Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Need help routing internet traffic to other network

Posted on 2009-04-07
13
Medium Priority
?
240 Views
Last Modified: 2012-08-14
One of my network locations is losing their direct internet connection and I need to keep them up by routing all of their internet traffic to a second location that has internet connectivity.  The two networks are connected via T1 lines.

I need to change the line that states:
ip route 0.0.0.0 0.0.0.0 10.1.2.6

10.1.2.6 is the firewall on the local end.  The two cisco routers are connected via their own network: 10.1.10.5 (remote) and 10.1.10.6 (local)  The remote network is 10.1.1.0 and the local network is 10.1.2.0.

I tried to replace the line to read 0.0.0.0 0.0.0.0 10.1.1.6 (remote firewall) as well as using 10.1.1.1 (remote ip of cisco router) and even 10.1.10.5.... none of those entries worked, though.

What am I missing?
interface Multilink1
 description Two T1 Multilink to admin
 ip address 10.1.10.6 255.255.255.252
 no cdp enable
 ppp multilink
 multilink-group 1
!
interface FastEthernet0
 ip address 10.1.2.1 255.255.255.0
 speed auto
 half-duplex
!
interface Serial0
 no ip address
 encapsulation ppp
 service-module t1 timeslots 1-24
 ppp multilink
 multilink-group 1
!
interface Serial1
 no ip address
 encapsulation ppp
 ppp multilink
 multilink-group 1
!
router rip
 version 2
 network 10.0.0.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.1.2.6
ip route 10.1.1.0 255.255.255.0 10.1.10.5
no ip http server

Open in new window

0
Comment
Question by:larry
  • 7
  • 6
13 Comments
 
LVL 7

Expert Comment

by:EmpKent
ID: 24092925
Larry,

It sounds like you now want all of your traffic to go through the WAN to the primary site so removing both routes:

ip route 0.0.0.0 0.0.0.0 10.1.2.6
ip route 10.1.1.0 255.255.255.0 10.1.10.5

And replacing them with a single one:

ip route 0.0.0.0 0.0.0.0 10.1.10.5

Should do the trick. You probably do not need RIP enabled on this router.

In that case you could use an ip default gateway command as well.

Kent
0
 

Author Comment

by:larry
ID: 24097420
Thanks Kent,  but for some reason the packets just end at 10.1.10.5 when I do a tracert to the internet.
0
 
LVL 7

Expert Comment

by:EmpKent
ID: 24097464
Larry,

Do you have a default route in the remote router to direct everything to the Inet?

Kent
0
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

 

Author Comment

by:larry
ID: 24097510
Yes, the remote router is routing all 0.0.0.0 traffic to it's firewall, then out to the internet.

router rip
 version 2
 network 10.0.0.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.1.1.6
ip route 10.1.2.0 255.255.255.0 10.1.10.6
ip route 192.168.22.0 255.255.255.0 10.1.1.14
ip route 192.168.42.0 255.255.255.0 10.1.1.14
no ip http server
0
 
LVL 7

Expert Comment

by:EmpKent
ID: 24097621
Larry,

Do you get responses from anything on teh 192.168.22.0 network or any other than the Inet?

Kent
0
 

Author Comment

by:larry
ID: 24097781
You mean from the local side?  The 192. network is on the remote side, but no, the local traffic still ends at 10.1.10.5 when I try to get to 192.  The remote network routes 192 traffic correctly.
0
 
LVL 7

Expert Comment

by:EmpKent
ID: 24098022
OK, so is it safe top say that the only traffic getting back to 10.1.2.0 is that from 10.1.1.0?

Ensure that your local route is ip route 0.0.0.0 0.0.0.0 10.1.10.5.

With this, I am leaning towards an issue in the remote router config, not the local.
0
 

Author Comment

by:larry
ID: 24098282
Yes, that is the local route but it ends at 10.1.10.5.  I think you're right about something going on at the remote router.  I'm not sure why the remote router isn't passing the packets from 10.1.10.5 to the remote firewall, 10.1.1.6?

Attached is the complete config for the remote router.
memory-size iomem 25
ip subnet-zero
!
no ip dhcp-client network-discovery
!
!
!
interface Multilink1
 description Two T1 Multilink to RTP
 ip address 10.1.10.5 255.255.255.252
 no cdp enable
 ppp multilink
 multilink-group 1
!
interface FastEthernet0
 ip address 10.1.1.1 255.255.255.0
 speed auto
 half-duplex
!
interface Serial0
 no ip address
 encapsulation ppp
 service-module t1 clock source internal
 service-module t1 timeslots 1-24
 ppp multilink
 multilink-group 1
!
interface Serial1
 no ip address
 encapsulation ppp
 ppp multilink
 multilink-group 1
!
router rip
 version 2
 network 10.0.0.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.1.1.6
ip route 10.1.2.0 255.255.255.0 10.1.10.6
ip route 192.168.22.0 255.255.255.0 10.1.1.14
ip route 192.168.42.0 255.255.255.0 10.1.1.14
no ip http server

Open in new window

0
 
LVL 7

Expert Comment

by:EmpKent
ID: 24098591
Larry,

Can you post the results of a sh ip route from the remote router?

Kent
0
 
LVL 7

Expert Comment

by:EmpKent
ID: 24098707
Also, debug ip rip.

I think you need to turn RIP off.
0
 

Author Comment

by:larry
ID: 24098909
Sure thing, here's the sh:
Gateway of last resort is 10.1.1.6 to network 0.0.0.0

S    192.168.42.0/24 [1/0] via 10.1.1.14
     10.0.0.0/8 is variably subnetted, 4 subnets, 3 masks
C       10.1.10.4/30 is directly connected, Multilink1
C       10.1.10.6/32 is directly connected, Multilink1
S       10.1.2.0/24 [1/0] via 10.1.10.6
C       10.1.1.0/24 is directly connected, FastEthernet0
S    192.168.22.0/24 [1/0] via 10.1.1.14
S*   0.0.0.0/0 [1/0] via 10.1.1.6

I'll remove RIP, too...

0
 

Accepted Solution

by:
larry earned 0 total points
ID: 24215306
The problem was two-fold.  The routes should have been going to the remote network not the remote router network.  Also, routes needed to be added to the firewall as that was why they were stopping at the remote router.

Being that I didn't receive any responses after my last post, I would like this question closed.
0
 
LVL 7

Expert Comment

by:EmpKent
ID: 24299337
Sorry Larry, I was out of the country on business and then on vacation in Mexico and had no access so I could not get back to you.

I think you can just request the issue be closed and the point refunded.

Thanks,

Kent
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
In this article, the configuration steps in Zabbix to monitor devices via SNMP will be discussed with some real examples on Cisco Router/Switch, Catalyst Switch, NAS Synology device.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question