Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Help! cant figure out proper routes......

Status
Not open for further replies.
jmandallas

jmandallas

IS-IT--Management
Sep 7, 2005
3
0
0
US
Hello everyone,
I am having a hard time figuring out the corret routes to use here.
Here is my topology Network > 3600 router > PIX firewall > router to internet.
All of our web traffic goes out the defaut gatewat(3600 router). I have a VPN device on the local network, I need a router on the 3600 router that redirects traffic going to 2 IP addresses to use the VPN device as the gateway.
I added the following routes to the 3600 router
ip route 170.x.x.3 255.255.255.255 192.168.20.250
ip route 170.x.x.2 255.255.255.255 192.168.20.250
192.168.20.250 is the internal VPN device.
when i ping either one of the addresses 170.x.x.2 or 170.x.x.3 I get the following responce from the VPN device: Reply from 192.168.20.250 Destination net unreachable
So it is going to the VPN device but seems to be looking for a net instead of a host.
I'm trying to get to a host not a network.
Sorry to ramble just wanted to give as much info as possibe.

thanks for any help you can offer,
 
Sort by date Sort by votes
Jmandallas-

Ok lets see if we can put this together. You are saying the follwing..

Network: 192.168.20.0/24
VPN Device: 192.168.20.250
3600Router: something on the 192.168.20 network?

By that statement it sounds as if you route statement is in a routing loop. Why? well because you are telling the router to send traffic for 170.xxx.xxx.3 and .2 to the VPN device. The VPN device has a default-gateway of the 3600 router. If what I am saying is correct then thats a problem. Now to resolve this, where are those host.2 and .3?

Frank
 
Upvote 0 Downvote
The device on 192.168.20.250 is telling you that it doesn't know how to get to the network that the hosts that you are trying to get to resides on. The route on the 3600 is working. It's routing that traffic to 192.168.20.250 as you've asked it to. The problem lies on the VPN device.

What is the VPN device?

Chris.

**********************
Chris A.C, CCNA, CCSA
**********************
 
Upvote 0 Downvote
Doesn't Dest net unreachable saying that it doesn't have a route to 172.x.x.x ??

have you tried doing a tracert and see where it drops off?

nathan

i could be way off
 
Upvote 0 Downvote
does the vpn device have a route back to your lan?
Click to expand...

The VPN device is ON his local network. It is saying that it has no route to the 170.x.x.x network.

Local machine sends traffic to 170.x.x.x via it's default gateway (the 3600). The 3600 has a route to that network via the VPN device on 192.168.20.250. The VPN device sends back a message to the original hosts saying "sorry, I don't know where that is!". The VPN device requires a route to the 170.x.x.x network.

Chris.

**********************
Chris A.C, CCNA, CCSA
**********************
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Jared R
  • Locked
  • Question
Cisco UC320W Paging Help
Replies
0
Views
127
Jared R
Jared R
WinstonCH
  • Locked
  • Helpful tip
What is wrong with the diagram, there are people who will help to fix it? How do i do the configurat
Replies
1
Views
92
BIS
BIS
bfordz
  • Locked
  • Question
new help on setting up third party VoIP phones through Catalyst 2960x switch
Replies
0
Views
53
bfordz
bfordz
DigiByte34
  • Locked
  • Question
Need Help Cisco AAA to any RADIUS Software
Replies
9
Views
100
DigiByte34
DigiByte34
CDIV
  • Locked
  • Question
Help me build a network
Replies
1
Views
51
burtsbees
burtsbees

Part and Inventory Search

Sponsor

Back
Top