Home | Site Map | How To | Windows Vista | Case Studies | Articles | Forums | Services | Donations | Careers | About Us | Contact Us|
Web ChicagoTech
 

 

Cannot access other subnet using Windows as router

Q1: I'm trying to divide a LAN into two segments to relieve congestion:
192.168.1.0/24  and 192.168.2.0/24.

I've set up RRAS on a dual-homed Win2k3 member server and installed
the LAN Routing service and RIP, NAT and DHCP relaying protocols on both
 interfaces. I can ping both NICs from hosts on each segment, but I reach hosts across the segments.  Any assistance will be greatly appreciated.
Here's the NIC configuration on the router:

NIC #1

IP: 192.168.1.1
SNM: 255.255.255.0
DG: 192.168.1.203 (internet router)

NIC #2
IP: 192.168.2.1
SNM: 255.255.255.0
DG: None
-------------------------------------------------------
Here's the static route configuration in RRAS:

 Interface 1

Destination: 192.168.2.0
Network Mask: 255.255.255.0
Gateway: 192.168.2.1

Interface 2
Destination: 192.168.1.0
Network Mask: 255.255.255.0
Gateway: 192.168.1.1

A1: Posting the routing table here may help.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
 http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
 http://www.HowToNetworking.com

Q2: Thanks.  The IPs are 192.168.1.205 and 192.168.2.1.  Here's the routing table:
>
>       Destination Network mask Gateway Interface Metric Protocol
>       0.0.0.0 0.0.0.0 192.168.1.203 Local Area Connection 2 20
> Network management
>       127.0.0.0 255.0.0.0 127.0.0.1 Loopback 1 Local
>       127.0.0.1 255.255.255.255 127.0.0.1 Loopback 1 Local
>       192.168.1.0 255.255.255.0 192.168.1.205 Local Area Connection 2
> 20 Local
>       192.168.1.205 255.255.255.255 127.0.0.1 Loopback 20 Local
>       192.168.1.255 255.255.255.255 192.168.1.205 Local Area
> Connection 2 20 Local
>       192.168.2.0 255.255.255.0 192.168.2.1 Local Area Connection 3
> 20 Local
>       192.168.2.1 255.255.255.255 127.0.0.1 Loopback 20 Local
>       192.168.2.255 255.255.255.255 192.168.2.1 Local Area Connection
> 3 20 Local
>       224.0.0.0 240.0.0.0 192.168.2.1 Local Area Connection 3 20 Local
>       224.0.0.0 240.0.0.0 192.168.1.205 Local Area Connection 2 20
> Local
>       255.255.255.255 255.255.255.255 192.168.2.1 Local Area
> Connection 3 1 Local
>       255.255.255.255 255.255.255.255 192.168.1.205 Local Area
> Connection 2 1 Local
>
>
> I really need to take the time to read thoroughly about routing, but
> if you can give suggestions to fix this simple scenario I'd love to
> get the network segmented sooner rather than later.

A2: It is really a matter of knowing what you want to do. To route between
two subnets, all you need to do is enable IP routing on the router. In RRAS
that means enabling LAN routing. You certainly don't need NAT or RIP.

    If there was no other network involved, you simply make the router the
default gateway for both segments. Traffic for the "other" segment goes to
the router, which delivers it in the other segment.   eg

    192.168.1.x            dg   192.168.1.1
            |
    192.168.1.1            dg    blank
        router
    192.168.2.1            dg    blank
            |
    192.168.2.x            dg    192.168.2.1

    I presume you have a NAT router somewhere and you want both subnets to
use that for Internet access as well as routing between the subnets. That is
pretty straight forward as long as you can add a route to your NAT router.
This is important because this router needs to know where your new subnet is
and how to reach it.

    The segmented network would look like this. (Pretty much what you had
done).

    Internet
        |
    public IP
    NAT router
    192.168.1.203
        |
    workstations
    192.168.1.x        dg    192.168.1.203
        |
    192.168.1.1        dg    192.168.1.203
      RRAS router
    192.168.2.1        dg     blank
        |
    192.168.2.x        dg    192.168.2.1

    The vital bit to make it work is a static route on the NAT router.

    192.168.2.0        255.255.255.0    192.168.1.1

    Without that route, the 192.168.2.0 network clients can't get to the
machines in the other subnet or to the Internet. If you enable NAT on the
RRAS router, clients in the 192.168.1.0 subnet can't get to machines in the
other subnet (because they are on the wrong side of a NAT router). The setup
which works is just LAN routing on the RRAS router and a static route on the
Internet router to direct traffic for the new subnet to the internal router.
This route also "bounces" traffic from the 192.168.1.0 to the 192.168.2.0
subnet. (ie traffic from a client in 192.168.1.0 going to a client in
192.168.2.0 . It goes to the Internet router by default and is redirected by
the static route to the RRAS router).

Related Topics

Routng how to

For example, the Generic Routing Encapsulation (GRE) IP protocol (protocol number 47) is ... Right-click the server for which you want to enable routing, ...
www.howtonetworking.com/Networking/routing.htm

routing in internetwork

Routing in an Internetwork 1/3. In this example, there are three networks and two routers. Note: Windows server as router. ...
www.howtonetworking.com/Networking/multiplerouters1.htm

internetworking routing

Q: Internetworking Routing. Hello, need your help on this one, please. Setting: Network A: 192.168.1.0 mask 255.255.255.0 Win2k VPN Server A is: 192.168.1.5 ...
www.chicagotech.net/Q&A/vpn18.htm

Routing

3) Also rather than adding static routes, you could configure the 2 routers to dynamically learn each others routes via a routing protocol like RIP or OSPF. ...
www.chicagotech.net/routing.htm

 

 

 

 

  This web is provided "AS IS" with no warranties.
Copyright © 2002-2007 ChicagoTech.net, All rights reserved. Unauthorized reproduction forbidden.