network design / ip addressing / ip forwardin
Hi Experts, I have a few questions
Here's my setup,
95.x.x.x /29 ) ----- ( T-1 ) ------pt to pt -------- (T-1) -------- ( End Device ) ------| 10.0.0.0/24
adsl modem router router router
public ip
So you have 3 segments here
segment 1 Adsl to router 1
segment 2 router 1 to router 2
segment 3 router 2 to end-user devices
I HAVE THIS SETUP :
Segment 1 subnet 192.168.50.0/30 with
adsl internal ip: 192.168.50.1
router1 ip: 192.168.50.2
Segment 2 subnet 192.168.50.4/30
router 1 ip: 192.168.50.5
router 2 ip: 192.168.50.6
Segment 3 subnet 192.168.51.0/24
router 2 ip: 192.168.51.1
My Lan needs to be 10.0.0.0 /24
How do I forward my Public Ip address across the 2 segments to be able to login to my end device :
whats my gateway for my end device ?
Thanks
Here's my setup,
95.x.x.x /29 ) ----- ( T-1 ) ------pt to pt -------- (T-1) -------- ( End Device ) ------| 10.0.0.0/24
adsl modem router router router
public ip
So you have 3 segments here
segment 1 Adsl to router 1
segment 2 router 1 to router 2
segment 3 router 2 to end-user devices
I HAVE THIS SETUP :
Segment 1 subnet 192.168.50.0/30 with
adsl internal ip: 192.168.50.1
router1 ip: 192.168.50.2
Segment 2 subnet 192.168.50.4/30
router 1 ip: 192.168.50.5
router 2 ip: 192.168.50.6
Segment 3 subnet 192.168.51.0/24
router 2 ip: 192.168.51.1
My Lan needs to be 10.0.0.0 /24
How do I forward my Public Ip address across the 2 segments to be able to login to my end device :
whats my gateway for my end device ?
Thanks
ASKER
I have no added routing configs only the ip design in place.
Note : My goal is not to have 3 networks , I only need my end device to communicate to the internet and I should be able to access it preferably with an unnated solution.
The routers in between are only for extending the networks public ip.
does this make sense ?
Note : My goal is not to have 3 networks , I only need my end device to communicate to the internet and I should be able to access it preferably with an unnated solution.
The routers in between are only for extending the networks public ip.
does this make sense ?
You have to use NAT going from a public IP to a private IP and vice versa.
>and I should be able to access it preferably with an unnated solution.
You do not need to use NAT to accomplish what you are wanting to do if I understand you correctly
is the 95.x.x.x /29 a routed subnet to a /30 or do you want to use an IP from 95.x.x.x /29
for a host in the 10.0.0.0/24?
You do not need to use NAT to accomplish what you are wanting to do if I understand you correctly
is the 95.x.x.x /29 a routed subnet to a /30 or do you want to use an IP from 95.x.x.x /29
for a host in the 10.0.0.0/24?
ASKER
yes I believe you got it excpet for the part of using a 95 ip on my end device. Those 3 networks segments are setup with private ips so my end device will have a private ip with the ability to be accessed using the 95.x.x.x. /29
so then you will have to use NAT for that then; there is no way around this.
ASKER
the 95.x.x.x will NAT to my end device ??
>the 95.x.x.x will NAT to my end device ??
as long as all your internal routing is setup, yes.
Something like
interface x/x <---interface connecting to inside network
ip nat inside
interface x/x <---- interface connecting to ADSL router (with public IP)
ip nat outside
ip nat inside source list 100 interface FastEthernetx/x overload <---- interface for outside
ip nat inside source static tcp 10.0.0.2 22 95.x.x.x 22 extenable
access-list 100 permit ip 10.0.0.0 0.0.0.255 any
Billy
as long as all your internal routing is setup, yes.
Something like
interface x/x <---interface connecting to inside network
ip nat inside
interface x/x <---- interface connecting to ADSL router (with public IP)
ip nat outside
ip nat inside source list 100 interface FastEthernetx/x overload <---- interface for outside
ip nat inside source static tcp 10.0.0.2 22 95.x.x.x 22 extenable
access-list 100 permit ip 10.0.0.0 0.0.0.255 any
Billy
You need to perform static NAT on your ADSL router mapping the internet address to the private address you'll use on your end device.
You'll also need to make sure that your adsl router can route to the end router and that the end router can route back to the internet.
Either use static routes, or setup a dynamic routing protocol such as RIP or OSPF on all your devices.
If using dynamic routing, remember to advertise your ADSL routers default route (route to the internet) back into the routing protocol so that all routers will no how to reach the internet.
You'll also need to make sure that your adsl router can route to the end router and that the end router can route back to the internet.
Either use static routes, or setup a dynamic routing protocol such as RIP or OSPF on all your devices.
If using dynamic routing, remember to advertise your ADSL routers default route (route to the internet) back into the routing protocol so that all routers will no how to reach the internet.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks - Modem is now bridged and am able to accest the first router downstream. Rather than having two routers before my end device as previously stated I was able to eliminate one of the routers from the setup and can now terminate the access on my end device.
95.x.x.x /29 ) --------- ( T-1 ) ------pt to pt ------ (End Device ) ------| 10.0.0.0/24
adsl modem 1st router 2nd router Lan
Question: How do I adrress to be able to access directly - using a public ip from my /29 pool ?
95.x.x.x /29 ) --------- ( T-1 ) ------pt to pt ------ (End Device ) ------| 10.0.0.0/24
adsl modem 1st router 2nd router Lan
Question: How do I adrress to be able to access directly - using a public ip from my /29 pool ?
Please post your 1st t1 router config
ASKER
Here are the relevant configs . Thanks.
hostname "router_01"
!
ip subnet-zero
ip classless
ip routing
!
!
no auto-config
!
event-history on
no logging forwarding
no logging email
!
no ip firewall alg msn
no ip firewall alg mszone
no ip firewall alg h323
!
!
interface eth 0/1
description ***Connection to ADSL Modem ****
no ip address
no shutdown
!
!
!
interface t1 1/1
clock source internal
shutdown
!
interface t1 1/2
description ***Connection to End Device T1/1***
clock source internal
tdm-group 1 timeslots 1-24 speed 64
no shutdown
!
interface ppp 1
ip unnumbered ppp 2
no shutdown
cross-connect 1 t1 1/2 1 ppp 1
!
interface ppp 2
ip address 95.xx.xx.222 255.255.255.248
no fair-queue
ppp chap hostname
ppp chap password
no shutdown
cross-connect 2 eth 0/1 ppp 2
!
interface hdlc 1
no ip address
no shutdown
!
!
!
ip route 0.0.0.0 0.0.0.0 ppp 2
end
ASKER
Thanks bridgin htr modem was a much easier solution and making first router pppoe with isp.
1. Add a static NAT rule
2. Route public IP address acrossed your Private backbone
If 95.x.x.x /29 is a routed subnet and not attached to an interface you can add static routes on each of the routers in the path
First T1 router:
ip route 95.x.x.x 255.255.255.248 192.168.50.6
Second T1 router:
ip route 95.x.x.x 255.255.255.248 192.168.51.1
Or depending on where you are natting, you would add static nat statments for the Inside addresses that you wanted to extend to.
Are you able to post your configs?
Billy