Jump to content

Multiple office Sites

Guest
By Guest
in Networking
 Share
Go to solution Solved by Levisallanon,
11 hours ago, Fallen Soul said:

i am thinking of the second options. I am just trying to work out how to configure the routers at the moment to connect to the WAN (internet).

For the example i am just using the 192.168.0.X ip and not sure how to configure the WAN rounter or what IP addresses and how to configure the router to reach the wan router. This stuff i still have not got a 100% understand for and is what is causing my road block. 

 

You want to simulate the WAN as a network with a subnet mask of 0.0.0.0 so every IP could be used there.
Personally I would also use a Serial link if packet tracer supports that, but you probably don't have to worry about that because the modem provided by the ISP will take care of that.
So for your edge routers you want to set up NAT (https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/15-mt/nat-15-mt-book/iadnat-addr-consv.html) to translate the internal IP addresses to 1 public IP address. then in your WAN you want to have them all connected and give them semi random IP addresses just for fun.
Something like
173.25.10.4
189.45.78.2
etc
because they are all in the 0.0.0.0 subnet they can talk to each other, but you need the NAT to go back to the internal addresses.
For fun you could add a virtual pc or router in this domain with the ip address of 8.8.8.8 (this is the google public dns IP) if you know how you could even configure it as a dns server for fun. But mostly it would be usefull to test if you can reach this IP address from all sites.

You won't be able to ping from one office to the other one now because the NAT won't know what to do, so you will now need to set up a VPN or tunnle between the offices and set up routing protocols to learn the different subnets you are using in the offices. You might also need to set up VTP to learn the different vlans but I asume you will configure these manually.

Say for example in the HQ you have 192.168.0.0/24 (you probably want to use a larger subnet later but this is just for the example to make it easier to read)
and in the office 1 you have 192.168.1.0/24
You have to set up the NAT and give them public IP address, say for example
HQ = 123.45.6.7/0
Office 1 = 122.33.4.5/0
If you go onto the edge router of the HQ you will be able to ping to 122.33.4.5 but you won't be able to ping to 192.168.1.1
Same goes for Office 1 you will be able to ping to 123.45.6.7 but not to 192.168.0.1
If you have set up the NAT correctly that is.
After you set up a tunnel of VPN and made sure your routes are set up correctly you should be able to ping 192.168.1.1 from 192.168.0.1

Posted
40 minutes ago, Fallen Soul said:

Hi All, 

I have stated looking at condifuring routers from each office in packet tracer. However, I am unsure how replicate the internet between the 4 branches. 

image.png.fc3eff76ba7857d136ce54edd0aaea91.png

 

If you’re using Meraki gateways, you can set the VPN tunnels either to split traffic between internet bound directly out and local traffic over the VPN OR send all traffic via the VPN routes. 

 

The reason you’d want to do the second is because if you had a web proxy or central WAN management portal; eg Fortinet SecureWAN or the SEP proxy 

Link to post
Share on other sites
Posted

i am thinking of the second options. I am just trying to work out how to configure the routers at the moment to connect to the WAN (internet).

For the example i am just using the 192.168.0.X ip and not sure how to configure the WAN rounter or what IP addresses and how to configure the router to reach the wan router. This stuff i still have not got a 100% understand for and is what is causing my road block. 

 

Link to post
Share on other sites
Posted
  • Solution
11 hours ago, Fallen Soul said:

i am thinking of the second options. I am just trying to work out how to configure the routers at the moment to connect to the WAN (internet).

For the example i am just using the 192.168.0.X ip and not sure how to configure the WAN rounter or what IP addresses and how to configure the router to reach the wan router. This stuff i still have not got a 100% understand for and is what is causing my road block. 

 

You want to simulate the WAN as a network with a subnet mask of 0.0.0.0 so every IP could be used there.
Personally I would also use a Serial link if packet tracer supports that, but you probably don't have to worry about that because the modem provided by the ISP will take care of that.
So for your edge routers you want to set up NAT (https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/15-mt/nat-15-mt-book/iadnat-addr-consv.html) to translate the internal IP addresses to 1 public IP address. then in your WAN you want to have them all connected and give them semi random IP addresses just for fun.
Something like
173.25.10.4
189.45.78.2
etc
because they are all in the 0.0.0.0 subnet they can talk to each other, but you need the NAT to go back to the internal addresses.
For fun you could add a virtual pc or router in this domain with the ip address of 8.8.8.8 (this is the google public dns IP) if you know how you could even configure it as a dns server for fun. But mostly it would be usefull to test if you can reach this IP address from all sites.

You won't be able to ping from one office to the other one now because the NAT won't know what to do, so you will now need to set up a VPN or tunnle between the offices and set up routing protocols to learn the different subnets you are using in the offices. You might also need to set up VTP to learn the different vlans but I asume you will configure these manually.

Say for example in the HQ you have 192.168.0.0/24 (you probably want to use a larger subnet later but this is just for the example to make it easier to read)
and in the office 1 you have 192.168.1.0/24
You have to set up the NAT and give them public IP address, say for example
HQ = 123.45.6.7/0
Office 1 = 122.33.4.5/0
If you go onto the edge router of the HQ you will be able to ping to 122.33.4.5 but you won't be able to ping to 192.168.1.1
Same goes for Office 1 you will be able to ping to 123.45.6.7 but not to 192.168.0.1
If you have set up the NAT correctly that is.
After you set up a tunnel of VPN and made sure your routes are set up correctly you should be able to ping 192.168.1.1 from 192.168.0.1

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Networking

×