at 15:51:56 NewYork Mon Feb 4 2008 by ustdartr
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
service sequence-numbers
!
hostname gw1
!
boot-start-marker
boot-end-marker
!
card type t1 0 0
card type t1 0 1
security authentication failure rate 3 log
security passwords min-length 8
logging buffered 51200 debugging
enable secret 5 $1$FKx3$6yRhD3Jqf.zKjdwwvYPbj1
!
no aaa new-model
!
resource policy
!
clock timezone NewYork -5
clock summer-time NewYork date Apr 6 2003 2:00 Oct 26 2003 2:00
no network-clock-participate wic 0
no network-clock-participate wic 1
ip subnet-zero
no ip source-route
ip tcp synwait-time 10
!
!
ip cef
!
!
no ip bootp server
ip domain name domain.com
ip name-server 208.67.222.222
ip name-server 208.67.220.220
!
username usrrtr privilege 15 secret 5 $1$gx3W$x3dgiRTu34ppaFvjPhjZ80
!
!
controller T1 0/0/0
 framing esf
 linecode b8zs
 channel-group 1 timeslots 1-24
!
controller T1 0/0/1
 framing esf
 linecode b8zs
 channel-group 1 timeslots 1-24
!
controller T1 0/1/0
 framing esf
 linecode b8zs
 channel-group 1 timeslots 1-24
!
controller T1 0/1/1
 framing esf
 linecode b8zs
 channel-group 1 timeslots 1-24
!
!
interface Multilink1
 description $FW_OUTSIDE$
 ip address 216.x.x.82 255.255.255.252
 no ip redirects
 no ip proxy-arp
 ip route-cache flow
 load-interval 30
 no cdp enable
 ppp multilink
 ppp multilink fragment disable
 ppp multilink group 1
 max-reserved-bandwidth 100
!
interface FastEthernet0/0
 description $FW_INSIDE$
 ip address 207.x.x.1 255.255.255.0
 no ip redirects
 no ip proxy-arp
 ip route-cache flow
 duplex full
 speed 100
 no mop enabled
!
interface FastEthernet0/1
 no ip address
 no ip redirects
 no ip proxy-arp
 ip route-cache flow
 shutdown
 duplex auto
 speed auto
 no mop enabled
!
interface Serial0/0/0:1
 description Link 1
 no ip address
 no ip redirects
 no ip proxy-arp
 encapsulation ppp
 ip route-cache flow
 no fair-queue
 no cdp enable
 ppp multilink
 ppp multilink group 1
 max-reserved-bandwidth 100
!
interface Serial0/0/1:1
 description Link 2
 no ip address
 no ip redirects
 no ip proxy-arp
 encapsulation ppp
 ip route-cache flow
 no fair-queue
 no cdp enable
 ppp multilink
 ppp multilink group 1
 max-reserved-bandwidth 100
!
interface Serial0/1/0:1
 description Link 3
 no ip address
 no ip redirects
 no ip proxy-arp
 encapsulation ppp
 ip route-cache flow
 no fair-queue
 no cdp enable
 ppp multilink
 ppp multilink group 1
 max-reserved-bandwidth 100
!
interface Serial0/1/1:1
 description Link 4
 no ip address
 no ip redirects
 no ip proxy-arp
 encapsulation ppp
 ip route-cache flow
 no fair-queue
 no cdp enable
 ppp multilink
 ppp multilink group 1
 max-reserved-bandwidth 100
!
ip default-gateway 216.x.x.81
ip classless
ip route 0.0.0.0 0.0.0.0 216.x.x.81
!
ip http server
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
!
no cdp run
!
control-plane
!
!
line con 0
 login local
 transport output telnet
line aux 0
 login local
 transport output telnet
line vty 0 4
 privilege level 15
 login local
 transport input telnet
!
scheduler allocate 20000 1000
!
end

Open in new window

0
bhnmiCommented:
You would add an IP from the block the the Multilink interface

ip x.x.x.x .x.x.x.x secondary

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ustdaAuthor Commented:
hmm, ok - do I need to add any route statements?  I added my Network Side IP as a secondary IP to the multilink but I still can't ping the Customer Side IP.
0
bhnmiCommented:
Need a route to define the next hop for the new IP addresses.
0
ustdaAuthor Commented:
ok, I don't think that it would look like this:
ip route 0.0.0.0 0.0.0.0 65.x.x.89

I'm assuming that if I placed that statement in place, it might cut my access off since I already have a similar statement loaded:
ip route 0.0.0.0 0.0.0.0 216.x.x.81

So how would I write the statement exactly?
0
bhnmiCommented:
I would define the new block in the x.x.x.x x.x.x.x (Gateway IP for new block) I think...


So basically we want all traffic destined for the new IP block to route to the gateway for that block.
0
ustdaAuthor Commented:
ok, so something like this then:

ip route 129.x.x.0 255.255.255.0 65.x.x.89

Does that look right?
0
bhnmiCommented:
God, my brain is stalling. 65.x.x.89 is the gateway for the new block? 129.x.x.0/24 is the new block?They gave you that whole block?
0
ustdaAuthor Commented:
me too. :)

yes, yes & yes to all your questions.
0
bhnmiCommented:
Well, then I would give it a try. I mean you aren't using the IP's yet so we cant really mess up any traffic going over them and the new routes wont effect the current routes.

The ISP  wont help at all with the config??
0
bhnmiCommented:
We didn't kill the network did we?
0
ustdaAuthor Commented:
Sorry for the delay in response - I got pulled away and wasn't able to continue work on it until this morning.

So, it ended up working, but the one piece that was missing was , that I had to add a secondary IP to FastEthernet0/0 ... the .1 address of my block, so that anything using an IP from that block past my firewall had a gateway to point to.

I guess my question is, what do you do when you have more than two blocks of IPs?  It clearly works fine with two, but what if you wanted more?
0
bhnmiCommented:
Geez, I dont know off the top of my head. Never really had more the two blocks and then only at select locations.
0
ustdaAuthor Commented:
Well, till another day - all is good for now!

Thanks!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Routers

From novice to tech pro — start learning today.