Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[mswensen]

He everyone, I have a two part question about what is apparently a non standard config because I cant seem to find a way to do it.
The Setup
DSR-250 on each end.  static ips

QUESTION 1
site a
192.168.10.0/24 vlan2
192.168.12.0/24 vlan3
site b
192.168.11.0/24 vlan1

I am trying to figure out how to add more than one remote ip range to an IPsec vpn Policy  I have a tunnel established between site b's .11 lan and site a's .10 lan but I also need site b's .11 lan to talk to site a's .12 lan.  While configuring the IPsec policy it only allows you to enter a single subnet

Question 2 
I have a number of static ip addresses 1.1.1.1 is assigned to my wan interface of my router. how can I assign 1.1.1.2 to an host on the inside of my network.  this is usually called a one-to one nat but I don't see any reference to that in the docs or config pages.

Thanks

[mswensen]

Any Help anyone?  I'm about ready to box these two routers up  and return them. 

[FurryNutz]

Link>Welcome!

• What Hardware version is your router? Look at sticker under the router case.
• Link>What Firmware version is currently loaded? Found on the routers web page under status.
• What region are you located?

Internet Service Provider and Modem Configurations

• What ISP Service do you have? Cable or DSL?
• What ISP Modem Mfr. and model # do you have?

[PacketTracer]

Hi,

Question 1:

I don't know about the capabilites of your DSR-250 with respect to IPsec traffic selectors that encompass several disjunct networks. But if it doesn't allow for that, you could trick it by renumbering network 192.168.10.0/24 vlan2 to 192.168.13.0/24 vlan2 and then aggregate both networks

192.168.12.0/24 vlan3
192.168.13.0/24 vlan2

to the single IP range 192.168.12.0/23.

Question 2:

Can you describe in more detail what the scenario behind this shall be? Using IP address 1.1.1.2/(unknown mask) for an inside host within inside networks out of the range 192.168.0.0/16 does not make sense to me, even more if it stems from an IP range 1.1.1.0/30 (or shorter prefix length), that is already in use for the router's wan interface.

PT

[FurryNutz]

Any status on this? 

He everyone, I have a two part question about what is apparently a non standard config because I cant seem to find a way to do it.
The Setup
DSR-250 on each end.  static ips

QUESTION 1
site a
192.168.10.0/24 vlan2
192.168.12.0/24 vlan3
site b
192.168.11.0/24 vlan1

I am trying to figure out how to add more than one remote ip range to an IPsec vpn Policy  I have a tunnel established between site b's .11 lan and site a's .10 lan but I also need site b's .11 lan to talk to site a's .12 lan.  While configuring the IPsec policy it only allows you to enter a single subnet

Question 2 
I have a number of static ip addresses 1.1.1.1 is assigned to my wan interface of my router. how can I assign 1.1.1.2 to an host on the inside of my network.  this is usually called a one-to one nat but I don't see any reference to that in the docs or config pages.

Thanks