Newbie - cannot connect to internet from new subnet

[ChuckCasey]

We run WindowsXP workstations, Windows 2000 server, static ips. We ran out of ip addresses for 192.168.1.x. I built a Windows 2000 server with 2 nics and configured one with a 192.168.1.59 ip mask 255.255.252.0 gateway 192.168.1.161(our firewall). The 2nd nic I configured with 192.168.2.1 mask 255.255.252.0, no gateway. I built 2 workstations, one with 192.168.1.168 mask 255.255.252.0 gw 192.168.1.59 and the other with 192.168.2.2 mask 255.255.252.0 gw 192.168.2.1. I set up routing and remote access on the "router" server. I can ping between both workstations and can ping the firewall from the server and the workstation on 192.168.1, but cannot ping the firewall from 192.168.2.2. I have already changed the mask on the firewall to be 255.255.252.0. Do I need a route statement somewhere to make this happen? Many thanks.

 

[bcastner]

See if these help:

http://support.microsoft.com/defaul...port/kb/articles/q315/2/36.asp&NoWebContent=1

http://support.microsoft.com/default.aspx?scid=kb;en-us;323415

 

[Syty]

NAT statements on the firewall (I assume you are overloading addresses to the internet) relies on permit statements.

Make sure that not only the firewall permits traffic from the .2.x network, but the NAT overload statement is dependant on access lists, check with your firewall administrator and ensure the subnet 192.168.2.X has been added to the access-list permit statment. If it's not, it will not get NATTED to the world correctly. It will be dropped by the access-list

Good Luck.