Solved

network design / ip addressing / ip forwardin

Posted on 2011-03-10
15
339 Views
Last Modified: 2012-05-11
Hi Experts, I have a few questions

Here's my setup,

 95.x.x.x /29 ) ----- ( T-1 ) ------pt to pt -------- (T-1)  -------- ( End Device )   ------| 10.0.0.0/24
  adsl modem           router                          router                     router
     public ip
 


So you have 3 segments here
segment 1   Adsl to router 1
segment 2   router 1 to router 2
segment 3   router 2 to end-user devices


I HAVE THIS SETUP :

Segment 1 subnet 192.168.50.0/30  with
adsl internal ip: 192.168.50.1
router1 ip: 192.168.50.2  


Segment 2 subnet 192.168.50.4/30
router 1 ip: 192.168.50.5
router 2 ip: 192.168.50.6

Segment 3 subnet 192.168.51.0/24
router 2 ip: 192.168.51.1

My Lan needs to be 10.0.0.0 /24

How do I forward my Public Ip address across the 2 segments to be able to login to my end device :

whats my gateway for my end device ?


Thanks
0
Comment
Question by:cisco20
  • 6
  • 6
  • 2
  • +1
15 Comments
 
LVL 24

Expert Comment

by:rfc1180
ID: 35099567
There are several ways to ccomplish what you want to do:

1. Add a static NAT rule
2. Route public IP address acrossed your Private backbone

If  95.x.x.x /29 is a routed subnet and not attached to an interface you can add static routes on each of the routers in the path

First T1 router:

ip route 95.x.x.x 255.255.255.248  192.168.50.6

Second T1 router:

ip route 95.x.x.x 255.255.255.248 192.168.51.1

Or depending on where you are natting, you would add static nat statments for the Inside addresses that you wanted to extend to.

Are you able to post your configs?

Billy
0
 

Author Comment

by:cisco20
ID: 35099889
I have no added routing configs only the ip design in place.

Note : My goal is not to have 3 networks , I only need my end device to communicate to the internet and I should be able to access it preferably with an unnated solution.

The routers in between are only for extending the networks public ip.

does this make sense ?
0
 
LVL 13

Expert Comment

by:kdearing
ID: 35100591
You have to use NAT going from a public IP to a private IP and vice versa.
0
 
LVL 24

Expert Comment

by:rfc1180
ID: 35100730
>and I should be able to access it preferably with an unnated solution.
You do not need to use NAT to accomplish what you are wanting to do if I understand you correctly

is the 95.x.x.x /29 a routed subnet to a /30 or do you want to use an IP from 95.x.x.x /29
for a host in the 10.0.0.0/24?
0
 

Author Comment

by:cisco20
ID: 35100884
yes I believe you got it excpet for the part of using a 95 ip on my end device. Those 3 networks segments are setup with private ips so my end device will have a private ip with the ability to be accessed using the 95.x.x.x. /29  
0
 
LVL 24

Expert Comment

by:rfc1180
ID: 35100979
so then you will have to use NAT for that then; there is no way around this.
0
 

Author Comment

by:cisco20
ID: 35101237
the 95.x.x.x will NAT to my end device ??
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 24

Expert Comment

by:rfc1180
ID: 35101355
>the 95.x.x.x will NAT to my end device ??
as long as all your internal routing is setup, yes.

Something like

interface x/x <---interface connecting to inside network
ip nat inside

interface x/x <---- interface connecting to ADSL router (with public IP)
ip nat outside

ip nat inside source list 100 interface FastEthernetx/x overload   <---- interface for outside
ip nat inside source static tcp 10.0.0.2 22 95.x.x.x 22 extenable    

access-list 100 permit ip 10.0.0.0 0.0.0.255 any

Billy





0
 
LVL 3

Expert Comment

by:alexjfisher
ID: 35101564
You need to perform static NAT on your ADSL router mapping the internet address to the private address you'll use on your end device.

You'll also need to make sure that your adsl router can route to the end router and that the end router can route back to the internet.

Either use static routes, or setup a dynamic routing protocol such as RIP or OSPF on all your devices.
If using dynamic routing, remember to advertise your ADSL routers default route (route to the internet) back into the routing protocol so that all routers will no how to reach the internet.
0
 
LVL 24

Accepted Solution

by:
rfc1180 earned 250 total points
ID: 35101615
>You need to perform static NAT on your ADSL router mapping the internet address to the private address you'll use on your end device.

Correct, my example is assuming that the ADSL router is capable of being configured in RFC1483 bridge mode and moving the IP space to the T1 Router; either case, NAT is needed.
0
 
LVL 3

Assisted Solution

by:alexjfisher
alexjfisher earned 250 total points
ID: 35101983
Correct, my example is assuming that the ADSL router is capable of being configured in RFC1483 bridge mode and moving the IP space to the T1 Router; either case, NAT is needed.

Agreed.  It really depends on what the 'ADSL modem' is.  Is it just an ethernet ADSL modem, (I just ordered a pair of Dreytek Vigor 120s today - can't recommend them enough) or is it a complete router platform?  If it's a router, can it do RIP or OSPF?  If not, the best solution is probably to configure it in bridge mode if possible and leave all the routing to the 'proper' routers.
0
 

Author Comment

by:cisco20
ID: 35130463
Thanks - Modem is now bridged and am able to accest the first router downstream. Rather than having two routers before my end device as previously stated I was able to eliminate one of the routers from the setup and can now terminate the access on my end device.


95.x.x.x /29 ) --------- ( T-1 ) ------pt to pt ------ (End Device )   ------| 10.0.0.0/24
  adsl modem            1st router                              2nd  router                     Lan


Question: How do I adrress to be able to access directly - using a public ip from my /29 pool ?


0
 
LVL 24

Expert Comment

by:rfc1180
ID: 35130776
Please post your 1st t1 router config
0
 

Author Comment

by:cisco20
ID: 35132532

Here are the relevant configs . Thanks.


hostname "router_01"

!
ip subnet-zero
ip classless
ip routing
!
!
no auto-config
!
event-history on
no logging forwarding
no logging email
!
no ip firewall alg msn
no ip firewall alg mszone
no ip firewall alg h323
!

!
interface eth 0/1
  description ***Connection to ADSL Modem ****
  no ip address
  no shutdown
!
!
!
interface t1 1/1
  clock source internal
  shutdown
!
interface t1 1/2
  description ***Connection to End Device T1/1***
  clock source internal
  tdm-group 1 timeslots 1-24 speed 64
  no shutdown
!
interface ppp 1
  ip unnumbered ppp 2
  no shutdown
  cross-connect 1 t1 1/2 1 ppp 1
!
interface ppp 2
  ip address  95.xx.xx.222  255.255.255.248
  no fair-queue
  ppp chap hostname       
  ppp chap password
  no shutdown
  cross-connect 2 eth 0/1 ppp 2
!
interface hdlc 1
  no ip address
  no shutdown
!
!
!
ip route 0.0.0.0 0.0.0.0 ppp 2


end






0
 

Author Closing Comment

by:cisco20
ID: 35291802
Thanks bridgin htr modem was a much easier solution and making first router pppoe with isp.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now