Internet access from remote site 1

[visionthing]

I have a corporate and remote site and each has their own router. The corporate router has a T1 to the internet and a frame relay to the remote site. The corporate can access the I-net and the remote can access the corporate site and visa-versa. The remote site cannot access the internet via the corporate router. Here are the routes:

This is allowing access to the I-net and is allowing corp out to the I-net
ip route 0.0.0.0 0.0.0.0 68.x.x.157

This is allowing access from the frame to the corporate firewall and is working
ip route 192.168.6.0 255.255.255.0 192.168.1.1

Is there something that I'm missing as to why the remote site cannot get to the internet?

 

[JOAMON]

However you do it you need to get both lan segments behind the watchguard and then route and nat through it to a T1 internet router. Also consider instead of load balancing two T1 lines check with your ISP and see if they can be bonded together as a miltilink circuit. This way istead of balancing over two T1 lines with a max speed of 1.544 and each with its own seperate ip address you would actually have one virtual circuit with max speed of 3.088 and only on ip address. If one T1 line drops you would not loose connection just half of your speed. I have a 2611 running this and it works great.
I think I would put the 2600 as the internet router because it will not really be doing any nat or firewall functions and is only 10 meg full duplex at best. It will be just for passing traffic. That way you can have fast ethernet on the 3600 for the lan side.

 

[visionthing]

That's a job for Tuesday.

Thanks for your help. I'll let you know.

 

[JOAMON]

I did this up on configmaker....it is rough but may be useful

Internet Router:

! Hostname: Internet2610
! Model: 2611
! ******************************************************************
!
service timestamps debug uptime
service timestamps log uptime
service password-encryption
no service tcp-small-servers
no service udp-small-servers
!
hostname Internet2610
!
enable password test
!
no ip name-server
!
ip subnet-zero
no ip domain-lookup
ip routing
!
interface Ethernet 0/0
no shutdown
description connected to Sonic
ip address 64.1.120.18 255.255.255.248
keepalive 10
!
interface Ethernet 0/1
no description
no ip address
shutdown
!
interface Serial 0/0
no shutdown
description connected to Internet
service-module t1 clock source line
service-module t1 data-coding normal
service-module t1 remote-loopback full
service-module t1 framing esf
service-module t1 linecode b8zs
service-module t1 lbo none
service-module t1 remote-alarm-enable
ip address 64.158.2.22 255.255.255.252
encapsulation ppp
!
router rip
version 2
network 64.0.0.0
passive-interface Serial 0/0
no auto-summary
!
!
ip classless
!
! IP Static Routes
ip route 0.0.0.0 0.0.0.0 Serial 0/0
no ip http server
snmp-server community public RO
no snmp-server location
no snmp-server contact
!
line console 0
exec-timeout 0 0
password test
login
!
line vty 0 4
password test
login
!
end

Connects to Sonic:
Sonic does NAT and Firewalling for both sites:
Sonic Connects to 3640:

! Hostname: Corp3640
! Model: 3640
! ******************************************************************
!
service timestamps debug uptime
service timestamps log uptime
service password-encryption
no service tcp-small-servers
no service udp-small-servers
!
hostname Corp3640
!
enable password test
!
no ip name-server
!
ip subnet-zero
no ip domain-lookup
ip routing
!
interface Ethernet 0/0
no shutdown
description connected to CorpLan
ip address 192.168.1.1 255.255.255.0
no keepalive
!
interface Ethernet 0/1
no shutdown
description connected to Sonic
ip address 64.1.120.17 255.255.255.248
keepalive 10
!
interface Serial 0/0
no shutdown
no description
no ip address
encapsulation frame-relay
frame-relay lmi-type ansi
!
interface Serial 0/0.1 point-to-point
no shutdown
description connected to Remote2610
ip unnumbered Ethernet 0/0
frame-relay interface-dlci 120
!
router rip
version 2
network 192.168.1.0
network 64.0.0.0
no auto-summary
!
!
ip classless
no ip http server
snmp-server community public RO
no snmp-server location
no snmp-server contact
!
line console 0
exec-timeout 0 0
password test
login
!
line vty 0 4
password test
login
!
end

Romote Connects to Corp3640:

Remote Router:

! Hostname: Remote2610
! Model: 2610
! ******************************************************************
!
service timestamps debug uptime
service timestamps log uptime
service password-encryption
no service tcp-small-servers
no service udp-small-servers
!
hostname Remote2610
!
enable password test
!
no ip name-server
!
ip subnet-zero
no ip domain-lookup
ip routing
!
interface Ethernet 0/0
no shutdown
description connected to RemLan
ip address 192.168.6.1 255.255.255.0
no keepalive
!
interface Serial 0/0
no shutdown
no description
no ip address
encapsulation frame-relay
frame-relay lmi-type ansi
!
interface Serial 0/0.1 point-to-point
no shutdown
description connected to Corp3640
ip unnumbered Ethernet 0/0
frame-relay interface-dlci 120
!
router rip
version 2
network 192.168.6.0
no auto-summary
!
!
ip classless
no ip http server
snmp-server community public RO
no snmp-server location
no snmp-server contact
!
line console 0
exec-timeout 0 0
password test
login
!
line vty 0 4
password test
login
!
end