Physical Network Topology
Fault Description
AR2 can visit server via https.AR1 and AR2 learn the route via BGP protocol.
AR2 Can not get access to the private server
Configuration Files
l AR
#
sysname
Router
#
acl number
2000
rule 5
permit
#
interface GigabitEthernet0/0/1
ip address 10.1.1.2
255.255.255.0
#
interface GigabitEthernet0/0/2
ip address 192.168.1.2 255.255.255.0
nat outbound 2000
#
bgp 100
route-id 192.168.1.2
peer 192.168.1.1 as-number 65009
#
ipv4-family unicast
peer 192.168.1.1 enable
#
return
Troubleshooting Procedure
Step 1 Checking whether AR2 can ping AR1:
Step 2 AR2 can’t ping AR1, we should check the routing-table. Check the route is correct or not. If not, we should modify it first. And make sure AR2 can ping AR1, pc can ping AR1.
Step 3 After Pc can ping AR1. Let’s try to visit the website on PC.
Step 4 If the pc can’t visit the website. We should check the nat configuration on AR1. In this scenario, we should configure a nat static/server on AR1.
----End
Root Cause
First, there’s no route from AR1 to AR2, so AR2 can’t ping AR1.
If AR2 want to visit private server, AR1 should do a nat static/server to make the private server visible form AR2.