Solved

Cisco Router Help Please

Posted on 2011-03-15
7
268 Views
Last Modified: 2012-05-11
Hopefully quite a simple one to solve (I just can't work it out).

I have two networks with a Cisco 877w router at each site connected via a VPN.  

Site1 (Bromsgrove) =     172.16.0.0     255.255.240.0
Site2 (Bristol) =               172.16.16.0   255.255.240.0

I am testing Bristol's new servers at Bromsgrove and just want them to have a static Bristol IP and be able to access the internet.  I am trying to 'work it' so that once set up and working in Bromsgrove, I can simply re-locate the test servers and they'll work in Bristol (without any reconfig).

Bromsgrove Router IP is 172.16.0.254
&
Bristol Router IP is 172.16.16.254.

I have setup a secondary IP on Bromsgrove router BVI1 of 172.16.16.254, and TEST SERVER1 (172.16.17.10) is able to ping it, but cannot ping the internet (test ping to 4.2.2.2).  If I keep an eye on the ACLs (list 199) it seems to let the ping back in, but I'm guessing it sends the ping reply down the VPN to Bristol and not back to TEST SERVER1 (attached to BVI1).  Note:  The router CAN ping TEST SERVER1.

I have attached the Bromsgrove Router Config.

TEST SERVER1 is setup as follows:

IP:  172.16.17.10
SN:  255.255.240.0
GW:  172.16.16.254

Any help would be much appreciated.

Cheers, Andy
Bromsgrove-Router-Conf.txt
0
Comment
Question by:andrewprouse
  • 4
  • 3
7 Comments
 
LVL 10

Expert Comment

by:TekServer
ID: 35138865
Well, my experience is limited to fairly small networks, but it looks like you're trying to make the Bromsgrove Router route the 172.16.16.0/20 subnet to both the VPN and a local interface at the same time.  As far as I know, that's not possible - it can do one or the other, but not both at the same time.

Why not just set up two IP addresses on the new server?  You can give it the IP address it needs for its final home on the Bromsgrove network, along with the appropriate default gateway (which should be routed across the VPN while its at Bristol), plus a temporary static IP on the Bristol network.  You can then relocate the server and it should work with no reconfiguration, and you can log on to it later at your leisure and remove the secondary IP address.

hth!
:)
0
 

Author Comment

by:andrewprouse
ID: 35138993
That's a pretty good idea to be honest.  If no one else pops up to recommend a Cisco config solution I'll do that.

Thank you.
0
 

Author Comment

by:andrewprouse
ID: 35147370
Just found out that I can't do that.  I'm setting up several virtual servers with DNS and failover clusters so I really need to get the correct (final) IP addresses implemented before I start building up clusters etc.

Any ideas how to configure the router to allow this?

Cheers, Andy
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:andrewprouse
ID: 35154734
Any ideas...anyone???

Still really need an answer on this....
0
 
LVL 10

Accepted Solution

by:
TekServer earned 500 total points
ID: 35156739
Sorry, I have nothing further.  As I said before, as far as I know you can't put the same subnet on two different interfaces (local and VPN in this case) on any router.  Each subnet to which the router has access needs to be unique for routing to work.

There's a LOT of Cisco expertise here on EE, so the lack of response from anyone else might be construed as agreement with me, though I'm sure one of the Zone Superstars (not an official title) will chime in eventually ... ;)

Actually, another possible workaround idea occurs to me:  if you can get your hands on a basic little Linksys (or equivalent) SOHO router - you know, the $50 Walmart special? - you could put it on your network temporarily with the "Internet" interface configured to get a DHCP (or use a static) IP address from your Bromsgrove network, and the "LAN" interface configured as 172.16.16.254.  That way, you could put the new server behind the cheapo router and configure it exactly as it needs to be for its Bristol setup, and it should work and get Internet access.  If anything on the Bristol network needs access to the server you could use port forwarding or hosting options in the little router to handle that.  It won't be able to access anything across the VPN from Bromsgrove to Bristol while it's behind the little router, but it should otherwise be functional and no change would be needed to move it from there to Bristol.

Best I can think of ... hth!
:)
0
 
LVL 10

Expert Comment

by:TekServer
ID: 35156802
It occurred to me shortly after I posted ^that^ that there might have been a problem if your DNS server(s) happened to be on the Bristol subnet, but from the router config it looks like your DNS server is elsewhere on the network (172.16.1.2) and that you have OpenDNS (208.637.222.222) set up as your secondary DNS server.  So that wouldn't pose a problem to the above workaround.

:)
0
 
LVL 10

Expert Comment

by:TekServer
ID: 35314687
Thanks!  I assume the workaround was successful?  Glad I could help!

:)
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
DMVPN Spoke Connectivity Issue 1 54
Home internet speed 20 42
Usage of Prefix-List 5 41
Turning Verizon Fios Router into a Bridge? 28 54
While it is possible to put two routes in place with the secondary having a higher metric, this may not always work. In the event of a failure that does not bring down the physical interface on the router the primary route is not removed. There is a…
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

680 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question