Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

directing local / Intrenet traffic - gateway our add a route? 1

Status
Not open for further replies.
random260

random260

Programmer
Mar 11, 2002
116
US
I have a network that is set up as follows:

In an office in one city is the domain controller/DNS/DHCP server and a couple of other servers. The ip addresses of these servers are 172.16.100.X. I have an office in another city that is connected via a frame. These computers are all addressed as 172.16.110.X (manually configured) and connect through the CSU/DSU/Router at address 172.16.110.1. All access to the Internet (and servers) for this remote office went through the 172.16.110.1. Now the remote office has a high speed internet connection with a firewall, but I need to know how to "split" the connections for this remote office so that INTERNET ONLY goes through the new Internet connection (at 172.16.110.110) while the rest of the traffic (to access the software, domain controller, other servers, etc.) still goes through the frame at 172.16.110.1. Do I need to add (A or MX) records to the new firewall, routes, whatever, or add 2 gateways to the workstations...?

Thanks
 
Sort by date Sort by votes
You don't say what client you're using but in W2K and XP the second gateway would only be used if the primary gateway was not responding. This doesn't fit your need.

The router at 110.1 will need 3 ports. LAN on port1, WAN on port2, HSC on port3. From the LAN port, set 172.16.100.* traffic to the WAN port, all other traffic to the HSC port which forwards to 172.16.110.110 (where I assume a proxy server is running).

There are probably other ways to handle it; this is how I would approach it.
 
Upvote 0 Downvote
Router at 110.1 only has 2 ports. No proxy server, 110.110 is a Linux firewall. Linux firewall has 3 ports if something can be done that way...
 
Upvote 0 Downvote
You will have to have a proxy server. The address range 172.16.0.0 through 172.16.255.255 are private addresses and will not route to the internet.

You will also have DNS issues that will have to be solved.

Linux makes an excellent router as well as a firewall; the two functions are both handled by IPTABLES. That linux firewall could easily replace the router at 110.1. Chances are that linux box is running a proxy server as well.

I would recommend that you hire a consultant to set this up for you.
 
Upvote 0 Downvote
What kind of router? Static routes would do the trick. Also, to get private ip's to route to the internet, the technology to use is called NAT. Isn't the frame costing a lot?
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Zebad
  • Locked
  • Question
TFTP interference from another host (Windows Server , VxWorks Client)
Replies
0
Views
398
Zebad
Zebad
jmarkus
  • Locked
  • Question
Can I have a different private IP address which isn't on my router's subnet?
Replies
6
Views
399
sbcsu
sbcsu
robocat
  • Locked
  • Question
Yet another TCP RST flag problem
Replies
0
Views
335
robocat
robocat
Vedant Gonnade
  • Locked
  • Question
How to send a string (generated by camera) to computer
Replies
0
Views
310
Vedant Gonnade
Vedant Gonnade
Demon Monkey
  • Locked
  • Question
Whitelisting varying IP address?
Replies
2
Views
353
SamBones
SamBones

Part and Inventory Search

Sponsor

Back
Top