How I configure this second NIC to accept telnets from the internet?

[fonso]

This is one new explain about the las message which I have send, about the problem with the 2 NIC who don't accept incoming telnets.
....
I need to accept incoming telnets from the internet, in my SCO system.

Here, you have the map of the installation. Please, visit

http://www.ibiza-at2.com/fonso/nic2.jpg

The router 10.0.0.1 redirect all the incoming calls to the port 23 (telnet) to the 192.168.1.100 IP.

I need to conect from the remote Workstations, to the Openserver.

How I can do this ?.
The two NICs are working well with local telnets. I have configured 1 local worskstation wiht the 192.168.1.2 ip, and conected to it.

I have not do any "route" command.
I don't know anything about the routes. Sorry.

Thank you. Fonso. Spain.

 

[segbanegas]

Firstable I need to know wich router are you using for example. If u are using a efficient network router you can go inside the router and map an static ip address to your internal ip address. in the efficient routers is sys addhostmapping. That is accessing to the reouter via telnet. The othr way is accesing the router via explorer or netscape. Then in the nat you are able to redirect the router ip to redirect to your internal nic.

Saludos.

 

[fonso]

The only I need is how to configure the SCO to accept incoming telnets from the 192.168.1.100 IP (2 NIC).

All the other on the lan are well configured and working. The remote workstations can navigate trougth the internet well, and the router ADSL 10.0.0.1 was alread configured to redirect the incoming calls from the internet to the 192.168.1.100 IP.

The question is how I need to configure in the SCO server to accept the incoming telnets from the 192.168.1.100 IP.
with the local network, the local workstations can connect to the SCO via telnet well ( at the 10.0.0.61 IP).

I don't know how I configure the routes , or any other that I can need to configure in the SCO !.

I have tested with the "route add default 10.0.0.1" , but this don't work. Perhaps I need any "route add ..." ?
I don't know !. Can any one to help me ?

Sorry about my english.

Saludos. Fonso.

 

[Annihilannic]

I've just looked at your network map and noticed that your router is on the 10.0.0.0 network, but the interface connected to it is on 192.168.0.0? Surely they should be on the same network?

I would say configure your router to a 192.168.0 address to keep it separate from your internal 10.0.0 network.

Then route add default 192.168.1.101 (or whatever address you give to your router). Any traffic for the 10.0.0 network shouldn't need a route defined.

I think I've answered this question for you in another forum as well? Annihilannic.

 

[fonso]

I can't change the IP of the router, because the router is doing other services in the same network (1.0.0.0).
The router send the incomings ftp to the 10.0.0.2, and the incomings telnets to the 192.168.1.100.

¿ How I can accept the incoming telnets from the SCO (from the 192.168.1.100) without reconfigure the router ?.Is it possible to do this ?

Gracias, y saludos. Fonso

 

[Wonboodoo]

I looked at your diagram. You've got the 192.168.1.100 NIC connected directly to the ADSL router at 10.0.0.1. This doesn't make sense. Nodes on two different subnets can't communicate with each other unless there is a router between them. My guess is you can't ping the ADSL router from your SCO box (or vice-versa), correct?

Either the ADSL router needs to also have a 192.168 address or you need a router between the SCO box and the ADSL router to bridge the two subnets.

The answer is to change the IP of your ADSL router to be a 192.168 address and make the ADSL router your SCO box's default route.

You are going to have security issues with this configuration. You better prepare yourself to be hacked.

 

[Annihilannic]

Fonso,

So your diagram isn't completely correct, and the router is actually plugged into the same hub?

In that case change the IP address of your second NIC on the SCO system to another address on the 10.0.0.0 network. As Wonbondoo says the security of the setup would be questionable; you would have to make sure your ADSL router was well set up to prevent unwanted incoming connections. Annihilannic.

 

[fonso]

Annihilannic (and company), thank you for your time.

The diagram is completely correct, and the router is plugged into the SCO box, on the second NIC (192.168.1.100), and I can't change the IP of the router.

Perhaps the only I can do is to reconfigure my NIC 2, and change the 192.168.1.100 IP to one IP in the 10.0.0.0 network (for example 10.0.0.99) ?

If I do this modification, it's the same than I connect the Router ADSL directly to the hub ? , or it's more secure to connect it to this second nic with the new ip (10.0.0.99)?

With this configuration the security can be questionable ?

What is the better I can do ?. I can change the configuration of my SCO box only, I can't change any other IP on the network.

Gracias. Fonso.

 

[Annihilannic]

I really don't understand your configuration!

You said 'the router is doing other services in the same network', but it's not even plugged in to that network, and I presume your SCO box isn't acting as a router!

Have you managed to get out on to the internet from your SCO box through the ADSL router? Annihilannic.

 

[fonso]

Finally, all this will be reconfigrated.
Now I'm testing only if the SCO box works well with this new configuration, and the two NIC interfaces :


SCO box NIC 1 : 192.168.1.100
SCO box NIC 2 : 192.168.1.200

Local workstation : 192.168.1.22

I do a telnet from the workstation to 192.168.1.200, and they work welll, but when I do a telnet from the workstation at 192.168.1.100, they don't work. Why ?

The configuration it's like this :
# netstat -nr
Routing tables
Destination Gateway Flags Refs Use Interface
127.0.0.1 127.0.0.1 UH 5 617 lo0
192.168.1 192.168.1.200 UC 1 0 net1
192.168.1.100 127.0.0.1 UGHS 0 0 lo0
192.168.1.200 127.0.0.1 UGHS 1 212 lo0
224 192.168.1.100 UCS 0 0 net0

Perhaps I need any "route add" command that I don't understand ?.

All the hardware are well connected and tested, and don't have any problem in the SCO box hardware configuration (any IRQ conflict, ... ).

You can visit this to understand thay I explained :

http://www.ibiza-at2.com/fonso/nic2-2.jpg

Sorry for my ignorance (in spanish "ignorancia&quot: does mean - Person who don't understand anything !! (I'm).

Gracias y saludos. Fonso.

 

[Annihilannic]

I can't see anything wrong there Fonso. You shouldn't need to add a route because they're all on the same network.

Can you post the output of ifconfig -a as well?

Can you ping 192.168.1.100 from your workstation? Annihilannic.

 

[fonso]

Annilanic, I have news :

With the two cables pluggen from the hub to the SCO box (one at 192.168.1.100, and other at 192.168.1.200) :
the telnet from the workstation to 192.168.1.100 works well.
the telnet from the workstation to 192.168.1.200 works well.

Whit only one cable plugged from the hub to the SCO box (192.168.1.200) :
the telnet from the workstation to 192.168.1.100 NOT work.
the telnet from the workstation to 192.168.1.200 works well.
the ping from the workstation to 192.168.1.100 NOT respond.


Whit only one cable plugged from the hub to the SCO box (192.168.1.100):
the telnet from the workstation to 192.168.1.100 NOT work.
the telnet from the workstation to 192.168.1.200 NOT work.
the ping from the workstation to 192.168.1.100 NOT respond.
the ping from the workstation to 192.168.1.200 NOT respond.

Now, I new test :
I have now only installed in the SCO box the NIC 1 ( 192.168.1.100), the NIC 2 its unplugged from the system :
the telnet from the workstation to 192.168.1.100 works well.

# hwconfig
ethernet 0xe400-0xe41f 10 - addr=00:00:21:cf:e6:d0
fea - - - ADAPTER NOT FOUND

# ifconfig -a
net0: flags=4043<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.100 netmask ffffff00 broadcast 192.168.1.255
perf. params: recv size: 4096; send size: 8192; full-size frames: 1
ether 00:00:21:cf:e6:d0
lo0: flags=4049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 8232
inet 127.0.0.1 netmask ff000000
perf. params: recv size: 57344; send size: 57344; full-size frames: 1
atl0: flags=404a<BROADCAST,LOOPBACK,RUNNING,MULTICAST> mtu 8232
inet 0.0.0.0 netmask ff000000
perf. params: recv size: 4096; send size: 8192; full-size frames: 1

----------------------------------------------
Now, I new test :
I have now only installed in the SCO box the NIC 2 (192.168.1.200 ), the NIC 1 its unplugged from the system. :
the telnet from the workstation ton 192.168.1.200 works well

# hwconfig
ethernet - - - Adapter Not Found
fea 0xe400-0xe41f 10 - type=fea/100M addr=00:02:44:32:EC:A0

# ifconfig -a
net0: flags=4043<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.100 netmask ffffff00 broadcast 192.168.1.255
perf. params: recv size: 4096; send size: 8192; full-size frames: 1
ether 21:0a:21:0a:21:0a
net1: flags=4043<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.200 netmask ffffff00 broadcast 192.168.1.255
perf. params: recv size: 4096; send size: 8192; full-size frames: 1
ether 00:02:44:32:ec:a0
lo0: flags=4049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 8232
inet 127.0.0.1 netmask ff000000
perf. params: recv size: 57344; send size: 57344; full-size frames: 1
atl0: flags=404a<BROADCAST,LOOPBACK,RUNNING,MULTICAST> mtu 8232
inet 0.0.0.0 netmask ff000000
perf. params: recv size: 4096; send size: 8192; full-size frames: 1

Can you help me ?
Saludos. Fonso.

 

[Wonboodoo]

Fonso,

What you are doing is incorrect. There is no reason to have two NICs connected to the same subnet. The problem you are experiencing is probably due to your strange configuration. The reason you can &quot;ping&quot; the 200 address and not 100 is probably because the route to the 192.168.1 subnet is through 200 and not 100.

You need to step back and look at your initial problem because what you are doing now is not going to solve anything.

Just have one NIC (with a 10 address) and forward the port 23 stuff from your router to the SCO box. I assume your DSL router is a firewall (Linksys?) and you can prevent other packets from coming in from the internet to your workstations.

 

[fonso]

Wonboodoo ,

I thank you four your response.

Really I need to solve the first configuration (

http://www.ibiza-at2.com/fonso/nic2.jpg).

Do you know how I can solve this ?.
I need to separe this two networks, the local one, and the other remote, connected via internet to have more security in the local lan.

Have you any suggestion or configuration to do this ?

The router is one SpeedStream, and it is doing other services in the network. I can't change the IP of this device.

I can reconfigure only my SCO box.

Saludos. Fonso.

 

[Wonboodoo]

Is the ADSL router also a firewall? If so why does it need to be separated from the workstations? I thought originally you didn't want internet hackers to have access to the workstations, but if the router is also a firewall you can prevent that from happening without the two NIC solution.

If you really must use this two NIC solution then your issue is that the 192.168 NIC cannot talk directly to the ADSL router because they are on different subnets.
You've got to either put a router between the 192.168 SCO NIC and the ADSL router so they can talk to each other. Or you've got to switch the all the workstations to be on a 192.168 address and switch the SCO NIC addresses.

I'm curious, how is the 2nd NIC connected to the ADSL router? Do you have a 2nd hub? Are they both connected to the the one hub that the workstations are also connected too? Or do you have a cross-over cable?

Are the workstations accessing the internet through the same ADSL router?

 

[fonso]

Wonboodoo ,

I'm going to explain you (if I can, because my english is very bad).


In this lan, they have two server:

The first one is a specialized print server, and receive incoming ftp's from the internet, and who has two nic's. It is a Windows NT 4.0 Server.
I don't know the IP of the second NIC in this server.
It is configured by another technical person.

The second one , it's the SCO box. That I need to configure to accept incoming telnets.

Saludos. Fonso.

 

[fonso]

Please, visit the new map of the installation in this site :

http://www.ibiza-at2.com/fonso/nic2.jpg

Fonso.

 

[Wonboodoo]

fonso,

As mentioned previously your diagram has a fundamental flaw in that a 192.168 address is trying to communicate directly with a 10 address with no router in between. You need to resolve this.

Your English is pretty good but it will probably help to work with the people in your company who know your network & share the same language. You need to sit down with your networking people and probably the guy who configured the NT box (who has done this before). This is a networking issue and not a SCO issue.

 

[Wonboodoo]

fonso,

I have another solution for you. Make the subnet mask of the 10.0.0.61 NIC 255.255.255.228.

Make your second NIC (the one connected to the ADSL router) have IP address of 10.0.0.31 and subnet mask 255.255.255.228. Set the default route to be the ADSL router:
route add default 10.0.0.1

This will make the SCO box think there is two separate networks connected to the SCO box. Those with an IP address above 10.0.0.32 will appear on one network (the workstations) and those with IP addresses below 10.0.0.31 will appear to be on another network (the ADSL router).

 

[Wonboodoo]

Correction that netmask should be 255.255.255.224 (not 228).