Have an issue, hope many of you don't feel this is too off topic. Many of =
you have helped me in the past with certification questions, perhaps you =
can assist with this one as well.
I am trying to establish a connection to the City of Greenville's network. =
What should be a simple connection is giving me fits.
I'm currently using 2 Cisco 1601 routers, routing RIPv2. From my network =
to the city's, I pass through a total of 5 routers (2 our mine, 3 belong =
to the city). Currently I can communicate with each router and vice versa =
via Telnet or ping. However, the city of Greenville's network has the =
following IP address 10.128.0.0/12 (or 255.240.0.0). The interface =
attached to the city of Greenville's network is 10.130.0.1/12. Everything =
within this network has 3'd octet of zero. =20
Originally, from his network he could not ping us, however I could ping =
him (him being the net admin using a PC with an address of 10.130.0.24/12).=
I added a default route on one of my Cisco's pointing back to his =
network and that problem went away. Now I'm trying to add an ACL on our =
router blocking all but Telnet traffic coming from a host on his network =
to a host within our network. In testing I can get the ACL's to work for =
every system except one on the 10.128.0.0 subnet. By work I mean on the =
networks in between my network and the city's I can setup ICMP or Telnet =
ACL's permitting traffic and they can get in. This was done for testing =
purposes only. My goal is to lock everyone out but the host w/ an IP =
address of 10.130.0.24/12.
I believe that the problem lies with the zero being used as a third octet =
. However I've seen Cisco documentation using zero's as host addresses. =
I'm a bit confused for I've found plenty of documentation stating that =
zero's in the network/subnet address aren't recommended, however I can =
find nothing stating zero's in the "host" portion aren't recommended.
Any ideas? Has anyone come across a problem like this before?
Simple answer would be to tell the city of Greenville to remove the zero =
in the third octet and replace it with a one or higher. The answer from =
them is that it would be too much trouble. This is their default gateway =
for over 450 machines. So I'm looking for help to see if there's anything =
else I can try.
Thanks for any and all advice,
rtw
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 5.50.4134.600" name=GENERATOR></HEAD>
<BODY style="MARGIN-TOP: 2px; FONT: 8pt MS Sans Serif; MARGIN-LEFT: 2px">
<DIV><FONT size=1>Have an issue, hope many of you don't feel this is too off
topic. Many of you have helped me in the past with certification
questions, perhaps you can assist with this one as well.</FONT></DIV>
<DIV><FONT size=1></FONT> </DIV>
<DIV><FONT size=1>I am trying to establish a connection to the City of
Greenville's network. What should be a simple connection is giving me
fits.</FONT></DIV>
<DIV><FONT size=1></FONT> </DIV>
<DIV><FONT size=1>I'm currently using 2 Cisco 1601 routers, routing RIPv2.
>From my network to the city's, I pass through a total of 5 routers (2 our mine,
3 belong to the city). Currently I can communicate with each router and
vice versa via Telnet or ping. However, the city of
Greenville's network has the following IP address 10.128.0.0/12 (or
255.240.0.0). The interface attached to the city of Greenville's network
is 10.130.0.1/12. Everything within this network has 3'd octet of
zero. </FONT></DIV>
<DIV><FONT size=1></FONT> </DIV>
<DIV><FONT size=1>Originally, from his network he could not ping us,
however I could ping him (him being the net admin using a PC with an
address of 10.130.0.24/12). I added a default route on one of my Cisco's
pointing back to his network and that problem went away. Now I'm trying to
add an ACL on our router blocking all but Telnet traffic coming from a host on
his network to a host within our network. In testing I can get the ACL's
to work for every system except one on the 10.128.0.0 subnet. By work I
mean on the networks in between my network and the city's I can setup ICMP or
Telnet ACL's permitting traffic and they can get in. This was done for
testing purposes only. My goal is to lock everyone out but the host w/ an
IP address of 10.130.0.24/12.</FONT></DIV>
<DIV><FONT size=1></FONT> </DIV>
<DIV><FONT size=1>I believe that the problem lies with the zero being used as
a third octet . However I've seen Cisco documentation using
zero's as host addresses. I'm a bit confused for I've found plenty of
documentation stating that zero's in the network/subnet address aren't
recommended, however I can find nothing stating zero's in the "host" portion
aren't recommended.</FONT></DIV>
<DIV><FONT size=1></FONT> </DIV>
<DIV><FONT size=1>Any ideas? Has anyone come across a problem like this
before?</FONT></DIV>
<DIV><FONT size=1></FONT> </DIV>
<DIV><FONT size=1>Simple answer would be to tell the city of Greenville to
remove the zero in the third octet and replace it with a one or
higher. The answer from them is that it would be too much trouble.
This is their default gateway for over 450 machines. So I'm looking for
help to see if there's anything else I can try.</FONT></DIV>
<DIV><FONT size=1></FONT> </DIV>
<DIV><FONT size=1>Thanks for any and all advice,</FONT></DIV>
<DIV>rtw</DIV>
<DIV><FONT size=1></FONT> </DIV>
<DIV><FONT size=1></FONT> </DIV></BODY></HTML>
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
