Current Update - End to End Solution

For a week to date, i've been trying to figure out how to make connectivity from the HQ's internal network to the Remote site's internal network. With Mark's help, we were able to troubleshoot and find a few loop holes that prevents end to end connectivity. A pool of addresses were created for both internal networks (172.16.1.0/24 - HQ and 172.16.2.0/24 - REMOTE) and given the Public pool distribution by the TELCO Provider (209.165.200.224 for remote and 209.165.100.224 for HQ) respectively. Dynamic NAT translation was configured for the 2 pools and with a given internal ip address from each end, a static NAT was also configured to provide end to end translation and provide entry to each respective internal network via the ISP or TELCO Provider.

With abit of complications met, a few troubleshooting methods were introduced - shoot from the hip and follow the path method were used in this case given the following show commands:

- show ip route, show nat translations, show nat statistics and traceroute.

The traceroute command show potential problem within the internal network that prevents end to end connectivity. Disabling the PC firewall enable the ICMP packets to be received.

Given below are the connectivity test results in TCL script form.

HQ to REMOTE

foreach address {

209.165.100.2

209.165.100.1

10.10.10.1

10.10.10.2

10.10.20.1

10.10.20.2

209.165.200.1

209.165.200.2

209.165.200.225

} {

ping $address 

}

RESULTS

CE-HQ#tclsh

CE-HQ(tcl)#foreach address {

+>172.16.1.1

+>209.165.100.2

+>209.165.100.1

+>10.10.10.1

+>10.10.10.2

+>10.10.20.1

+>10.10.20.2

+>209.165.200.1

+>209.165.200.2

+>209.165.200.225

+>} {

+>ping $address

+>}

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 209.165.100.2, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 28/30/36 ms

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 209.165.100.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.10.10.2, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.10.20.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 40/42/44 ms

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.10.20.2, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 209.165.200.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 40/44/48 ms

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 209.165.200.2, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 56/57/60 ms

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 209.165.200.225, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 56/56/60 ms

CE-HQ(tcl)#

The next phase is to implement MPLS into this network and see if it is capable of handling MPLS traffic.