Hi all,
I've having a few problems with our network and would like to some guidance and help please...
Internet --- ISA FIrewall------Local Network ----- Cisco Router -----Local subnets (10.1.1.x & 172.16.0.x)
We usually use our 10.1.1.x for our internet clients but no have a need for our 172.16.0.x to access the internet as well. I have installed the ISA clients on our clients but cannot get them to connect to the ISA. I think that there is a underlining routing issue on the network.
I added another NIC to our ISA firewall on the 172.16.0. range so I at least I had a direct connect in that network and then carried out the following tests....
172.16.0.10 (ISA) --> Ping 172.16.0.1 ( Local internet on cisco router ) --- ping'ed ok
172.16.0.10 (ISA) --> ping 10.1.1.28 (Local internet on cisco router on the 10.1.1.X range ---- ping'ed ok
172.16.0.10 (ISA) ---> ping 172.16.0.65 ( Client requiring Internet connection) the first ping times out and the 3 pings after that destination unreachable
I have copied my config but I don't understand it.... The two subnets are directly connected so there should be any need to for any routeing statements should there? There is a problem routing from one subnet to the other even though the two subnets are connected directly to the cisco router.......
router>en
Password:
router#show config
Using 1726 out of 29688 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname router
!
boot-start-marker
boot-end-marker
!
!
no network-clock-participate slot 1
no network-clock-participate wic 0
no aaa new-model
ip subnet-zero
ip cef
!
!
ip domain lookup source-interface FastEthernet0/1
ip domain name horizon
ip host **** 10.1.1.2
ip host **** 10.1.1.12
ip host **** 10.1.1.11
ip name-server 10.1.1.12
ip name-server 10.1.1.18
ip dhcp excluded-address 172.16.0.1 172.16.0.30
!
ip dhcp pool VOIP
network 172.16.0.0 255.255.255.0
default-router 172.16.0.1
dns-server 10.1.1.12
option 242 ascii "172.16.0.2,MCPORT=1719,HTTPSRVR=172.16.0.2,VLANTEST=1"
option 176 ascii "MCIPADD=172.16.0.2,MCPORT=1719,TFTPSRVR=172.16.0.2,HTTPSRVR=172.16.0.2,VLANTEST=1"
domain-name horizon.net
lease 14
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 172.16.0.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 10.1.1.28 255.255.255.0
duplex auto
speed auto
!
ip http server
ip classless
ip route 172.16.0.0 255.255.255.0 172.16.0.10
ip route 172.16.0.159 255.255.255.255 172.16.0.10
!
!
!
snmp-server community public RW
snmp-server enable traps tty
!
!
!
!
!
!
line con 0
password
line aux 0
line vty 0 4
password
no login
!
!
!
end
router#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
S 172.16.0.159/32 [1/0] via 172.16.0.10
C 172.16.0.0/24 is directly connected, FastEthernet0/0
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, FastEthernet0/1
router#
I've having a few problems with our network and would like to some guidance and help please...
Internet --- ISA FIrewall------Local Network ----- Cisco Router -----Local subnets (10.1.1.x & 172.16.0.x)
We usually use our 10.1.1.x for our internet clients but no have a need for our 172.16.0.x to access the internet as well. I have installed the ISA clients on our clients but cannot get them to connect to the ISA. I think that there is a underlining routing issue on the network.
I added another NIC to our ISA firewall on the 172.16.0. range so I at least I had a direct connect in that network and then carried out the following tests....
172.16.0.10 (ISA) --> Ping 172.16.0.1 ( Local internet on cisco router ) --- ping'ed ok
172.16.0.10 (ISA) --> ping 10.1.1.28 (Local internet on cisco router on the 10.1.1.X range ---- ping'ed ok
172.16.0.10 (ISA) ---> ping 172.16.0.65 ( Client requiring Internet connection) the first ping times out and the 3 pings after that destination unreachable
I have copied my config but I don't understand it.... The two subnets are directly connected so there should be any need to for any routeing statements should there? There is a problem routing from one subnet to the other even though the two subnets are connected directly to the cisco router.......
router>en
Password:
router#show config
Using 1726 out of 29688 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname router
!
boot-start-marker
boot-end-marker
!
!
no network-clock-participate slot 1
no network-clock-participate wic 0
no aaa new-model
ip subnet-zero
ip cef
!
!
ip domain lookup source-interface FastEthernet0/1
ip domain name horizon
ip host **** 10.1.1.2
ip host **** 10.1.1.12
ip host **** 10.1.1.11
ip name-server 10.1.1.12
ip name-server 10.1.1.18
ip dhcp excluded-address 172.16.0.1 172.16.0.30
!
ip dhcp pool VOIP
network 172.16.0.0 255.255.255.0
default-router 172.16.0.1
dns-server 10.1.1.12
option 242 ascii "172.16.0.2,MCPORT=1719,HTTPSRVR=172.16.0.2,VLANTEST=1"
option 176 ascii "MCIPADD=172.16.0.2,MCPORT=1719,TFTPSRVR=172.16.0.2,HTTPSRVR=172.16.0.2,VLANTEST=1"
domain-name horizon.net
lease 14
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 172.16.0.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 10.1.1.28 255.255.255.0
duplex auto
speed auto
!
ip http server
ip classless
ip route 172.16.0.0 255.255.255.0 172.16.0.10
ip route 172.16.0.159 255.255.255.255 172.16.0.10
!
!
!
snmp-server community public RW
snmp-server enable traps tty
!
!
!
!
!
!
line con 0
password
line aux 0
line vty 0 4
password
no login
!
!
!
end
router#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
S 172.16.0.159/32 [1/0] via 172.16.0.10
C 172.16.0.0/24 is directly connected, FastEthernet0/0
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, FastEthernet0/1
router#
