As above, our company has two lines, VALN34 192.168.34.0/24 company Intranet, office use, through cisco3560G and division of room wired, can travel through the VPN tunnel and headquarters of wired network, the equivalent of Intranet, another line is its own lines of telecom, is used to visitors on the Internet use, and office network apart,
If now want to branch to the headquarters of the VPN lines appear problem, can I in cisco3560G switches connected to the visitor on network, and then through the Internet to visit the headquarters of a specific foreign IP have some hosting services?
I have tried 20 visitors to interface to connect the router configuration switches: no switchport, IP address 192.168.2.2 255.255.255.0,
To configure static routes: IP route 202.98.52.21 255.255.255.255 giga0/20, but appears to be invalid, could you tell me how can I configuration can achieve the effect? Thank you very much!
CodePudding user response:
From you describe only visitors network can access public rightVisitors how many is cisco router NAT IP range is the backend device IP is beyond the scope of the
Suggest you tracert 202.98.52.21 once see breakpoint
CodePudding user response:
Hello, NAT IP refers to the public IP? I access csico interface is visitors router LAN interface, using the visitor router LAN192.168.2.0/24 segment, tracert to 192.168.34.254 gateway is broken.CodePudding user response:
Routing outbound visitors will be mapped to public IP, the default routing NAT IP range is small LAN IP segment of mouth, and pick up equipment under your cisco IP does not match theVisitors routing added to your cisco network IP routing, the gateway is 20 mouth 192.168.2.2
Again impassability changed cisco routing and IP route 202.98.52.21 255.255.255.255 giga0/20, the g20 to visitors routing LAN IP blind guess 192.168.2.1?
CodePudding user response:
So I need to the visitor that add a static route IP router route 192.168.34.0 255.255.255.0 192.168.2.2 is that so?Then visitors routing LAN mouth is indeed 192.168.2.1 I try again, thank you!
CodePudding user response:
Still won't do, don't know which link out of the question...CodePudding user response:
Interesting.Is your company, or office network of the computer, not on the Intel network? In on baidu, then visit the headquarters of IP networks outside wouldn't exist problems,
Unless, that is, based in foreign countries, for some foreign IP network segment, the domestic is blocked, export routing on operators, will not give you forwarding packets,
If there is no foreign blockade IP this kind of circumstance, can on baidu, you can visit the public IP, need not change what configuration of routers and switches,
And, of course, in general, connected to the public server, there will be a firewall blocking, prevent the network attack, so the ping command is generally can't use, you Telnet open TCP port give it a try,
If you want to connect the headquarters of the network, the proposal or in the headquarters to get a VPN server or router, use VPN even better,
CodePudding user response:
Thank you for your reply, on the part of office network is to the Intel network, some can not, how to say, IT belong to different departments, IT and our company division division also manages the group other company network, so we can't tube the branch network set up, they will not open set separately for our company,We would think about his side of the ready-made environment to set with our request, that's all,