WAN Routing Help

[rxfoote]

This has been my first attempt at a WAN design and implementation. So far it has gone pretty well but having one problem and hoping I can find some answers. Information - The main location has a 2600 with 4 wics - 1 for T1 out for internet access(for all 4 locations) and 3 others for the 3 remote locations. The 2600 is serving DHCP/DNS to all users at the main location out its Ethernet port. Everything at the main location is working well.

In the 3 remote locations there is a 1720 with 1 wic and the Ethernet port is doing local DHCP/DNS to the local users as well. All 3 1720's can ping all interfaces on the 2600 as well as the other 1720's. However the local clients at these locations get DHCP/DNS assigned but can't ping outside the Ethernet port of their respective 1720. Any ideas what I still need to do? Thanks in advance!

 

[Narizz28]

Make sure that the netowrk addresses that the routers are giving the client PC's at the remote locations are unique to each location and not overlapping with the main location. For example:

Main: 192.168.1.0 255.255.255.0
Remote Site 1: 192.168.2.0 255.255.255.0
Remote Site 2: 192.168.3.0 255.255.255.0
Remote Site 3: 192.168.4.0 255.255.255.0

Then make sure the 1700's each have a default route to the 2600's appropriate interface address.

 

[rxfoote]

We have done this based upon physical information of each locations. For example on is 192.168.34.x - The Ethernet port of that 1720 is 192.168.34.1 and that is what is assigned as the default-router(gateway) in DHCP. All clients can ping this address and everything internal but that is it. They are unable to ping the WAN side of the 1720 or anything outside of that. As a result they aren't able to attach to the server nor go out the T1 for internet at the main location. Thanks!

 

[123tech]

At each remote site on the 1720's, do you have static routers configured, or are you using a routing protocol? If you do a "show ip route", do you see all of your networks, there should be atleast 7 networks, unless your using a default gateway (0.0.0.0 0.0.0.0 X.X.X.X), and then you'll see your connected interfaces. So when you look at the "show ip route" output, does it make sense? Also on the 2600, do you have a route back to each remote's site LAN network, not just the WAN segment, but also the LAN segment as well?

 

[landrew5]

I'm assuming that you have ruled out any access-list issues here.

If so, can you ping an address on the 2600 from one of the 1720's sourcing the ping from the ethernet address?? Do you see the 2600 when doing a 'show cdp neighbors' on one of the 1720's?? If the answer to both of these is yes, then the client PC's at the remote sites do not know which is their default gateway. They may be able to ping the default gateway (192.168.34.1) which doesn't prove anything other than you have L3 connectivity to the ethernet port on the router. However, the clients have to know that this is the address to send packets to that are not on the same subnet as determined by the ANDing process.

If you are using at least W2K for your PC's, can you do an 'ipconfig /all' and see that 192.168.34.1 is the default gateway??

 

[dearingkr]

I think you have a basic routing problem.
As long as you have all Cisco routers, then just use EIGRP.

Add the following config to every router:
router eigrp 192
network 192.168.0.0 0.0.255.255


The core router (2600) should have the following:
ip default-gateway a.b.c.d (ISP internet connection)
ip route 0.0.0.0 0.0.0.0 a.b.c.d (ISP internet connection)

All remote routers (1700s) should have the following:
ip default-gateway e.f.g.h (core router IP)
ip route 0.0.0.0 0.0.0.0 e.f.g.h (core router IP)

Remove any static routes you already have.

That's it. Post back here and let us know how it goes.

MCSE CCNA CCDA