Routing is going awry somewhere...

[jbickel]

Following is a simple drawing of the network I have "inherited". Essentially, there is a remote site (192.168.7.0/24) that is connected to the host site (192.168.1.0/24) via MLPPP and routed using EIGRP. Both sites can communicate with each other with no problems.

On the host site, there is a proxy server that sends all the internet traffic to a router on that network that also has a public interface directly connecting to the internet. Machines on the 192.168.1.0/24 network can get out to the internet with or without the proxy server as DHCP gives them 192.168.1.250 as the default gateway.

Machines that are at the remote site cannot connect to the internet without the proxy as DHCP gives them a default gateway of 192.168.7.250. Entering the proxy's address into internet explorer/firefox allows them to browse the internet with no problems. However, machines on the remote site cannot ping web addresses. An attempt to ping such an address (i.e. www.yahoo.com) comes back with...

Pinging any-fp.wa1.b.yahoo.com [209.191.122.70]

Reply from 192.168.7.250: Destination host unreachable. (four times)

So at least I know DNS is resolving the name. Pinging the actual IP address also comes back with Destination host unreachable.

The packets are getting "lost" somewhere. Need to find out where that is...

 

[tkrl26]

Run a "tracert" from command line.

It will show you all the hops and where the point of failure is.

 

[jbickel]

I did that earlier, but was getting the same error. However, after doing it again, the error is a little different. From the remote machine...

tracert www.yahoo.com

1 1ms 1ms 1ms 192.168.7.250
2 192.168.7.250 reports: Destination host unreachable.

Interestingly enough, when I do a traceroute from the remote router...

traceroute www.yahoo.com

Translating "www.yahoo.com"...domain server (192.168.1.12)

% Unrecognized host or address.

Which suggests a DNS issue...

BUT...

If I ping yahoo's IP address from the remote machine, I still get the "unreachable" error.
Pinging yahoo's IP from the remote router times out as well.


SO... I decided to try some stuff from the host router...

It resolves yahoo's IP (from 192.168.1.2), but still can't ping 209.191.122.70...

So that makes it a default-gateway sort of thing as it doesn't know how to get to the internet, right? Since I'm using IP routing for all the remote sites (EIGRP), I can't use "ip default-gateway" on the host router. But the internet router and the host router are both on the 192.168.1.0 network, so I don't think "ip default-network" will work either...

Ugh.... Any ideas?

EDIT: I configured gateways of last resort on the host and remote routers as 0.0.0.0 0.0.0.0 192.168.1.250.

Now when I ping from the remote machine, IP or FQDN for yahoo, instead of unreachable, it times out. Still a failure, but maybe a move in the right direction?