Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

TCP/IP Routing

Status
Not open for further replies.
JSHoltsIT

JSHoltsIT

IS-IT--Management
Apr 12, 2007
66
US
I have the following two NICs on a monitoring server

Ethernet adapter Local Area Connection 2: (Metric 1)

Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.55.10
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.55.1

Ethernet adapter Local Area Connection: (Metric 2)

Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.1.34
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.254

192.168.55.10 goes out through a firewall/broadband connection and is used to send outbound alerts for monitoring.

192.168.1.34 connects to the trusted LAN. Everything works fine, except VPN connections to the trusted LAN (192.168.21.0). My firewall is passing traffic to 192.168.1.34, but nothing is showing up at .34. Traffic from .34 is not going outbound to the 21.0 subnet.

Here is my routing table on .34. Any advice for routing on the windows box would be greatly appreciated.

IPv4 Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 0c 41 ea 83 85 ...... Linksys NC100 Fast Ethernet Adapter
0x10004 ...00 18 fe 79 02 81 ...... HP NC320i PCIe Gigabit Server Adapter
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.34 2
0.0.0.0 0.0.0.0 192.168.55.1 192.168.55.10 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.34 192.168.1.34 2
192.168.1.34 255.255.255.255 127.0.0.1 127.0.0.1 2
192.168.1.255 255.255.255.255 192.168.1.34 192.168.1.34 2
192.168.2.0 255.255.255.0 192.168.1.34 192.168.1.34 1
192.168.4.0 255.255.255.0 192.168.1.34 192.168.1.34 1
192.168.21.0 255.255.255.255 192.168.1.34 192.168.1.34 1
192.168.55.0 255.255.255.0 192.168.55.10 192.168.55.10 1
192.168.55.10 255.255.255.255 127.0.0.1 127.0.0.1 1
192.168.55.255 255.255.255.255 192.168.55.10 192.168.55.10 1
224.0.0.0 240.0.0.0 192.168.1.34 192.168.1.34 2
224.0.0.0 240.0.0.0 192.168.55.10 192.168.55.10 1
255.255.255.255 255.255.255.255 192.168.1.34 192.168.1.34 1
255.255.255.255 255.255.255.255 192.168.55.10 192.168.55.10 1
Default Gateway: 192.168.55.1
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
192.168.2.0 255.255.255.0 192.168.1.34 1
192.168.4.0 255.255.255.0 192.168.1.34 1
192.168.21.0 255.255.255.255 192.168.1.34 1
 
Sort by date Sort by votes
The routes are there. Is one particular user having problems, or anyone vpn'ing in? What is between the .21 subnet and the .1 subnet? What is the subnet allocated for vpn connections? Are you showing any rogue connections? Is Windows doing the VPN? What firewall device, and what subnet is IT on?

Burt
 
Upvote 0 Downvote
The subnet mask for the .21 subnet is 255.255.255.255

The firewall device is a Watchguard. .21.0 subnet users can see anything in the .1.0 subnet. It's only the machine 1.34 (with the dual nics) that cannot be seen from the vpn connection.

Watchguard is passing traffic through from .21 to .1, I've narrowed it down to a routing issue on the windows server (1.34)

I also have a 192.168.2.0 subnet that VPN users can see.

JS
 
Upvote 0 Downvote
What route add batch file do you have running on the server?

Burt
 
Upvote 0 Downvote
I don't use a batch file, I key in the "route add" commands.

JS
 
Upvote 0 Downvote
route -p ADD 192.168.21.0 MASK 255.255.255.0 192.168.1.34 METRIC 1

 
Upvote 0 Downvote
Ignore the last, this is the route cmd I used for the last persistent route

route -p ADD 192.168.21.0 MASK 255.255.255.255 192.168.1.34 METRIC 1
 
Upvote 0 Downvote
192.168.21.0/32 is a host address, but 192.168.21.0 is a wire (network) address. Try changing the mask back to /24.
Also, I would just make a batch file with that, and you will need a default route...text file

route delete 0.0.0.0
route add 0.0.0.0 mask 0.0.0.0 192.168.1.34
route add 192.168.21.0 mask 255.255.255.0 192.168.1.34
exit

change extension to .bat

Burt
 
Upvote 0 Downvote
Burt:

After I run the .bat file the first time do I need to schedule it to run again? Or is using the .bat file a simple way of writing route commands and then executing?

Thanks

Jason
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

robocat
  • Locked
  • Question
Yet another TCP RST flag problem
Replies
0
Views
537
robocat
robocat
CryptoTuke
  • Locked
  • Question
Maximum buffer size on Winsock for sending one block of data over TCP / IP
Replies
1
Views
758
maybeimaleo
maybeimaleo
jmarkus
  • Locked
  • Question
Can I have a different private IP address which isn't on my router's subnet?
Replies
6
Views
630
sbcsu
sbcsu
Demon Monkey
  • Locked
  • Question
Whitelisting varying IP address?
Replies
2
Views
563
SamBones
SamBones
uuunnniiixxx
  • Locked
  • Question
Fieldbus vs TCP/IP
Replies
2
Views
417
meneerB
meneerB

Part and Inventory Search

Sponsor

Back
Top