Static Routing - Basic Question

Hi Experts,

Please refer to the attached diagram for my question.

Network Diagram
What I am able to do:
1. PC1 ping Router1
2. PC1 ping Router2
3. PC1 Ping PC2
4. PC2 Ping Router1
5. PC2 Ping Router2

What  I am NOT able to do:
1. PC2 Ping PC1

Why can't I ping PC1 from PC2?

Can you please help point me in the right direction?

Many thanks,
Ricky
Ricky NguyenITAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Larry Struckmeyer MVPCommented:
This won't work because routers work on the principle that "I can't find an IP, it must be on the other side of the default gateway, let me look there".  The "other side" of the default gateway is the WAN side of the router.

Plus, you have too many 192.168.0.x and 192.168.1.x in that scheme.  

Can you tell us exactly what the goal is... and don't say to ping.  You must have something in mind... ping is just a test.
0
Ricky NguyenITAuthor Commented:
I'm trying to get my VOIP line working. It sits on the first router. I had this working just last night but a friend came over and tinkered with it and now it's not working anymore.
0
Ricky NguyenITAuthor Commented:
I was following a tutorial on youtube that shows how I could link the two routers together.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

Ricky NguyenITAuthor Commented:
If I'm sitting on PC2, and if I can't ping PC1, that  means I can't access its resources either. My ultimate goal is to have the two subnet link and every PC on the either subnet access each others resources.
0
Larry Struckmeyer MVPCommented:
Phones on router1, computers on router 2?  Do we have to guess every step?

What did the friend change?  Why is in necessary for the voip phones to be able to reach the computers, which I presume are behind router 2?

or are there computers behind both routers but phones only behind router 1?  

Why two routers?  Need more ports?  Get a switch.
0
Ricky NguyenITAuthor Commented:
Computers on both routers and phone on router 1.
0
Ricky NguyenITAuthor Commented:
I guess I can get a switch but I'm also trying to learn more about networking if I can.
0
Ricky NguyenITAuthor Commented:
My friend changed it so that both routers were on the same subnet, but by doing so broke the Router 2 VPN endpoint settings.
0
Ricky NguyenITAuthor Commented:
So Larry Struckmeyer MVP, ignoring VOIP and VPN stuff, can you please shed some light as to how would I go about and getting the PC2 to access PC1's resources with the current setup?
0
Larry Struckmeyer MVPCommented:
My friend changed it so that both routers were on the same subnet,

Why?  What did not work before he did this?
0
Ricky NguyenITAuthor Commented:
My friend changed it so that both routers were on the same subnet, but by doing so broke the Router 2 VPN endpoint settings.
0
Larry Struckmeyer MVPCommented:
Yes.. but WHY did he change it.. what was he trying to accomplish?  If nothing was wrong before it was changed, then change it back.
0
Ricky NguyenITAuthor Commented:
He changed it because when I had VPN setup on router 1 to connect with my home router, both being VPN end points, the VPN connection was able to be established but I couldn't access any any resources from home. By placing them on the same subnet, he thought we could remove an extra layer of complexity.
0
Larry Struckmeyer MVPCommented:
Not being able to VPN between routers is typical if the subnets on the LAN side of the routers are the same.  So Site1 should be 192.168.AAA.xxx and Site2 should be 192.168.BBB.xxx.  Note I assume there is another site somewhere in this picture, not previously explained.

This is the same reason your two router example is not working, as I said in my first reply.  You need the WAN side of router2 to be the public IP.  You need the LAN side of router 2 to be 192.168.not the same as the other site.xxx.

Then you need the WAN side of router1 to be on the same subnet as the LAN side of router2, and the LAN side of router1 to be on a subnet different from all the others, say 10.0.0.x.

All of these IP addresses on the routers should be outside the scope of any DHCP assigned address or you may get conflicts.

Now all the traffic will flow, except you may have to add a route to the computers to have them find the computer on the other side of the routers.  the command is route add and the rest of it requires some practice... search the net for explanations on the route command, and in particular "route add"
0
Ricky NguyenITAuthor Commented:
Hi Larry Struckmeyer MVP, all my subnet are different as:

1. Router 1 has 192.168.0.0 subnet
2. Router 2 has 192.168.1.0 subnet and
3. Router 3 (home router) has 192.168.2.0 subnet.

I believe what you just described is what is shown in my diagram.

I think you may have misread the Static routing on router 2 as WAN setting. The WAN setting was not provided as I didn't think it was relevant because I was trying to ping the internal networks.
0
Don JohnstonInstructorCommented:
What I am able to do:
3. PC1 Ping PC2

What  I am NOT able to do:
1. PC2 Ping PC1

Why can't I ping PC1 from PC2?
Because PC1 has a firewall configured on it that is blocking ICMP requests.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Architecture

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.