manuverhaegen
asked on
static routing issue no access to public internet
static routing issue no access to public internet
We have 3 vlan's
vlan 1
vlan 12
vlan 13
interface NULL0
# configuration of 1 router vrrp
interface Vlan-interface12
ip address 192.168.2.252 255.255.255.0
vrrp vrid 12 virtual-ip 192.168.2.1
#
interface Vlan-interface13
ip address 192.168.1.252 255.255.255.0
vrrp vrid 13 virtual-ip 192.168.1.1
#
# gateway to internet
interface GigabitEthernet0/1
port link-mode route
ip address 103.103.103.2 255.255.255.0
#static route to internet
ip route-static 0.0.0.0 0.0.0.0 103.103.103.1
Routing Tables:
Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/0 Static 60 0 103.103.103.1 GE0/1
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
192.168.1.0/24 Direct 0 0 192.168.1.252 Vlan13
192.168.1.1/32 Direct 1 0 127.0.0.1 InLoop0
192.168.1.252/32 Direct 0 0 127.0.0.1 InLoop0
192.168.2.0/24 Direct 0 0 192.168.2.252 Vlan12
192.168.2.1/32 Direct 1 0 127.0.0.1 InLoop0
192.168.2.252/32 Direct 0 0 127.0.0.1 InLoop0
Computer
Ip : 192.168.2.10
Mask : 255.255.255.0
Gateway : 192.168.2.1
Ping to 192.168.2.1 is ok gateway
ping to 192.168.1.1 is ok gateway
ping to 192.168.1.10 is ok computer in network
ping to 103.103.103.2 is ok public ip router
ping to 103.103.103.1 no response public gateway
ping to 8.8.8.8 no response public internet
We have 3 vlan's
vlan 1
vlan 12
vlan 13
interface NULL0
# configuration of 1 router vrrp
interface Vlan-interface12
ip address 192.168.2.252 255.255.255.0
vrrp vrid 12 virtual-ip 192.168.2.1
#
interface Vlan-interface13
ip address 192.168.1.252 255.255.255.0
vrrp vrid 13 virtual-ip 192.168.1.1
#
# gateway to internet
interface GigabitEthernet0/1
port link-mode route
ip address 103.103.103.2 255.255.255.0
#static route to internet
ip route-static 0.0.0.0 0.0.0.0 103.103.103.1
Routing Tables:
Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/0 Static 60 0 103.103.103.1 GE0/1
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
192.168.1.0/24 Direct 0 0 192.168.1.252 Vlan13
192.168.1.1/32 Direct 1 0 127.0.0.1 InLoop0
192.168.1.252/32 Direct 0 0 127.0.0.1 InLoop0
192.168.2.0/24 Direct 0 0 192.168.2.252 Vlan12
192.168.2.1/32 Direct 1 0 127.0.0.1 InLoop0
192.168.2.252/32 Direct 0 0 127.0.0.1 InLoop0
Computer
Ip : 192.168.2.10
Mask : 255.255.255.0
Gateway : 192.168.2.1
Ping to 192.168.2.1 is ok gateway
ping to 192.168.1.1 is ok gateway
ping to 192.168.1.10 is ok computer in network
ping to 103.103.103.2 is ok public ip router
ping to 103.103.103.1 no response public gateway
ping to 8.8.8.8 no response public internet
ASKER
Hi,
Nat from external to internal work perfect
Nat from external to internal work perfect
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
i try to ping to external a receive no reply
Until you try to ping ISP router it is OK.
My guess is
103.103.103.2 is your router
103.103.103.1 is ISP device
Basically - traffic from ISP router drop your traffic (not natted) or forwarding traffic in wrong direction (ISP's router do not point to your router as next hop to reach netted traffic).
My guess is
103.103.103.2 is your router
103.103.103.1 is ISP device
Basically - traffic from ISP router drop your traffic (not natted) or forwarding traffic in wrong direction (ISP's router do not point to your router as next hop to reach netted traffic).
Nat from external to internal work perfectIf you can ping ISP from router directly connected to ISP 99% chance is that NAT is the root cause. From the statement that external NAT works OK most likely that is the case.
ASKER
On the public interface i forget :
nat outbound
nat outbound
It happens. ;)
If not natted, private IP address space is dropped at ISP.