How to reach internal network vlans behind Arris Technicolor TG2472Network resource access control (maybe...
How did the USSR manage to innovate in an environment characterized by government censorship and high bureaucracy?
Do airline pilots ever risk not hearing communication directed to them specifically, from traffic controllers?
Accidentally leaked the solution to an assignment, what to do now? (I'm the prof)
Can an x86 CPU running in real mode be considered to be basically an 8086 CPU?
Why is this code 6.5x slower with optimizations enabled?
Are there any consumables that function as addictive (psychedelic) drugs?
How to type dʒ symbol (IPA) on Mac?
How can the DM most effectively choose 1 out of an odd number of players to be targeted by an attack or effect?
Why was the small council so happy for Tyrion to become the Master of Coin?
Banach space and Hilbert space topology
Circuitry of TV splitters
What would happen to a modern skyscraper if it rains micro blackholes?
How old can references or sources in a thesis be?
Should I join office cleaning event for free?
The use of multiple foreign keys on same column in SQL Server
Can I interfere when another PC is about to be attacked?
A function which translates a sentence to title-case
What do you call something that goes against the spirit of the law, but is legal when interpreting the law to the letter?
Prevent a directory in /tmp from being deleted
XeLaTeX and pdfLaTeX ignore hyphenation
New order #4: World
Download, install and reboot computer at night if needed
What are these boxed doors outside store fronts in New York?
What is the command to reset a PC without deleting any files
How to reach internal network vlans behind Arris Technicolor TG2472
Network resource access control (maybe using VLANs?)How do I add subnets and VLANS into my networkMulticast and broadcast networks and routingRouting/NAT with 2 VLAN on SG500XNetgear GS724Tv4 inter-VLAN routingVLAN - Tagging QueryHow to configure Cisco 3750 for Inter-Vlan CommunicationSetup 2 VLANs with 2 subnets?Netgear ProSafe with Cisco Aironet - Guest VLAN no InternetESXi, VLANs, and pfSense
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}
So I have an Arris Technicolor TG2472 cable modem at home provided by my ISP. The modem has a WAN IP A.A.A.A and an internal IP address of 192.168.0.1 that is for the default-gateway. The modem device also has 4 Ethernet ports. Connected to one of the Ethernet ports I have a Cisco 2911 ISR router, so it's modem port E1 to 2911 g0/0, g0/0 IP = 192.168.0.200. The 2911 port g0/1 is connected as a trunk port to a Cisco 3750 switches g4/0/2 port. This switch defines multiple vlans and the 2911 router provides inter-vlan routing via it's sub-interfaces g0/1.10, g0/1.20 and g0/1.99.
From the router, I am able to successfully ping the cable modems gateway address of 192.168.0.1. However I am not able to ping that same gateway address from any device on one of my vlans, and I am also unable to reach the internet from those devices, although, I am able to ping other devices on the same vlan.
The routing table on my 2911 contains routes to all vlans and also the 192.168.0.1 network. as well as a default route sending traffic to the modems gateway. I believe that my problem comes from the cable mode not having a route back to any of the vlans and being unaware of their existence. So I think that when a device on a vlan sends a ping or a web request that goes across the router into the 192.168.0.0/24 network everything goes fine until, on the return trip, the cable modem sees a packet destined for an address (e.g. 172.16.0.43/24) that belongs to a device on one of the vlans and thinks because this address is not on 192.168.0.0/24 it should send the packet out the WAN link.
This cable modem does not allow me to add a static route (I don't believe that's really a modem feature is it?) and so I am wondering if there is some other device that could be used as a replacement (my service is provided through Coaxial cable from COX cable) or some type of workaround to allow my 2911 to act as the router for both networks
vlan cisco-router
asked 2 days ago
Mox_zMox_z
61
add a comment |
So I have an Arris Technicolor TG2472 cable modem at home provided by my ISP. The modem has a WAN IP A.A.A.A and an internal IP address of 192.168.0.1 that is for the default-gateway. The modem device also has 4 Ethernet ports. Connected to one of the Ethernet ports I have a Cisco 2911 ISR router, so it's modem port E1 to 2911 g0/0, g0/0 IP = 192.168.0.200. The 2911 port g0/1 is connected as a trunk port to a Cisco 3750 switches g4/0/2 port. This switch defines multiple vlans and the 2911 router provides inter-vlan routing via it's sub-interfaces g0/1.10, g0/1.20 and g0/1.99.
From the router, I am able to successfully ping the cable modems gateway address of 192.168.0.1. However I am not able to ping that same gateway address from any device on one of my vlans, and I am also unable to reach the internet from those devices, although, I am able to ping other devices on the same vlan.
The routing table on my 2911 contains routes to all vlans and also the 192.168.0.1 network. as well as a default route sending traffic to the modems gateway. I believe that my problem comes from the cable mode not having a route back to any of the vlans and being unaware of their existence. So I think that when a device on a vlan sends a ping or a web request that goes across the router into the 192.168.0.0/24 network everything goes fine until, on the return trip, the cable modem sees a packet destined for an address (e.g. 172.16.0.43/24) that belongs to a device on one of the vlans and thinks because this address is not on 192.168.0.0/24 it should send the packet out the WAN link.
This cable modem does not allow me to add a static route (I don't believe that's really a modem feature is it?) and so I am wondering if there is some other device that could be used as a replacement (my service is provided through Coaxial cable from COX cable) or some type of workaround to allow my 2911 to act as the router for both networks
vlan cisco-router
asked 2 days ago
Mox_zMox_z
61
add a comment |
So I have an Arris Technicolor TG2472 cable modem at home provided by my ISP. The modem has a WAN IP A.A.A.A and an internal IP address of 192.168.0.1 that is for the default-gateway. The modem device also has 4 Ethernet ports. Connected to one of the Ethernet ports I have a Cisco 2911 ISR router, so it's modem port E1 to 2911 g0/0, g0/0 IP = 192.168.0.200. The 2911 port g0/1 is connected as a trunk port to a Cisco 3750 switches g4/0/2 port. This switch defines multiple vlans and the 2911 router provides inter-vlan routing via it's sub-interfaces g0/1.10, g0/1.20 and g0/1.99.
From the router, I am able to successfully ping the cable modems gateway address of 192.168.0.1. However I am not able to ping that same gateway address from any device on one of my vlans, and I am also unable to reach the internet from those devices, although, I am able to ping other devices on the same vlan.
The routing table on my 2911 contains routes to all vlans and also the 192.168.0.1 network. as well as a default route sending traffic to the modems gateway. I believe that my problem comes from the cable mode not having a route back to any of the vlans and being unaware of their existence. So I think that when a device on a vlan sends a ping or a web request that goes across the router into the 192.168.0.0/24 network everything goes fine until, on the return trip, the cable modem sees a packet destined for an address (e.g. 172.16.0.43/24) that belongs to a device on one of the vlans and thinks because this address is not on 192.168.0.0/24 it should send the packet out the WAN link.
This cable modem does not allow me to add a static route (I don't believe that's really a modem feature is it?) and so I am wondering if there is some other device that could be used as a replacement (my service is provided through Coaxial cable from COX cable) or some type of workaround to allow my 2911 to act as the router for both networks
vlan cisco-router
asked 2 days ago
Mox_zMox_z
61
So I have an Arris Technicolor TG2472 cable modem at home provided by my ISP. The modem has a WAN IP A.A.A.A and an internal IP address of 192.168.0.1 that is for the default-gateway. The modem device also has 4 Ethernet ports. Connected to one of the Ethernet ports I have a Cisco 2911 ISR router, so it's modem port E1 to 2911 g0/0, g0/0 IP = 192.168.0.200. The 2911 port g0/1 is connected as a trunk port to a Cisco 3750 switches g4/0/2 port. This switch defines multiple vlans and the 2911 router provides inter-vlan routing via it's sub-interfaces g0/1.10, g0/1.20 and g0/1.99.
From the router, I am able to successfully ping the cable modems gateway address of 192.168.0.1. However I am not able to ping that same gateway address from any device on one of my vlans, and I am also unable to reach the internet from those devices, although, I am able to ping other devices on the same vlan.
The routing table on my 2911 contains routes to all vlans and also the 192.168.0.1 network. as well as a default route sending traffic to the modems gateway. I believe that my problem comes from the cable mode not having a route back to any of the vlans and being unaware of their existence. So I think that when a device on a vlan sends a ping or a web request that goes across the router into the 192.168.0.0/24 network everything goes fine until, on the return trip, the cable modem sees a packet destined for an address (e.g. 172.16.0.43/24) that belongs to a device on one of the vlans and thinks because this address is not on 192.168.0.0/24 it should send the packet out the WAN link.
This cable modem does not allow me to add a static route (I don't believe that's really a modem feature is it?) and so I am wondering if there is some other device that could be used as a replacement (my service is provided through Coaxial cable from COX cable) or some type of workaround to allow my 2911 to act as the router for both networks
vlan cisco-router
vlan cisco-router
asked 2 days ago
Mox_zMox_z
61
asked 2 days ago
Mox_zMox_z
61
asked 2 days ago
Mox_zMox_z
61
asked 2 days ago
Mox_zMox_z
61
asked 2 days ago
Mox_zMox_z
61
61
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
This cable modem does not allow me to add a static route (I don't believe that's really a modem feature is it?)
Well your "modem" isn't really just a modem either, is it? It has a WAN address and a LAN address ("for the default-gateway"), and you said that your Cisco 2911 even uses it as a gateway – it is therefore a router. (This doesn't stop it from also being a modem, of course.)
That said, if it were only a modem: yes, it's not a modem feature, but it is a host feature, to some extent. (For example, major PC operating systems use a full-featured routing table even when acting as end hosts.) When you connect to the modem for management, it is acting as a host – so it could use a routing table.
I am wondering if there is some other device that could be used as a replacement (my service is provided through Coaxial cable from COX cable)
Cable modems use the standard DOCSIS protocol for the coaxial cable link. COX currently allows using your own modem instead of the ISP-provided one:
- https://www.cox.com/residential/support/cox-certified-cable-modems.html
- https://www.cox.com/residential/support/self-activating-your-new-cox-equipment.html
I am wondering if there is [...] some type of workaround to allow my 2911 to act as the router for both networks
There are several options:
Configure the 2911 to apply SNAT (masquerading) for all traffic to 192.168.0.1. Since the modem will see the client pings as coming from 192.168.0.200 (local to it), it will reply through the correct interface.
If the modem was only acting as a modem and not a router, you could have the inverse relationship, i.e. have the modem use your 2911 as its default gateway.
If the two networks were numbered close to each other (e.g. 192.168.0.0/24 and 192.168.1.0/24), you could configure the modem with a larger subnet mask and use proxy-ARP to make it think the client addresses are local.
answered 2 days ago
grawitygrawity
243k37513570
Configuring NAT overload worked to allow the devices on the vlans to get out and ping the modems gateway address: 192.168.0.1, however I am still not able to reach the internet. Any idea why this could be?
– Mox_z
yesterday
Then you probably need to make SNAT apply more broadly, i.e. to all traffic, not just to the gateway's management address... or, again, look into switching the modem to "modem/bridge" mode so that you only keep one router and one NAT layer, not two.
– grawity
yesterday
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1422007%2fhow-to-reach-internal-network-vlans-behind-arris-technicolor-tg2472%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
This cable modem does not allow me to add a static route (I don't believe that's really a modem feature is it?)
Well your "modem" isn't really just a modem either, is it? It has a WAN address and a LAN address ("for the default-gateway"), and you said that your Cisco 2911 even uses it as a gateway – it is therefore a router. (This doesn't stop it from also being a modem, of course.)
That said, if it were only a modem: yes, it's not a modem feature, but it is a host feature, to some extent. (For example, major PC operating systems use a full-featured routing table even when acting as end hosts.) When you connect to the modem for management, it is acting as a host – so it could use a routing table.
I am wondering if there is some other device that could be used as a replacement (my service is provided through Coaxial cable from COX cable)
Cable modems use the standard DOCSIS protocol for the coaxial cable link. COX currently allows using your own modem instead of the ISP-provided one:
- https://www.cox.com/residential/support/cox-certified-cable-modems.html
- https://www.cox.com/residential/support/self-activating-your-new-cox-equipment.html
I am wondering if there is [...] some type of workaround to allow my 2911 to act as the router for both networks
There are several options:
Configure the 2911 to apply SNAT (masquerading) for all traffic to 192.168.0.1. Since the modem will see the client pings as coming from 192.168.0.200 (local to it), it will reply through the correct interface.
If the modem was only acting as a modem and not a router, you could have the inverse relationship, i.e. have the modem use your 2911 as its default gateway.
If the two networks were numbered close to each other (e.g. 192.168.0.0/24 and 192.168.1.0/24), you could configure the modem with a larger subnet mask and use proxy-ARP to make it think the client addresses are local.
answered 2 days ago
grawitygrawity
243k37513570
Configuring NAT overload worked to allow the devices on the vlans to get out and ping the modems gateway address: 192.168.0.1, however I am still not able to reach the internet. Any idea why this could be?
– Mox_z
yesterday
Then you probably need to make SNAT apply more broadly, i.e. to all traffic, not just to the gateway's management address... or, again, look into switching the modem to "modem/bridge" mode so that you only keep one router and one NAT layer, not two.
– grawity
yesterday
add a comment |
This cable modem does not allow me to add a static route (I don't believe that's really a modem feature is it?)
Well your "modem" isn't really just a modem either, is it? It has a WAN address and a LAN address ("for the default-gateway"), and you said that your Cisco 2911 even uses it as a gateway – it is therefore a router. (This doesn't stop it from also being a modem, of course.)
That said, if it were only a modem: yes, it's not a modem feature, but it is a host feature, to some extent. (For example, major PC operating systems use a full-featured routing table even when acting as end hosts.) When you connect to the modem for management, it is acting as a host – so it could use a routing table.
I am wondering if there is some other device that could be used as a replacement (my service is provided through Coaxial cable from COX cable)
Cable modems use the standard DOCSIS protocol for the coaxial cable link. COX currently allows using your own modem instead of the ISP-provided one:
- https://www.cox.com/residential/support/cox-certified-cable-modems.html
- https://www.cox.com/residential/support/self-activating-your-new-cox-equipment.html
I am wondering if there is [...] some type of workaround to allow my 2911 to act as the router for both networks
There are several options:
Configure the 2911 to apply SNAT (masquerading) for all traffic to 192.168.0.1. Since the modem will see the client pings as coming from 192.168.0.200 (local to it), it will reply through the correct interface.
If the modem was only acting as a modem and not a router, you could have the inverse relationship, i.e. have the modem use your 2911 as its default gateway.
If the two networks were numbered close to each other (e.g. 192.168.0.0/24 and 192.168.1.0/24), you could configure the modem with a larger subnet mask and use proxy-ARP to make it think the client addresses are local.
answered 2 days ago
grawitygrawity
243k37513570
Configuring NAT overload worked to allow the devices on the vlans to get out and ping the modems gateway address: 192.168.0.1, however I am still not able to reach the internet. Any idea why this could be?
– Mox_z
yesterday
Then you probably need to make SNAT apply more broadly, i.e. to all traffic, not just to the gateway's management address... or, again, look into switching the modem to "modem/bridge" mode so that you only keep one router and one NAT layer, not two.
– grawity
yesterday
add a comment |
This cable modem does not allow me to add a static route (I don't believe that's really a modem feature is it?)
Well your "modem" isn't really just a modem either, is it? It has a WAN address and a LAN address ("for the default-gateway"), and you said that your Cisco 2911 even uses it as a gateway – it is therefore a router. (This doesn't stop it from also being a modem, of course.)
That said, if it were only a modem: yes, it's not a modem feature, but it is a host feature, to some extent. (For example, major PC operating systems use a full-featured routing table even when acting as end hosts.) When you connect to the modem for management, it is acting as a host – so it could use a routing table.
I am wondering if there is some other device that could be used as a replacement (my service is provided through Coaxial cable from COX cable)
Cable modems use the standard DOCSIS protocol for the coaxial cable link. COX currently allows using your own modem instead of the ISP-provided one:
- https://www.cox.com/residential/support/cox-certified-cable-modems.html
- https://www.cox.com/residential/support/self-activating-your-new-cox-equipment.html
I am wondering if there is [...] some type of workaround to allow my 2911 to act as the router for both networks
There are several options:
Configure the 2911 to apply SNAT (masquerading) for all traffic to 192.168.0.1. Since the modem will see the client pings as coming from 192.168.0.200 (local to it), it will reply through the correct interface.
If the modem was only acting as a modem and not a router, you could have the inverse relationship, i.e. have the modem use your 2911 as its default gateway.
If the two networks were numbered close to each other (e.g. 192.168.0.0/24 and 192.168.1.0/24), you could configure the modem with a larger subnet mask and use proxy-ARP to make it think the client addresses are local.
answered 2 days ago
grawitygrawity
243k37513570
This cable modem does not allow me to add a static route (I don't believe that's really a modem feature is it?)
Well your "modem" isn't really just a modem either, is it? It has a WAN address and a LAN address ("for the default-gateway"), and you said that your Cisco 2911 even uses it as a gateway – it is therefore a router. (This doesn't stop it from also being a modem, of course.)
That said, if it were only a modem: yes, it's not a modem feature, but it is a host feature, to some extent. (For example, major PC operating systems use a full-featured routing table even when acting as end hosts.) When you connect to the modem for management, it is acting as a host – so it could use a routing table.
I am wondering if there is some other device that could be used as a replacement (my service is provided through Coaxial cable from COX cable)
Cable modems use the standard DOCSIS protocol for the coaxial cable link. COX currently allows using your own modem instead of the ISP-provided one:
- https://www.cox.com/residential/support/cox-certified-cable-modems.html
- https://www.cox.com/residential/support/self-activating-your-new-cox-equipment.html
I am wondering if there is [...] some type of workaround to allow my 2911 to act as the router for both networks
There are several options:
Configure the 2911 to apply SNAT (masquerading) for all traffic to 192.168.0.1. Since the modem will see the client pings as coming from 192.168.0.200 (local to it), it will reply through the correct interface.
If the modem was only acting as a modem and not a router, you could have the inverse relationship, i.e. have the modem use your 2911 as its default gateway.
If the two networks were numbered close to each other (e.g. 192.168.0.0/24 and 192.168.1.0/24), you could configure the modem with a larger subnet mask and use proxy-ARP to make it think the client addresses are local.
answered 2 days ago
grawitygrawity
243k37513570
answered 2 days ago
grawitygrawity
243k37513570
answered 2 days ago
grawitygrawity
243k37513570
answered 2 days ago
grawitygrawity
243k37513570
243k37513570
Configuring NAT overload worked to allow the devices on the vlans to get out and ping the modems gateway address: 192.168.0.1, however I am still not able to reach the internet. Any idea why this could be?
– Mox_z
yesterday
Then you probably need to make SNAT apply more broadly, i.e. to all traffic, not just to the gateway's management address... or, again, look into switching the modem to "modem/bridge" mode so that you only keep one router and one NAT layer, not two.
– grawity
yesterday
add a comment |
Configuring NAT overload worked to allow the devices on the vlans to get out and ping the modems gateway address: 192.168.0.1, however I am still not able to reach the internet. Any idea why this could be?
– Mox_z
yesterday
Then you probably need to make SNAT apply more broadly, i.e. to all traffic, not just to the gateway's management address... or, again, look into switching the modem to "modem/bridge" mode so that you only keep one router and one NAT layer, not two.
– grawity
yesterday
Configuring NAT overload worked to allow the devices on the vlans to get out and ping the modems gateway address: 192.168.0.1, however I am still not able to reach the internet. Any idea why this could be?
– Mox_z
yesterday
Configuring NAT overload worked to allow the devices on the vlans to get out and ping the modems gateway address: 192.168.0.1, however I am still not able to reach the internet. Any idea why this could be?
– Mox_z
yesterday
Then you probably need to make SNAT apply more broadly, i.e. to all traffic, not just to the gateway's management address... or, again, look into switching the modem to "modem/bridge" mode so that you only keep one router and one NAT layer, not two.
– grawity
yesterday
Then you probably need to make SNAT apply more broadly, i.e. to all traffic, not just to the gateway's management address... or, again, look into switching the modem to "modem/bridge" mode so that you only keep one router and one NAT layer, not two.
– grawity
yesterday
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1422007%2fhow-to-reach-internal-network-vlans-behind-arris-technicolor-tg2472%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
