Menu
What's new
By:
Filters Better Search

Routing issues any advice?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

9

95coupe

New Around Here
I have a cisco 2821 that I am using to drive a cisco 3550. I am using teh 2821 to provide vlan tagging to the switch as well as DHCP addresses. The set up is below:
ip dhcp pool Guest_Lan
network 172.16.0.0 255.255.255.128
default-router 192.168.1.3
!
ip dhcp pool Private_Lan
network 172.16.0.128 255.255.255.128
default-router 192.168.1.3
!
!
!
!
!
interface GigabitEthernet0/0
description Wireless LAN
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/0.10
description Private_Lan_wireless
encapsulation dot1Q 10
ip address 172.16.0.130 255.255.255.128
!
interface GigabitEthernet0/0.15
description Guest_Lan_Wireless
encapsulation dot1Q 15
ip address 172.160.0.3 255.255.255.128
!
interface GigabitEthernet0/1
ip address 192.168.1.3 255.255.255.0
duplex auto
speed auto
!
router eigrp 1
network 192.168.1.0
network 172.16.0.0
no auto-summary
!
ip route 0.0.0.0 0.0.0.0 192.168.1.2 (this is the wireless router ahead of all this pulling the address from the cable modem)


I can get everything on the 192.x.x.x network to work just great but tying the 172.x.x.x is just not working. Any advice?
 
Odds are, your wireless router does not have a route to the 172.16 subnets. Even if it did, Internet connectivity for those networks might not be possible if the wireless router won't NAT more than a single LAN subnet.

You could go Cable modem>Cisco 2821>Catalyst 3550>wireless router, but it would take some effort and you would lose some consumer-friendly features.
 
You have a couple issues.

1. Your gateway must be an IP address within that subnet.

ex:
ip dhcp pool Guest_Lan
network 172.16.0.0 255.255.255.128
default-router 192.168.1.3

it needs to be something like 172.16.0.1

ip dhcp pool Private_Lan
network 172.16.0.128 255.255.255.128
default-router 192.168.1.3

it needs to be something like 172.16.0.129

2. Now you've defined a legal gateway for your DHCP, fix the sub interfaces to match.

interface GigabitEthernet0/0.10
description Private_Lan_wireless
encapsulation dot1Q 10
ip address 172.16.0.1 255.255.255.128
!
interface GigabitEthernet0/0.15
description Guest_Lan_Wireless
encapsulation dot1Q 15
ip address 172.160.0.129 255.255.255.128

3. So now you can route internally. But the router attached to the cable modem doesn't know about your 172.x.x.x addresses. So you have to NAT your 172 addresses to interface GigabitEthernet0/1.

lmk if you need help on that last bit it's more involved.
 
Yeah i could probably use a little help. Its not taking the NAT commands i am trying to throw on it. Thanks for all your help so far!
Edit: This is the updated Config
ip dhcp pool Guest_Lan
network 172.16.0.0 255.255.255.128
dns-server 8.8.8.8
default-router 172.16.0.1
!
ip dhcp pool Private_Lan
network 172.16.0.128 255.255.255.128
dns-server 8.8.8.8
default-router 172.16.0.129
!
!
!
!
!
!
interface GigabitEthernet0/0
description Wireless LAN
no ip address
ip nat inside
duplex full
speed 100
!
interface GigabitEthernet0/0.10
description Private_Lan_wireless
encapsulation dot1Q 10
ip address 172.16.0.129 255.255.255.128
!
interface GigabitEthernet0/0.15
description Guest_Lan_Wireless
encapsulation dot1Q 15
ip address 172.16.0.1 255.255.255.128
!
interface GigabitEthernet0/1
ip address 192.168.1.4 255.255.255.0
ip nat outside
duplex auto
speed auto
!
router eigrp 1
network 172.16.0.0
network 192.168.0.0
no auto-summary
!
I can post the stuff off of the switch also if need be.
 
Last edited:
Here you go. The router will now nat everything to
interface GigabitEthernet0/1. I also added DNS servers to your DHCP pool. Can't surf without them. :p

-----------------------------------------------------------

ip dhcp pool Guest_Lan
network 172.16.0.0 255.255.255.0
default-router 172.16.0.1
dns-server 208.67.222.222
dns-server 208.67.220.220
!
ip dhcp pool Private_Lan
network 172.16.1.0 255.255.255.0
default-router 172.16.1.
dns-server 208.67.222.222
dns-server 208.67.220.220
!
!
!
!
!
!
interface GigabitEthernet0/0
description Wireless LAN
no ip address
duplex full
speed 100
!
interface GigabitEthernet0/0.10
description Private_Lan_wireless
encapsulation dot1Q 10
ip address 172.16.1.1 255.255.255.0
ip nat inside
!
interface GigabitEthernet0/0.15
description Guest_Lan_Wireless
encapsulation dot1Q 15
ip address 172.16.0.1 255.255.255.0
ip nat inside
!
interface GigabitEthernet0/1
ip address 192.168.1.4 255.255.255.0
duplex auto
speed auto
ip nat outside
!
ip nat inside source list 7 interface GigabitEthernet0/1 overload
!
access-list 7 permit 172.16.0.1 0.0.0.255
access-list 7 permit 172.16.1.1 0.0.0.255
!
router eigrp 1
network 172.16.0.0
network 192.168.1.0
no auto-summary
!
ip route 0.0.0.0 0.0.0.0 192.168.1.1
!
 
Last edited:
If you nat to Ge0/1, you won't need the eigrp.

Also, will need to create ACLs to deny guest to private LAN access and vice versa.

So:

interface GigabitEthernet0/0.10
description Private_Lan_wireless
encapsulation dot1Q 10
ip address 172.16.1.1 255.255.255.0
ip nat inside
ip access-group acl1 in
!
interface GigabitEthernet0/0.15
description Guest_Lan_Wireless
encapsulation dot1Q 15
ip address 172.16.0.1 255.255.255.0
ip nat inside
ip access-group acl2 in


ip access-list extended acl1
deny ip 172.16.1.0 0.0.0.255 172.16.0.0 0.0.0.255
permit ip any any

ip access-list extended acl2
deny ip 172.16.0.0 0.0.0.255 172.16.1.0 0.0.0.255
permit ip any any
 
yeah i wasnt thinking about that. I am gonna pull the EIGRP out and see where that gets me. The router is routing the traffic great. Randomly the switch has quit picking up DHCP addresses on the different vlan interfaces but I will take a crack at it later tonight. I have the switch set up like this currently just if anyone is curious:

interface Vlan10 ip address 172.16.1.2 255.255.255.0 !
interface Vlan15 ip address 172.16.0.2 255.255.255.0 !
ip default-gateway 172.16.0.1
 
You will want to exclude the switch IP as well as any static ip devices (servers etc) from the dhcp pool to avoid conflicts (probably the reason why DHCP random stops working).
Use:
ip dhcp excluded-address 172.16.0.2 172.16.0.2
ip dhcp excluded-address 172.16.1.2 172.16.1.2

Also, it might be a good idea to limit the lease time if you see a lot of devices come and go off the connection. I've seen Android devices cause this issue before, they request and get a new IP but the router holds the old IP lease because it recognizes the mac address.

e.g.

ip dhcp pool Guest_Lan
network 172.16.0.0 255.255.255.0
default-router 172.16.0.1
dns-server 208.67.222.222
dns-server 208.67.220.220
! Lease time in Day Hour Min, configured for 30 min in this example
lease 0 0 30
!
ip dhcp pool Private_Lan
network 172.16.1.0 255.255.255.0
default-router 172.16.1.
dns-server 208.67.222.222
dns-server 208.67.220.220
! Lease time in Day Hour Min, configured for 1 hour in this example
lease 0 1 0
 
You must log in or register to reply here.

Similar threads

majnu
  • Locked
Have I configured my home network correctly + SNTP issues
Replies
4
Views
1K
majnu
majnu
J
Any MikroTik RouterOS Gurus?
Replies
2
Views
2K
jasons6930
J
K
Routing through VPN from LAN - Asus RT-N66U
Replies
5
Views
3K
eibgrad
eibgrad
J
Edgerouter Static IPV6 setup help please!
Replies
5
Views
2K
jasons6930
J
M
Inter-vlan Routing
Replies
7
Views
4K
coxhaus
C
Similar threads
Thread starter Title Forum Replies Date
B advice needed regarding a new wired router Routers 10

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 751 (members: 37, guests: 714)
Top