Solved

Cannot communicate between 2 machines on different subnets & netmask

Posted on 2002-05-14
6
337 Views
Last Modified: 2010-03-18
Hi,

I have Linux 7.1 using IPChaines and IP_FORWARDING=on.

I have an external network with the following setup:
Cisco router = 192.168.160.225
Windows 2000 = 192.168.160.226
(NetMask = 192.168.160.240)

The above machines are connected to a switch.
I then connected a network cable from the switch into my linux box via (eth3) I configured eth2 as follows:
eth2 IP=192.168.160.227
Netmask = 192.168.160.240

I am able to ping the Windows 2000 machine from the linux box.

However on my Internal network I cannot ping the Windows 2000 machine but of course I can ping eth2.
My internal network is:
eth0: 192.168.66.1
Netmask: 255.255.255.0

My IP address on that network (192.168.66.91), this is the machine I am using to try and ping the Windows 2000 machine.

I also have a direct internet connection and the router for that internet connection is listed as my default gateway.
Default gateway = 192.168.99.201
eth2: 192.168.99.202
Netmask: 255.255.255.248

Please ask if you need any clarification on the above network.

I know it may make my life easier if I use IP Filtering however I do not have the expertise to get that up and going quickly because I am looking for a solution by today.
0
Comment
Question by:MCI_Consultants
6 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 7008428
You've got a routing problem. Right now the machines in the 192.168.160.0/24 network believe that any destinations other than that network should go to the Cisco, which is the default gateway for that network. There are two possible solutions for that. One is to include a static route on the Cisco telling it that the 192.168.66.0/24 network is reachable by the gateway at 192.168.160.227 (Linux's eth2 interface). The other solution is to add a static route to the w2k machine and tell it the same thing. With either of those routes in place you should be able to w2k machine as it'll know (either from it's static route or by a redirect from the Cisco) how to get packets back to the Linux box and thus to a client on the inside of the Linux box.

A possible complication is that you've also got a direct Internet connection via the Linux (presumably via eth1). I can't tell how you've set that up, so I don't know if additional routing is needed on Linux. Fix the routing on the 192.168.160 network and see if you can connect to w2k.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7010389
echo 1 >/proc/sys/net/ipv4/ip_forward
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7017984
Please post output of:

ifconfig -a
netstat -nr
ipchains-save
cat /proc/sys/net/ipv4/ip_forward

Cheers,
-Jon

0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 

Expert Comment

by:CleanupPing
ID: 9078488
MCI_Consultants:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
0
 
LVL 12

Expert Comment

by:paullamhkg
ID: 10004248
No comment has been added lately, so it's time to clean up this TA.
I will leave the following recommendation for this question in the Cleanup topic area:

PAQ - no points refunded

Please leave any comments here within the next seven days.
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

paullamhkg
EE Cleanup Volunteer
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 10034027
PAQed - no points refunded (of 300)

Computer101
E-E Admin
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now