ROUTING ISSUE

G

Guest

I'm currently experiencing routing difficulty in my WIN2K
Server box. My box has 3 nic, one is connected to smc
router(internet), and the other two for the two separate
lans. I have RRAS enabled already but for some reason I
can't ping any computer on the other lan and vice versa.
However, I can ping the 3 nic's ip address thats on my
Server box from any lan.
Here's the ip config on my box:
Ethernet adapter LAN1:
IP Address. . . . . . . . . . . . : 192.168.152.10
Subnet Mask . . . . . . . . . . . : 255.255.254.0
Default Gateway . . . . . . . . . :
Ethernet adapter LAN2:
IP Address. . . . . . . . . . . . : 10.0.0.10
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
Ethernet adapter WAN: (goes out to smc router)
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.1.10
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1

And routing config on Server box:
Active Routes:
NetDest Netmask Gateway Interface
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.10
10.0.0.0 255.255.0.0 10.0.0.10 10.0.0.10
10.0.0.10 255.255.255.255127.0.0.1 127.0.0.1
10.255.255.255 255.255.255.25510.0.0.10 10.0.0.10
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1
192.168.1.0 255.255.255.0 192.168.1.10 192.168.1.10
192.168.1.10 255.255.255.255127.0.0.1 127.0.0.1
192.168.1.255 255.255.255.255192.168.1.10 192.168.1.10
192.168.152.0 255.255.254.0 192.168.152.10192.168.152.10
192.168.152.10 255.255.255.255127.0.0.1 127.0.0.1
192.168.152.255255.255.255.255192.168.152.10192.168.152.10
224.0.0.0 224.0.0.0 10.0.0.10 10.0.0.10
224.0.0.0 224.0.0.0 192.168.1.10 192.168.1.10
224.0.0.0 224.0.0.0 192.168.152.10192.168.152.10
255.255.255.255255.255.255.255192.168.152.10192.168.152.10
Default Gateway: 192.168.1.1

EX: LAN1 Client IP:
IP: 192.168.152.54
NM: 255.255.254.0
GW: 192.168.152.10

EX: LAN2 Client IP:
IP: 10.0.0.25
NM: 255.255.0.0
GW: 10.0.0.10

Thanks in advance.
 
H

Herb Martin

I'm currently experiencing routing difficulty in my WIN2K
Server box. My box has 3 nic, one is connected to smc
router(internet), and the other two for the two separate
lans.

Ok, that makes sense.
I have RRAS enabled already but for some reason I
can't ping any computer on the other lan and vice versa.

This is very unclear. Ping from where to where?
However, I can ping the 3 nic's ip address thats on my
Server box from any lan.

Do you have static (explicit manual) routes on the SMC to
allow it to route both to the (default) Internet and to each of
the "hidden" nets behind the RRAS router?
 
G

Guest

-----Original Message-----

Ok, that makes sense.
versa.

This is very unclear. Ping from where to where?
I tried to ping computer from one segment to another
segment of the lan and vice versa but unable to. For ex.
client pc from lan1 can't ping client pc on lan2 and vice
versa but both clients can ping the 3 ip addresses of the
server.
 
H

Herb Martin

Did you check the part I gave you about the static routes?

Given your latest response that is almost certainly the problem.

Missing routes.


<----inet--ISProuter---R1-----net1-----R2---net2

R1 and machines on net1 cannot reach net2 if all default router settings
on net1 point to R1 and it uses ISProuter as its default gateway.

Teach (at least) R1 about using R2 to reach net2 with the equivalent of
the static route command (use RRAS or NetSh is better):

route add net2.ip.addr.ess MASK what.ever.mask.0
R2.left.IP.address
 
G

Guest

Hi there

I am facing the same problem. The setup is as such.

net2
l
l
l
l
l
NIC2
Internet -----ISPRouter---net1----NIC1(WIN2K)

The win2K was added recently to create another lan.

i have added 2 persistant route but net 1 hosts is not
able to contact net 2 hosts, and vice versa.

The static route are as such

route add net1.network.adress mask 255.255.255.0
nic1.ipaddress metric 1

route add net2.network.address mask 255.255.255.0
nic2.ipaddress metric 1
 
H

Herb Martin

See below....

--
Herb Martin
I am facing the same problem. The setup is as such.

nic5
net2
l
l
l
l
l
NIC2
Internet -----ISPRouter---net1----NIC1(WIN2K) Nic4---NET3????

The static route are as such
route add net1.network.adress mask 255.255.255.0
nic1.ipaddress metric 1

You do this on ISPRouter and the above is UNNECESSARY since
ISPRouter is directly connected to Net1 -- you only need it for Net2
or net3
route add net2.network.address mask 255.255.255.0
nic2.ipaddress metric 1

If you added this on ISPRouter, and substituted the proper addresses
(in the above command) then it will work -- makes sure Nic1 and Nic2
are on the ADJACENT side of those routers -- adjacent to ISPRouter.

Go to ISPRouter and do tracert to see where the packets fail/succeed.
 
G

Guest

Finally, it working.. i did as you suggested... to add the
route statement on the ISP router and it is working
perfectly now... cheers...
 
M

marc

Hi

My first problem was resolved both net1 and net 2 and ping
each another.. however.. Net 2 is not able to access the
internet...

How and where should i route them to allow internet access

Thanks
 
H

Herb Martin

Generally the "internal routers" (or edge routers) should use the
router to the Internet (near interface) as their default gateway.

Then you add "specific routes" for any other stub or internal networks.

You can only have ONE default so aim that at the Internet (millions of
address ranges) and use specific manual routes for specific internal
networks.

Always point the routers manual routes at an ADJACENT router,
ADJACENT side NIC, to reach networks "behind" that router.
 
G

Guest

Pls see below.. some doubts on the last 2 portion.

thanks
Marc
-----Original Message-----
Generally the "internal routers" (or edge routers) should use the
router to the Internet (near interface) as their default gateway.

Then you add "specific routes" for any other stub or internal networks.

You can only have ONE default so aim that at the Internet (millions of
address ranges) and use specific manual routes for specific internal
networks.
the picture on where to set the default <<<<<<<<<
Always point the routers manual routes at an ADJACENT router,
ADJACENT side NIC, to reach networks "behind" that router.
on the ISP router to point to the adjacent router (side
NIC ) <<<<<<<<<<<<<<<<<<<
 
H

Herb Martin

You can only have ONE default so aim that at the Internet
(millions of
the picture on where to set the default <<<<<<<<<

on the ISP router to point to the adjacent router (side
NIC ) <<<<<<<<<<<<<<<<<<<

YES, the router cannot (usually be depended on to) see the BACK
side of another router.

<----Inet----1aRtrA2a-----2bRtrB3b-- net3

On RtrA you tell it about net3 by giving the address of RtrB on the
Adjacent side (to A) which is 2b-RtrB (and NOT 3b)

RtrA uses ISP internet router as default. RouterB uses RtrA-2a as default.
 
M

Marc

I have tried add a some static route but it still dont
works.

My current setup is as such, where else should i configure
to allow net3 is access internet.

---Inet----1aRtrA2a------2bRtrB3b---- net3
ISP router Win2k Router

2a --> IP 10.0.0.1
SM 255.255.255.0
Static route added on this ISProuter

S~ 10.0.1.0/ 255.255.255.0 via 10.0.0.2, IF0


2b --> IP 10.0.0.2
SM 255.255.255.0
DG 10.0.0.1


3b --> IP 10.0.1.1
SM 255.255.255.0

Thanks
 
H

Herb Martin

That looks correct.
3b --> IP 10.0.1.1
SM 255.255.255.0

RtrB3b is 10.0.1.1 and the clients all use 10.0.1.x so make THEIR
default gateway 10.0.1.1, right?

Do you understand what we did (or are you doing it by wrote)? If you
understand it, then it is easier to check.

Did you add the Routes in RRAS or with "Route Add"? (both should work,
but RRAS is better over time and they aren't fully integrated.)
I have tried add a some static route but it still dont
works.

What happens? "Doesn't work" is too vague. Tracert, ping, etc.
 
G

Guest

hey everything works now... there is a IP routing feature
for additional subnet on the ADSL router.. after
enabling... net 3 can access the Internet..

Thanks for your advice.. appreciate
 
H

Herb Martin

hey everything works now... there is a IP routing feature
for additional subnet on the ADSL router.. after
enabling... net 3 can access the Internet..

Thanks for your advice.. appreciate

You are welcome -- glad it helped.
 
M

Marc

Just wondering if it is advisable to install ISA 2000
server on this currently win2k router, thanks.
 
H

Herb Martin

Marc said:
Just wondering if it is advisable to install ISA 2000
server on this currently win2k router, thanks.

Works fine for most people -- watch for Service Packs (add them
all first).

I love the IDEA of ISA but have very mixed feelings about it in practice,
due to various problems with this so you might do a backup first (at least a
System
State on the harddrive.)

Also TURN OFF NAT before installing ISA -- none of the documentation
says this until "chapter 5" or some such but ISA does your NATting and
seems to be very unhappy with Win2000 NAT (also doesn't seem to know
exactly how to disable it or warn you.)

(Just taking the NICs out of the NAT protocol should suffice.)

Also suggest you ask this on one of the ISA lists -- there are some people
there who know much more detail than I do.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top