Default Gateway Question

[HPKG01]

Hi guys,
I need to install 2 CISCO routers (R1=2601 & R2=1841) via T1 and SHare the DSL internet connected via Lan from R1 to R2.

If I config the f0 IP address as PC's DGwy I have access from 10.6.0.0 to 10.7.0.0 networks but I can't ping the FWall NIC Card (10.6.9.2 current PCs DFGwy )and no internet access.

What can I do to fix it?
The DGwy for Pc's must be the F0 IP?
Why I have access to CISCOS and networks only if PC's DGWy is f0 IP Address?

NOTE.- Today I have connected both networks and internet using 2 ACT multiplexers and 10.6.9.2 as PC's DGwy.

The connection is as follows:
R1(10.6.9.30)---(10.6.9.2)FWall(10.9.9.2)---(10.9.9.1)2Wire DSL(Dyn IP). The FWall Gwy is 10.9.9.1

The configuration is:

R1
ip subnet-zero
Ip routing
interface FastEthernet0/0
ip address 10.6.9.30 255.255.0.0
interface Serial0/1/1
ip address 10.10.0.1 255.255.0.0
ip classless
ip route 10.7.0.0 255.255.0.0 10.10.0.2
no router rip

R2
ip subnet-zero
ip routing
interface FastEthernet0/0
ip address 10.7.9.30 255.255.0.0
interface Serial0/0/0
ip address 10.10.0.2 255.255.0.0
ip classless
ip route 10.6.0.0 255.255.0.0 10.10.0.1
no router rip

I hope you can help me

 

[brianinms]

On router 1

ip route 0.0.0.0 0.0.0.0 10.6.9.2

 

[HPKG01]

With this new static route I have acces to internet and I can ping to ip 10.6.9.2 locally, but I can't ping to 10.6.9.2 from 10.7.0.0.

I tried this From 10.7.0.0:
tracert 10.6.9.30 and I arrive to 10.6.9.30

tracert 10.6.9.2 and I just arrive to 10.10.0.1 (S0 from R1)

I don't know why but I just have access to PC's with Dgwy 10.6.9.30 (e0 R1)

 

[brianinms]

Oh sorry, I missed that as a requirement ...

On R2

ip route 0.0.0.0 0.0.0.0 10.10.0.1

 

[HPKG01]

Done but we have same status

 

[brianinms]

Do you have a route in the firewall to send the 10.7.9.x traffic back to 10.6.9.30?

 

[HPKG01]

The config is:
R2 (REMOTE)

version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname HARBOR-MXL
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
resource policy
!
clock timezone PCTime -8
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
no ip source-route
ip cef
!
!
ip tcp synwait-time 10
no ip dhcp use vrf connected
!
no ip bootp server
ip name-server 10.6.3.5
!
interface FastEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0$$ES_LAN$$FW_INSIDE$
ip address 10.7.9.30 255.255.0.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
duplex auto
speed auto
no mop enabled
!
interface FastEthernet0/1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
shutdown
duplex auto
speed auto
no mop enabled

interface Serial0/0/0
description $FW_OUTSIDE$$ES_WAN$
ip address 10.10.0.2 255.255.0.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.10.0.1
ip route 10.6.0.0 255.255.0.0 10.10.0.1
!
ip http server
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
!
logging trap debugging
no cdp run
!
control-plane
!
line con 0
login local
transport output telnet
line aux 0
login local
transport output telnet
line vty 0 4
privilege level 15
login local
transport input telnet
line vty 5 15
privilege level 15
login local
transport input telnet
!
scheduler allocate 4000 1000
end

R1 (LOCAL)
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname HARBOR-TJ
!
boot-start-marker
boot-end-marker
!
! card type command needed for slot 0
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200 debugging
logging console critical
enable secret 5 $1$6gWC$4VixChNNjVAa.lWae7ZqX/
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
no ip source-route
ip cef
!
!
ip tcp synwait-time 10
no ip dhcp use vrf connected
!
!
no ip bootp server
ip name-server 10.6.3.5
!
username admin privilege 15 secret 5 $1$e2d9$QP4LF1dJhVaMrAWBvslQA0
!
!
!
interface FastEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0$$ES_LAN$$FW_INSIDE$
ip address 10.6.9.30 255.255.0.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
duplex auto
speed auto
no mop enabled
!
interface FastEthernet0/1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
shutdown
duplex auto
speed auto
no mop enabled
!
interface Serial0/1/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
shutdown
clockrate 2000000
!
interface Serial0/1/1
ip address 10.10.0.1 255.255.0.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
clockrate 2000000
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.6.9.2
ip route 10.7.0.0 255.255.0.0 10.10.0.2 permanent
!
ip http server
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
!
logging trap debugging
no cdp run
!
control-plane
!
line con 0
login local
transport output telnet
line aux 0
login local
transport output telnet
line vty 0 4
privilege level 15
login local
transport input telnet
line vty 5 15
privilege level 15
login local
transport input telnet
!
scheduler allocate 20000 1000
end

 

[plshlpme]

the problem is likely what brian mentioned above..
the firewall/internet gateway probably has no knowledge of your network at the remote site and you will need to enter a route into that device to tell it to route your remote sites lan back to the main router...
as it is now your gatway will take that traffic and dump it because it doesn't know where 10.7.0.0 255.255.0.0 is.

 

[HPKG01]

I have a route in the firewall pointing to 10.6.9.1 (current working ACTMultiplexer NIC card) I'll change this route to 10.6.9.30 and I'll test

 

[HPKG01]

The Route in Firewall has been modified from 10.6.9.1 to 10.6.9.30 and I can ping Pc's in 10.6.0.0 since 10.7.0.0, but I haven't internet access in 10.7.0.0

What should be the DNS to use on remote site (10.7.0.0)?
Need I to configure a DNS on CISCOS?

 

[brianinms]

Use the same DNS server that you are using for the workstations on the 10.6 network.