Connecting Cisco 831 Router behind the D-Link Router

Discussion in 'Cisco' started by Yajesh Shanker, Mar 25, 2007.

  1. Hi!
    My home network uses D-Link Router providing 192.168.1.x addrress throughout
    our home network. When I connect Cisco 831 Router so that I can be be part
    of our office VPN network, My D-Link address scheme changes to 10.10.x.x.
    I'm not sure why it is doing that.

    My Cisco 831 router is sitting behind D-Link router. The following may
    illustarte the setup:

    Cable Modem----DHCP------->WAN Port on D-Link--------->One of the LAN
    Ports-------192.168.1.x----->Cisco Router

    The Cisco Router does see the 192.168.1.x adress provided by D-Link.

    However, when I disconnect Cisco Router LAN Cable from the D-Link router, I
    am back to 192.168.1.x address throught my home network and obviously
    everything works fine.

    Can one explain the possible cause of this and what should I set/check to
    solve this issue.
    Yajesh Shanker, Mar 25, 2007
    1. Advertisements

  2. Yajesh Shanker

    Trendkill Guest

    Sounds to me like your Cisco router is setup for dhcp and is giving
    out IP addresses to your dlink clients before your dlink can respond.
    At its most basic level, the dlink is a switch, and just had a dhcp
    server built into its software. When a client sends a dhcp request,
    the dlink will forward that request out all LAN ports as it is a
    simple broadcast. Since there are usually no other dhcp servers, the
    dlink's dhcp server request is used and gives out a 192.168.x.x. But,
    and this is not uncommon, the Cisco router is probably receiving the
    request and is configured to give out a 10.x. network range address
    via its own dhcp configuration. You need to look at your cisco
    config......why not just use the cisco router as both your gateway and
    vpn termination? I'm sure your office is using private IP addressing
    anyway, so its not like client traffic will mistakenly go there...and
    if your office is allowing vpns in this scenario, obviously they
    aren't that security conscious.

    Just a guess........
    Trendkill, Mar 25, 2007
    1. Advertisements

  3. Interestingly you touch the exact points that I thought seemed to be

    Understood! Cisco and D-Link having inherent router specific functionality,
    generate an IP Address in the range specfied. i.e. 192,168.1.x and

    What I think is happening, Ciscco is passing that IP to D-Link and
    sometimes D-Link
    turns around and overrides its own generated IP (192.168.1.x) and passes
    along 10.10.10.x
    address within Home Network. Seems like a voodoNetwork setup.

    Having learnt this, it also means if Cisco Router traffic is channeled
    through D-Link Gateway
    address 192,168.1.1. Is this a correct statement?

    Tell me!
    Does htis mean, that home network is exposed to Cisco router while on VPN
    through Cisco

    I think to solve this entire issue it would be ebst to subscribe to 2
    seperate IP addresses and
    segment two networks using NetGear Hub. Network A will service 192.68.1.x
    while Network B
    will service 10.10.10.x devices.

    Yajesh Shanker, Mar 26, 2007
  4. Yajesh Shanker

    Trendkill Guest

    Well, you are confusing layer 2 and layer 3 a bit. IPs are at layer 3
    and are routed, and switches are at layer 2. Your DLINK router is
    both a layer 3 router and a layer 2 switch. The 4 ports on the back
    of it (or however many you have) are switch ports. When a node
    broadcasts for an IP address, it goes into the dlink switch, and the
    dlink software router hears that request and gives the client a
    192.168.x.x address. However, the nature of switches is that
    broadcasts are forwarded out all switch ports since it is a
    broadcast. If you have another dhcp server or router that is plugged
    into a switchport in the same network, that device will also hear the
    request and try to service it. At that point, it comes down to which
    device is faster in servicing the request, in which case it sounds
    like the Cisco is responding first and thus providing a 10.10.10.x ip
    address first.

    That being said, I'm not sure what you are trying to do here. If you
    are desiring to have a permanent VPN tunnel between the Cisco router
    and your office, and have clients behind that router have direct
    access to your work network, then you need to turn off DHCP on the
    interface that goes to DLINK, and turn on DHCP on the internal side of
    the router. However then we get complicated as you would need static
    routes on the dlink to tell it how to get to the new network behind
    the Cisco.

    I think your best bet is to stop using the DLINK as a router and rely
    on your Cisco. To do this, plug your internet connection into your
    Cisco ethernet port and configure as needed (turn off dhcp), turn on
    DHCP on another internal ethernet interface, and run a cable between
    that interface and one of the DLINK's switchports. You will no longer
    be using the dlink's WAN port, and you want to disable dhcp on the
    dlink altogether. At this point you will be using the Cisco router as
    your router, and the dlink as just a switch (if you disable DHCP on
    the dlink and do not use the WAN/Internet Port, it is essentially a
    switch only).

    Personally, this is not complicated but you may want to find some
    local help by someone who has experience. Based on your questions,
    I'm unsure of your experience level, and I'd hate to have you start
    down this path only to realize that its not working and you don't
    understand why or what to fix.
    Trendkill, Mar 27, 2007
  5. I believe I understand exactly what you are saying and certainly comprehend
    the recommendations you make. Certainly as I thought before, between
    two DHCP srevrs running, one is contending with the other.

    Obviously a dotted line picture could be worth a million words

    I assume this means, I create static routes within D-Link for Home Network
    and use
    Cisco default gateway to getb out on the Internet.

    Yajesh Shanker, Mar 27, 2007
  6. Yajesh Shanker

    Trendkill Guest

    Yes, that is correct. Although if you use the second scenario and
    cutoff the DLINK router part, you would not need that as the cisco
    will be your only layer 3 device.
    Trendkill, Mar 27, 2007
  7. Well! I found a good solution, an easy one. Don't get upset now.

    Got my cable company to give me second IP.
    Connected to hub, and split up the networkk that way.

    Avoids all the voodoo stuff.
    Thanks! for your help.
    Yajesh Shanker, Mar 29, 2007
  8. Yajesh Shanker

    Trendkill Guest

    Not mad, even better than what I had proposed! Hopefully they didnt
    charge you!
    Trendkill, Mar 29, 2007
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.