Rookie needing Help - One way Ping?? 1

[sodakotahusker]

I have a friend who has a little home network that was set up by a professional. She installed a Voice over IP router herself and now she is unable to use the printers connected to her main computer from a secondary computer. I am a programmer and have a rudimentary smattering of knowledge about networking so I volunteered to help. When I arrived I was unable to ping either machine from the other. I started playing around with the secondary computer.

One thing I noticed is that the default gateways were different. Should they be the same?

I disabled the ethernet card and enabled it again and voila - I was able to ping the main computer. However I was unable to ping the secondary computer from the main computer. And more importantly - I could not print - or access a file share I set up on the main computer. So something is still messed up.

I disabled the Microsoft firewalls on both computers at one point with no apparent change in behavior.

I reran the networking wizard and made sure the Workgroup name was correct. That did not help.

One thing I don't understand: I opened up the My NetWork Places on the secondary machine and I don't see any the menu on the left that I see on the primary computer (Networking Tasks, Other Places).

Perhaps I need to set up a bridge?

Any suggestions from you gurus?

Thanks in advance!

 

[pansophic]

What are the IP addresses and netmasks of the two computers? Are they in the same broadcast domain?

Is it possible that the VoIP gateway is responding to DHCP broadcast requests? That would explain the differing gateways. Generally, the default gateways should be the same. But you may have to define a static route for the VoIP gateway. If you remove the VoIP gateway from the network does everything clear up?

You may want to change the firewall behavior on both boxes to make sure that they will accept ICMP requests and deliver ICMP replies (for ping) so that you don't have to take the firewalls down to test.


pansophic

 

[sodakotahusker]

One other thing I thought was funny - normally the ip addresses will have the same first 3 values

192.168.15.1 and 192.168.15.2

On her network

192.168.15.102 is the principal computer
192.168.2.102 is the secondary.

255,255,255,0 is the subnet mask.

I am not sure what the broadcast domain is?

In a small peer to peer network like this - should I be using static ip addresses?

 

[pansophic]

DHCP is a safe way to run this network. It allows her to add and remove machines at will.

The broadcast domain is defined by the netmask, which means that the first three octets of the addresses have to match according to the netmask you have provided.

I would really be checking for that second DHCP server. It would appear to be the source of all of your difficulties. Both her broadband router and her VoIP gateway believe that they are the only gateway on the network, and both believe that they are the only DHCP server. It is luck of the draw as far as which DHCP server responds to the request first, but once the lease is established, it is likely to remain until the computer is powered off beyond its lease time. Then it will be a crap shoot again.

To verify this, just remove the VoIP gateway from the network, and power off the secondary computer. Power the secondary computer back on, and it should get an address from the real gateway. You should then be able to show her that the VoIP gateway is the issue.

But the bigger problem is fixing the VoIP gateway problem. Probably the easiest way to do that is to put the two gateways in series, so that the computers can only see one of them.

The better way would be to disable the DHCP server in one of them. The one that you disable the DHCP server on should not be the one that you expect to continue to use as a gateway.


pansophic

 

[sodakotahusker]

Gotcha! According to somethine else I read - the manual that came with the VoIP gateway should have documentation on how to communicate with the device so I can disable DHCP.

I'm curious why you consider DHCP to be a "safe" way to run the network. If she adds a new device with static IP addresses, what additional steps does she have to take to activate that device - other than provide it with a unique address? And what is the danger is that process. The only downside I can see with my limited knowledge is attempted use of a duplicate IP address. And what problem would removing a device cause?
I found an article that warned against DHCP for wireless home networks because of the ability of foreign wireless devices to "plug in" to the network.

Thanks for much for your help!

 

[pansophic]

Removing a device has no impact (as long as that device isn't the gateway).

But adding a device means that she has to get a free IP address, the right netmask, the right gateway address, and DNS server(s). DHCP makes all of this "brainless" because it only has to be correctly configured once, and then every device that is added automatically gets the correct settings.

As far as the wireless issue is concerned, with two minutes on a Windows network, you can collect the IP address range for the wireless network simply by sniffing. Then set an IP address in that range and you are set! If she has wireless, and you are attempting to secure that, there are three settings that should be of interest to you. Turn off SSID broadcasting (reduces your exposure but doesn't make your network invisible). Set MAC address filtering (which makes the DHCP configuration still involve a manual process, adding the MAC address through the web-based GUI instead of manually configuring the IP settings). And most importantly, turn on encryption.

Non-security people often consider disabling DHCP to be an effective security measure, because they don't know how to capture or analyze the information necessary to configure the IP stack. But anyone who has spent any time working with IP will tell you that you can get the entire stack configuration using passive sniffing. Dug Song even wrote a utility called dsniff that will gather the information automatically.


pansophic