Go Premium for a chance to win a PS4. Enter to Win


Network doesn't see its own network

Posted on 2000-04-17
Medium Priority
Last Modified: 2010-04-17
I have setup a router and XYZ company's 128Kbps Frame Relay line at my office. (I will call this frame relay service company XYZ to explain) I also setup a web server and connected to the router.  I have been using the line quite a while without any problem. I can access outside and from the out side, I can access the router and the web server.  And recently I noticed a very serious problem.

From any where else, I can access the web server without any problem.  However, when I use the same company(XYZ) DSL or phone dial-up service to get on to the Internet and type the web server address, it cannot find the web server.

I can telnet to the router, but I cannot access the web server from any network of XYZ.  I cannot even ping to the web server if I am on the XYZ network through DSL or dial-up line.

Is this something about the router table on the router or the web server?

Here is the current information on the router
Destination        Gateway         IF       Flg   Pref Met     Use     Age     wan5     SG       0   1   59524  286710     wan5     rGPT    60   1       0   69016     wan5     rPT     60   1      68   69016     wan5     *SP    120   7       3  286710    -               ie0      C        0   0    2537  286710  -               ie0      C        0   0   61061  286710  -               local    CP       0   0   15254  286710        -               bh0      CP       0   0       0  286710       -               local    CP       0   0       0  286710       -               rj0      CP       0   0       0  286710     wan5     SGP    120   7       0  286710     wan5     SGP    120   7       0  286710        -               mcast    CP       0   0       0  286710       -               bh0      CP       0   0       0  286711       -               bh0      CP       0   0       0  286711       -               local    CP       0   0       0  286711 -               ie0      CP       0   0    7922  286711
Information on the webserver
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface  *      UH    0      0        0 eth0       *            U     0      0        0 lo        *            U     0      0        0 eth0
default         UG    0      0        0 eth0
Numbers are slightly modified, but best represent the configuration.                                                                                                              

So to sum up the long story, it is basically that within the LAN, I can access the web server. From out side, I can access the web server except from the own company's Internet service.

Any help is greatly appreciated.
Question by:yjh123

Expert Comment

ID: 2726037
the company(XYZ) did not gave you the facility to connect to your router or server through dial-up line or dsl,so you can only connect through the frame relay connection (whatever it is (leased-line) maybe). so go back to your provider and ask him if their system can accept other connection type to get to your router or server,so check their system's ability for that.

Author Comment

ID: 2727596
Here is the situation.

We setup a frame relay line and we have a web server connected to the router.  This line is from one of two major ISP companies in the nation.

Everyone can ping the web server and browse the contents on the server fine.

Only problem is that if you are connected to the Internet via this company's own network (e.g., dial-up or DSL subscribers, or anything), you cannot get to this web server.

So the situation is that if you are on your own network (other than LAN), you can not access the router.


Expert Comment

ID: 2728600
Ok. Is your web server on your end of the Leased Line, or over at the ISP's office?

Can you do it the other way around? Can you connect via dial-up, and ping your dial-up connection from the Web server?

Do you have any type of security system running, either on your net or on the ISP's end? (Firewall, NAT, etc...)

What type of router is it on your end? (Just so I know what type of info I can ask.)



Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Expert Comment

ID: 2728931
It may be that your provider has an erroneous route somewhere that doesn't affect traffic from outside, but does inside. When you are dialed up, try tracerouting to your webserver and see where it dies. This will at least give you an idea of what is happening internally. Also, try doing a traceroute from outside their network and compare the two.


Expert Comment

ID: 2728987
What kind of router is this?

Try pinging the web server from the interface that your web traffic comes from . (specific ping)

Also, make sure that your web server has the correct subnet mask /28. This can cause nodes to be unreachable from certain router interfaces.



Author Comment

ID: 2729032
It's Lucent Superpipe 155.

The other way around works fine.

I verified the IP address and mask...


Expert Comment

ID: 2729251
The funny thing is this:

If you can do it the other way around, meaning you can ping the Dial-up connection from your web server, you have all your routes correctly configured. (Since when the "echo reply" packets need to get to your web server, the route is found), it works)

Is it possible that you have some type of access list, either locally on your router or on the ISP's router, filtering out some types of inbound packets?

This is my best guess right now.



Expert Comment

ID: 2790350
Any feedback?

Accepted Solution

snkhad earned 400 total points
ID: 2896802
You can access the web server from
within the LAN as well as from a third
party network but not from your own
network via the DSL or dialup link.

This means either the connecting
address or the responding address is
being recognized as one assigned to the
internal LAN and being deliberately
dropped as a forged attack packet since
it is seen coming from the WAN

Check any firewall configuration and
VPN setup at both the frame relay link
and the DSL/dialup link.

If you really want to do this, you
could implement NAT at one or both
sides and use the public address(es)
when connecting the long way round.

Featured Post

Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It happens many times that access list (ACL) have to be applied to outgoing router interface in order to limit some traffic.This article is about how to test ACL from the router which is not very intuitive for everyone. Below scenario shows simple s…
This article is a guide to configure bridging on Cisco Routers.  This is something I never knew was possible until after making a few phone calls to Cisco.  Using bridging saved our company money by not requiring us to purchase a new switch.  Bridgi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question