?
Solved

Routing to a computers outside the firewall ?

Posted on 2003-02-25
15
Medium Priority
?
180 Views
Last Modified: 2013-11-16
My computer(192.168.0.7) is behind a firewall,
I setup my network so a WebServer(10.0.0.3) is outside the firewall but inside the DSL router,
For some reason I can't ping the server outside the firewall,
I could once but I don't remember how I did it,
The subnets are the same for inside and outside the firewall 255.255.255.0 ,

Can someone remind me how to get these two computers to see eachother ?

Thanks All!
0
Comment
Question by:Maverick5
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
  • 3
  • +2
15 Comments
 

Expert Comment

by:siliconjunkie
ID: 8023027
The router has to know that the 10.0.0.3 subnet is on the same side of the route. I assume it is a linksys or similar device. If it is you will have to add a route to tell it how to get there.
0
 

Author Comment

by:Maverick5
ID: 8023498
Do I add the route to the DSL router?
because I already add the route to the Firewall and it didn't do any good...
0
 

Author Comment

by:Maverick5
ID: 8023526
From my machine(192.168.0.7) I can get to the Internet,
but I can't ping the DSL router either...
My gateway is the firewall(192.168.0.1),
the firewall's gateway is the DSL Router...
0
Four New Appliances. Same Industry-leading Speeds.

But don't take it from us.  The Firebox M370 is Miercom tested and Miercom approved, outperforming its competitors for stateless and stateful traffic throughput scenarios.  Learn more about the M370, M470, M570 and M670 and find the right solution for your organization today!

 

Expert Comment

by:siliconjunkie
ID: 8023659
Ok, you have a firewall between you and a dsl router. and the webserver is on the other side of the firewall but behind the DSL router?

What kind of firewall is it? Can it ping the webserver? Can the webserver ping the DSL router? Can the webserver ping the firewall (check logs if it doesnt reply)? Just trying to get a visual of what you are working with.
0
 

Author Comment

by:Maverick5
ID: 8024652
SJ,

?1 NetGear
?2 No
?3 Yes
?4 No
Log shows no pings

Cool thanks...
0
 
LVL 3

Expert Comment

by:DanR
ID: 8028088
What message do you get when the Web server tries to ping the firewall?  What is the IP address of the external interface on the firewall?  What is the default gateway for the Web server?
0
 

Author Comment

by:Maverick5
ID: 8028945
DR,

?1 Request timed out.
?2 10.0.0.45
?3 10.0.0.1

Thanks
0
 
LVL 3

Expert Comment

by:DanR
ID: 8035720
What's the default gateway for the Web server?
0
 

Author Comment

by:Maverick5
ID: 8039587
I answered that just above...
0
 

Expert Comment

by:siliconjunkie
ID: 8039893
Ok, I'm going to try a diagram here to make sure we are all on the same page.

client 192.168.0.7
webserver 10.0.0.3
firewall ?192.168.0.1? and 10.0.0.45 <clarify this pls
dsl router ? and ?  (i assume 10.0.0.1 and something from your ISP)

client ---------->firewall--------->DSL Router
                              |
                          webserver

From the client PC can you ping the firewall and the DSL router or get to the net on the other side of the router.

Other than ping can you access the webserver with browser etc? Is the netgear "firewall" a simple NAT router? Model # on it?
0
 

Author Comment

by:Maverick5
ID: 8040475
That's a good idea; I'll try to diagram it,

client(192.168.0.7)<---->(192.168.0.1)Firewall(10.0.0.45)<--------WebServer(10.0.0.3)--------->(10.0.0.1)Router(ISP_DHCP)

Client can see the Internet, but can't ping 10.0.0.1 or 10.0.0.3

Thanks Guys....
0
 

Expert Comment

by:siliconjunkie
ID: 8040582
From the client if you try to goto http://10.0.0.3 or are you trying by name? What happens? Are there any other services on that box you can try to connect to? SSH, telnet, terminal services? It doesnt sound like the firewall is blocking outbound ports and shouldnt need a route to get there since its local to him. Does the firewall have any rules regarding ICMP?
0
 
LVL 3

Expert Comment

by:DanR
ID: 8041098
Here's what I think is happening.  You send a packet from your client to the Web server.  Your Web server responds.  Since the client is on a different subnet, it sends its response to the DSL router (its default gateway).  The DSL router sees that the packet is for a non-routable IP address directly connected to it, and discards it.  Can you set up a packet capture on the Web server to verify that the pings are reaching it?  Can your DSL router log packets it drops as unroutable.

Some possible solutions:
1) Do either your DSL router or firewall allow you to name a DMZ port or address?  (If you can give make and model, we can look that up online.)
2) You could make 10.0.0.45 the default gateway for the Web server, but then it will probably become unavailable to the Internet, which I'm assuming you don't want.
3) Put your Web server inside your firewall, then configure the firewall to forward all packets coming to port 80 to the Web server (look in the documentation for setting up a "virtual server").

Now why doesn't the router respond to pings from the client?  Siliconjunkie's idea of the firewall preventing ICMP packets is the most likely, but could it be that the router is set not to respond to pings?
0
 

Expert Comment

by:CleanupPing
ID: 9153379
Maverick5:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
0
 

Accepted Solution

by:
SpazMODic earned 0 total points
ID: 9806717
PAQed - no points refunded (of 25)

SpazMODic
EE Moderator
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Suggested Courses
Course of the Month13 days, 19 hours left to enroll

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question