Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

routing problem?

Status
Not open for further replies.
AllRegs

AllRegs

IS-IT--Management
Jun 2, 2005
2
US
I'll do my best to clearly explain my situation...

I have 1 network here in the office (10.0.0.0)
PTP T1 to my ISP (connected by 2 Cisco 2500s)
Another network at my ISP (192.168.1.x)
My CheckPoint FW(s) at my ISP.
We use the PTP T1 as our Internet access from the office.

I can browse the Internet fine...
External users can visit our website (server at ISP)...
External users can send us e-mail (server at office)...

What was unable to do is to access any of my servers at our ISP from the office.

We added routes to my servers and I could then connect to them.

Routes were on the CP boxes (running the CP OS).
Routes were on the routers as well...

I feel like I am missing something, that I should not have to add static routes on my servers.

Has anyone ever experienced this before, or have any suggestions so that I don't have to have the static routes on my servers?

I'm new to CP, and only have enough knowledge of routers to be dangerous, so I hope that this isn't too basic of a question.

Thanks in advance for any and all replies,

Jeremy
 
Sort by date Sort by votes
Your servers at the ISP need to know that to get to the LAN at your office they must pass traffic via the T1 routers to your network.

I think that you are thinking that they should be able to route out via the Checkpoint box which then should route that back out of the internal interface and to your network via the T1. Well, yes but it depends. For example, if using Nokia IP series gateways then they will not route " on a stick" so traffic entering an interface must exit on a different interface. This is also the same with the Pix on anything below version 7.

If you are using SPLAT servers and they will route on a stick then it may be a NAT problem if the rules NAT all traffic from the servers in which case it wouldn't work when talking to your LAN. You would have to build manual NAT rules so that NAT was not done between the two networks. by adding a route on the servers you are bypassing the firewalls and therefore the NAT rules.

So, you see, there could be a number of reasons for this.

Chris.

**********************
Chris A.C, CCNA, CCSA
**********************
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Modem80
  • Locked
  • Question
Novice SonicOS user, need routing help
Replies
2
Views
122
Modem80
Modem80
ITSUPPORTIT
  • Locked
  • Question
VPN from ASA 5510 and RV215W problem
Replies
0
Views
122
ITSUPPORTIT
ITSUPPORTIT
wrighbr1
  • Locked
  • Question
Cisco ASA 5505 site to site VPN problem
Replies
0
Views
104
wrighbr1
wrighbr1
mattbarkerlfc
  • Locked
  • Question
Checkpoint 2200 subnet overlap problem
Replies
0
Views
107
mattbarkerlfc
mattbarkerlfc
sebd44
  • Locked
  • Question
sonicwall statistics problem
Replies
0
Views
97
sebd44
sebd44

Part and Inventory Search

Sponsor

Back
Top