1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

RV042 to Pix Routing problem

Discussion in 'Networking Issues' started by mlopilato, Mar 27, 2010.

  1. mlopilato

    mlopilato Networkin' Nut Member

    HTML:
    I've been assigned 11.11.11.80 through 11.11.11.87, with a gateway of 11.11.11.1
     
                                    Internet
                              ISP GW 11.11.11.1
                                        |
                                        |
                            WAN port 11.11.11.80
                            subnet 255.255.255.0
                            GW 11.11.11.1
                                       RV042
                                    Lan Port 1 
                                     10.1.1.1 
                            subnet 255.255.255.0 
                  _______________________|______________________
                 |                                              |
          Wan 10.1.1.7                                         Wan 10.1.1.2
        GW 10.1.1.1                                              GW 10.1.1.1
         Pix Dev Lan1                                           Pix Live Lan 2
          Lan 10.0.0.1                                         Lan 192.168.1.1
        subnet 255.255.255.0                             subnet 255.255.255.0
                  |                                    ____________|____________
              PC 1                                     |                        |
           10.1.1.5                             Web Server                 DNS Server
       sn 255.255.255.0                     11.11.11.81                  11.11.11.82
          gw 10.0.0.1                      sn 255.255.255.0          sn 255.255.255.0
                                              gw 192.168.1.1               gw 192.168.1.1 
    This works great                     This server can be       Can access the internet but
    Internet access and           accessed from everywhere     CANNOT BE ACCESSED From the Internet
     
    Access to 11.11.11.81-87                                                                      
     
     
     
    I added an Advanced Route in the RV042 as follows:
     
    Destination IP              Subnet                 Gateway         Hops 
    11.11.11.81               255.255.255.0         10.1.1.2           1 
    11.11.11.82               255.255.255.0         10.1.1.2           1 
     
    I tried an adv route of: 
    11.11.11.0                 255.255.255.0         10.1.1.2         1       Can access .81, but not .82 from the internet
     
    I tried an adv route of: 
    11.11.11.81               255.255.255.255         10.1.1.2        1 
    11.11.11.82               255.255.255.255         10.1.1.2       1    Can Access .81, but not .82 from the internet
     
     
    My problem right now is that I cannot access the .82 server from the internet.
     
    I can access .81 from the internet.
    I also added a One-to-One Nat:
    Priv Range Begin           Public Range Begin         Range Length
    10.1.1.2                        11.11.11..81                7
     
    This seems to have allowed the ability to access .81 address from the web, but not .82
    Also removing the Static Routes in the previous post has no effect.
     
    I can ping both .81 and .82 from the RV042's Diagnostic/Ping function.
     
    
     

    Attached Files:

  2. number9

    number9 Guest

    Because you are able to successfully traverse from PC1 thru PIX#1 to RV042 then to PIX#2 and then the DNS server--sounds to me like you have everything correct from routing perspective.

    There are a couple of things I would try: If you flip-flop IP addresses between your Web Server and your DNS server does the problem follow the IP or the device? If the problem follows the device (meaning you can now access web server with .82 but no access to DNS server with .81 from the internet) then I would look at settings on the DNS server itself (firewall rules/access-list/filter-lists). If the problem follows the IP address, I would make sure your ISP is allowing you to have the .82 address. To test this, I would bypass all the equipment, hook up a PC set IP to x.x.x.82 / 255.255.255.0 / gw x.x.x.1 and see if you can get to the Internet. If you can't might be the ISP advertising you with a x.x.x.80/31 and not x.x.x.80/29.
     
  3. mlopilato

    mlopilato Networkin' Nut Member

    When I flip-flop the addresses it DOES follow the IP(still can ping .81 and NOT ping .82).
    I do have access to all addresses from the internet when I hook up a different Pix.
     

Share This Page