N
Nicolas Harnois
Hello,
We are experiencing the following issue while trying to use a multi-homed
Windows 2000 Server box as a simple LAN router. In brief, routing works fine
*only* when network clients on any segment have a static route that is
manually added to their routing table.
Herewith the topology of the network:
LAN_2 (10.0.2.0) ---> WIN2K_LAN_ROUTER ---> LAN_1 (10.0.0.0) --->
ISA_SERVER ---> NET
WIN2K_LAN_ROUTER has the following NIC configuration:
NIC1: IP 10.0.0.44
NM 255.255.240.0
GW 10.0.0.1 (Private interface on ISA Server)
NIC2: IP 10.0.2.1
NM 255.255.255.0
GW none
WIN2K_LAN_ROUTER has RRAS enabled as a simple LAN Router (Local area network
routing only).
Since the Private interface on ISA_SERVER is the default gateway for all
machines belonging to LAN_1, the following static route was added in
ISA_SERVER through its RRAS management console:
Interface: Private
Destination: 10.0.2.0
Network Mask: 255.255.255.0
Gateway: 10.0.0.44
Metric: 1
At this point:
ISA_SERVER can ping NIC2 on WIN2K_LAN_ROUTER, which is an indication that
routing is actually happening. However, no other machine on LAN_1 can ping
NIC2 on WIN2K_LAN_ROUTER unless, as I've said previoulsy, the same static
route as above is added to this machine's routing table. Since ISA_SERVER is
the GW for the whole LAN_1 segment and has been configured properly with a
static route to LAN_2, should it not redirect client traffic bound for LAN_2
to WIN2K_LAN_ROUTER?
The opposite is also true. Workstations sitting on LAN_2 cannot ping
machines on LAN_1 unless they all have a static route that looks like this:
Destination: 10.0.0.0
Network Mask: 255.255.255.0
Gateway: 10.0.2.1
However, I should point out that workstations on LAN_2 all have access to
the Internet through ISA_SERVER regardless of whether they have a static
route or not.
So, in short, I guess my question would be the following: why, in this
configuration, do static routes have to be added to all resources on the
networks when their respective default gateways seem to be properly aware of
the different routing segments? And how is it possible that machines on
LAN_2 have access to the Net through LAN_1 (then ISA_SERVER) when they can't
access resources on LAN_1 (unless they have a static route configured)?
Any help would be greatly appreciated.
Thanks...
__nh
We are experiencing the following issue while trying to use a multi-homed
Windows 2000 Server box as a simple LAN router. In brief, routing works fine
*only* when network clients on any segment have a static route that is
manually added to their routing table.
Herewith the topology of the network:
LAN_2 (10.0.2.0) ---> WIN2K_LAN_ROUTER ---> LAN_1 (10.0.0.0) --->
ISA_SERVER ---> NET
WIN2K_LAN_ROUTER has the following NIC configuration:
NIC1: IP 10.0.0.44
NM 255.255.240.0
GW 10.0.0.1 (Private interface on ISA Server)
NIC2: IP 10.0.2.1
NM 255.255.255.0
GW none
WIN2K_LAN_ROUTER has RRAS enabled as a simple LAN Router (Local area network
routing only).
Since the Private interface on ISA_SERVER is the default gateway for all
machines belonging to LAN_1, the following static route was added in
ISA_SERVER through its RRAS management console:
Interface: Private
Destination: 10.0.2.0
Network Mask: 255.255.255.0
Gateway: 10.0.0.44
Metric: 1
At this point:
ISA_SERVER can ping NIC2 on WIN2K_LAN_ROUTER, which is an indication that
routing is actually happening. However, no other machine on LAN_1 can ping
NIC2 on WIN2K_LAN_ROUTER unless, as I've said previoulsy, the same static
route as above is added to this machine's routing table. Since ISA_SERVER is
the GW for the whole LAN_1 segment and has been configured properly with a
static route to LAN_2, should it not redirect client traffic bound for LAN_2
to WIN2K_LAN_ROUTER?
The opposite is also true. Workstations sitting on LAN_2 cannot ping
machines on LAN_1 unless they all have a static route that looks like this:
Destination: 10.0.0.0
Network Mask: 255.255.255.0
Gateway: 10.0.2.1
However, I should point out that workstations on LAN_2 all have access to
the Internet through ISA_SERVER regardless of whether they have a static
route or not.
So, in short, I guess my question would be the following: why, in this
configuration, do static routes have to be added to all resources on the
networks when their respective default gateways seem to be properly aware of
the different routing segments? And how is it possible that machines on
LAN_2 have access to the Net through LAN_1 (then ISA_SERVER) when they can't
access resources on LAN_1 (unless they have a static route configured)?
Any help would be greatly appreciated.
Thanks...
__nh