Where to use the route command?

  • Thread starter Thread starter faustino Dina
  • Start date Start date
F

faustino Dina

Hi,

Iwas assigned to solve a routing problem in the office but I have some
problems with the route command usage. My situation is the following:
-I have a client PC (10.10.102.3) in the subnet A (10.10.102/24)
-A is connected to "main" subnet B (10.10.10/24) by using a NT4 with two
interfaces (10.10.102.1 and 10.10.10.143)
-The router in main subnet B is 10.10.10.254, in the subnet A it's supposed
the NT4 to act as gateway.
-Then it is an Internet aware subnet, let's call it C connected to B through
a Cisco PIX firewall with two interfaces. The interface connected to B
(inside) is 10.10.10.178

The problem is that A clients can ping 10.10.10.178, but they can't ping IPs
that are on the outside interface of the firewall.
My question is: where I should put the route command such a way A can reach
C? On the client PC, on the NT4 router connecting AB, on PIX connecting BC,
or on the router 10.10.10.254?

Any help is welcomed
Thanks in advance
Faustino
 
You will need to add the route to the Cisco PIX so that it knows how to
reach the 10.10.102 subnet. The PIX doesn't have an interface in the
10.10.102 subnet, so it needs to forward traffic for that subnet to the NT
router (which does have a interface in that network and can deliver the
frames directly).

So the setup should be something like this.

Internet
|
Cisco PIX {static route 10.10.102.0 255.255.255.0 10.10.10.143 }
10.10.10.178
|
workstations
10.10.10.x dg 10.10.10.178
|
10.10.10.143 dg 10.10.10.178
NT router
10.10.102.1 dg blank
|
workstations
10.10.102.x dg 10.10.102.1

The clients in 10.10.102 send all traffic by default to the NT router.
It delivers 10.10.10.x traffic directly, and forwards the rest to the PIX.

For traffic arriving at the PIX from the Internet, it delivers 10.10.10
traffic directly and forwards 10.10.102 traffic to the NT router, which
delivers it.
 
Bill,

Thanks a lot. I could find the error. It was the NT router 10.10.102.1
interface wrong configured. Just for my understanding I have a question. I
have a router in 10.10.10.254 which is connected to other remote segments
through wan. Workstation in 10.10.10.x are configured

|
workstations
10.10.10.x dg 10.10.10.254
|

for the internet packets to reach the PIX it is needed to add a static route
to the router at 10.10.10.254 such as
ip route 0.0.0.0 0.0.0.0 10.10.10.178

Am I right?
Currently the NT4 router has a lot of static routes defined. I didn't
touched them but from your indications I suspect all they are useless, is
it?

Thanks again, and excuse me for this silly questions
Faustino
 
Back
Top