Solved

Need help routing internet traffic to other network

Posted on 2009-04-07
13
232 Views
Last Modified: 2012-08-14
One of my network locations is losing their direct internet connection and I need to keep them up by routing all of their internet traffic to a second location that has internet connectivity.  The two networks are connected via T1 lines.

I need to change the line that states:
ip route 0.0.0.0 0.0.0.0 10.1.2.6

10.1.2.6 is the firewall on the local end.  The two cisco routers are connected via their own network: 10.1.10.5 (remote) and 10.1.10.6 (local)  The remote network is 10.1.1.0 and the local network is 10.1.2.0.

I tried to replace the line to read 0.0.0.0 0.0.0.0 10.1.1.6 (remote firewall) as well as using 10.1.1.1 (remote ip of cisco router) and even 10.1.10.5.... none of those entries worked, though.

What am I missing?
interface Multilink1
 description Two T1 Multilink to admin
 ip address 10.1.10.6 255.255.255.252
 no cdp enable
 ppp multilink
 multilink-group 1
!
interface FastEthernet0
 ip address 10.1.2.1 255.255.255.0
 speed auto
 half-duplex
!
interface Serial0
 no ip address
 encapsulation ppp
 service-module t1 timeslots 1-24
 ppp multilink
 multilink-group 1
!
interface Serial1
 no ip address
 encapsulation ppp
 ppp multilink
 multilink-group 1
!
router rip
 version 2
 network 10.0.0.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.1.2.6
ip route 10.1.1.0 255.255.255.0 10.1.10.5
no ip http server

Open in new window

0
Comment
Question by:larry
  • 7
  • 6
13 Comments
 
LVL 7

Expert Comment

by:EmpKent
ID: 24092925
Larry,

It sounds like you now want all of your traffic to go through the WAN to the primary site so removing both routes:

ip route 0.0.0.0 0.0.0.0 10.1.2.6
ip route 10.1.1.0 255.255.255.0 10.1.10.5

And replacing them with a single one:

ip route 0.0.0.0 0.0.0.0 10.1.10.5

Should do the trick. You probably do not need RIP enabled on this router.

In that case you could use an ip default gateway command as well.

Kent
0
 

Author Comment

by:larry
ID: 24097420
Thanks Kent,  but for some reason the packets just end at 10.1.10.5 when I do a tracert to the internet.
0
 
LVL 7

Expert Comment

by:EmpKent
ID: 24097464
Larry,

Do you have a default route in the remote router to direct everything to the Inet?

Kent
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:larry
ID: 24097510
Yes, the remote router is routing all 0.0.0.0 traffic to it's firewall, then out to the internet.

router rip
 version 2
 network 10.0.0.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.1.1.6
ip route 10.1.2.0 255.255.255.0 10.1.10.6
ip route 192.168.22.0 255.255.255.0 10.1.1.14
ip route 192.168.42.0 255.255.255.0 10.1.1.14
no ip http server
0
 
LVL 7

Expert Comment

by:EmpKent
ID: 24097621
Larry,

Do you get responses from anything on teh 192.168.22.0 network or any other than the Inet?

Kent
0
 

Author Comment

by:larry
ID: 24097781
You mean from the local side?  The 192. network is on the remote side, but no, the local traffic still ends at 10.1.10.5 when I try to get to 192.  The remote network routes 192 traffic correctly.
0
 
LVL 7

Expert Comment

by:EmpKent
ID: 24098022
OK, so is it safe top say that the only traffic getting back to 10.1.2.0 is that from 10.1.1.0?

Ensure that your local route is ip route 0.0.0.0 0.0.0.0 10.1.10.5.

With this, I am leaning towards an issue in the remote router config, not the local.
0
 

Author Comment

by:larry
ID: 24098282
Yes, that is the local route but it ends at 10.1.10.5.  I think you're right about something going on at the remote router.  I'm not sure why the remote router isn't passing the packets from 10.1.10.5 to the remote firewall, 10.1.1.6?

Attached is the complete config for the remote router.
memory-size iomem 25
ip subnet-zero
!
no ip dhcp-client network-discovery
!
!
!
interface Multilink1
 description Two T1 Multilink to RTP
 ip address 10.1.10.5 255.255.255.252
 no cdp enable
 ppp multilink
 multilink-group 1
!
interface FastEthernet0
 ip address 10.1.1.1 255.255.255.0
 speed auto
 half-duplex
!
interface Serial0
 no ip address
 encapsulation ppp
 service-module t1 clock source internal
 service-module t1 timeslots 1-24
 ppp multilink
 multilink-group 1
!
interface Serial1
 no ip address
 encapsulation ppp
 ppp multilink
 multilink-group 1
!
router rip
 version 2
 network 10.0.0.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.1.1.6
ip route 10.1.2.0 255.255.255.0 10.1.10.6
ip route 192.168.22.0 255.255.255.0 10.1.1.14
ip route 192.168.42.0 255.255.255.0 10.1.1.14
no ip http server

Open in new window

0
 
LVL 7

Expert Comment

by:EmpKent
ID: 24098591
Larry,

Can you post the results of a sh ip route from the remote router?

Kent
0
 
LVL 7

Expert Comment

by:EmpKent
ID: 24098707
Also, debug ip rip.

I think you need to turn RIP off.
0
 

Author Comment

by:larry
ID: 24098909
Sure thing, here's the sh:
Gateway of last resort is 10.1.1.6 to network 0.0.0.0

S    192.168.42.0/24 [1/0] via 10.1.1.14
     10.0.0.0/8 is variably subnetted, 4 subnets, 3 masks
C       10.1.10.4/30 is directly connected, Multilink1
C       10.1.10.6/32 is directly connected, Multilink1
S       10.1.2.0/24 [1/0] via 10.1.10.6
C       10.1.1.0/24 is directly connected, FastEthernet0
S    192.168.22.0/24 [1/0] via 10.1.1.14
S*   0.0.0.0/0 [1/0] via 10.1.1.6

I'll remove RIP, too...

0
 

Accepted Solution

by:
larry earned 0 total points
ID: 24215306
The problem was two-fold.  The routes should have been going to the remote network not the remote router network.  Also, routes needed to be added to the firewall as that was why they were stopping at the remote router.

Being that I didn't receive any responses after my last post, I would like this question closed.
0
 
LVL 7

Expert Comment

by:EmpKent
ID: 24299337
Sorry Larry, I was out of the country on business and then on vacation in Mexico and had no access so I could not get back to you.

I think you can just request the issue be closed and the point refunded.

Thanks,

Kent
0

Featured Post

Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question