Solved

Confused!  Accessing other networks

Posted on 2003-10-30
7
294 Views
Last Modified: 2010-04-11
Hi,

I have set-up two floors of a building with two seperate networks.
 Here's a rough outline:

  Floor 5 - Network: 10.8.15.0/255.255.255.0 - Has a router with default gateway set to 192.168.100.193
  Has own router/firewall with IP 10.8.15.1

  Floor 2 - Network: 10.0.0.0/255.0.0.0 - Has a router with default gateway set to 192.168.100.193
  Has own router/firewall with IP 10.0.0.1

Ground floor comm's room contains the main router and firewall, firewall has the IP 192.168.100.193 and is configured with correct router and ip configuration.  Both floors can surf the web ok and recieve e-mails, etc without any problems.

I've set-up a PC in the basement (with IP 192.168.100.1) so that I can administrate the main firewall (192.168.100.193) and routers on the individual floors.  I am not physically at this location so I've set-up VPN on the server to remote dial-in which I can do without any problems.

Anyway, getting to the problem I did (on 192.168.100.1) route add 10.8.15.0 mask 255.255.255.0 192.168.100.193 metric 1 but can't seem to ping or access the router/firewalls on the seperate floors, I have no problem accessing the main firewall on 192.168.100.193.

What am I doing wrong?

Thanks in advance.

P.S hopefully this can be done what losing my remote connection as otherwise I'll have to make a trip out of the office!
0
Comment
Question by:KAbbott
7 Comments
 
LVL 7

Expert Comment

by:NicBrey
Comment Utility
What type of internet connection does the building have??  What type of firewall/routers are used here?? Is your dafault gateway set to 192.168.100.193 ??

You should not have add the route on the PC since the router should handle the routing if your default gateway is configured correctly.

There could also be rules on the firewall(s) that does not allow your address 192.168.100.1 through...
0
 
LVL 1

Expert Comment

by:Kubrik
Comment Utility
Just it can be an error this:

net 10.0.0.0/255.0.0.0 wich include net 10.8.15.0/255.255.255.0

Then, what kind of router on each floor? They would have two network interface, one with lan ip (10.8.15.1) and the others, ip of 192.168.100.x network?

Or every router has an owen internet connection and there is any internet connection sharing?

Try to write a schema of your network.
0
 
LVL 7

Expert Comment

by:NicBrey
Comment Utility
Good point Kubrik...

To make it easy for yourself, keep the subnet masks the same length on both networks.
Change  10.0.0.0  255.0.0.0 to     10.0.0.0  255.255.255.0.
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 35

Expert Comment

by:ShineOn
Comment Utility
How are they connected?   If each floor / network has its own router, what is the route setup for each floor's router, as well as the router attached to the 192.168.100 network in the basement.

How are the PCs set up on each individual floor's network, for default gateway?

It is actually kind of an odd setup you have described.  I can see subnetting between floors, but to have it the way you describe is really unique in my experience.  

At any rate, all of the routers have to talk to each other, and you have to set up some kind of route discovery between them so they all tell each other what is on their network.  The default gateway for the other 2 routers must be the 192.168.100 router.  If your PC in the basement is using the same router as the default gateway as the other 2 routers is, then you should have a route already to the other 2 routers through the 192.168.100 network.

You say you can access the firewall but not the 2 routers on the other floors.  Are you connected to the router in the basement or directly to the firewall?  If you are connected to the 192.168.100 router, and have it as your default gateway, it should be able to present a route to the other 2 routers for you.
0
 
LVL 16

Accepted Solution

by:
SteveJ earned 100 total points
Comment Utility
Kubrik and NicBrey have given you the solution . . . at least given the info you've listed. You shouldn't ever have to put static routes on a PC if your routing network is configured properly -- Im sure there may be exceptions, I just cant think of any . . . at least in a corporate setting.

If this is a Cisco network running EIGRP, I'd say you probably dont have a "no auto-summary" command in your EIGRP configuration.

Good luck.
Steve
0
 
LVL 2

Author Comment

by:KAbbott
Comment Utility
Hi,

Think I maybe should of kept all the floor routers on the same subnet, but this doesn't bother me as I am trying to connect to a router that is on the same subnet as the machine in the ground floor which is 255.255.255.0.

>> What type of internet connection does the building have??  What type of firewall/routers are used here?? Is your dafault gateway set to 192.168.100.193 ??

1MB DSL connection, firewall in ground floor is a Sonicwall Pro 100 connected to lucent cellpipe router, Router/firewall's on floors 2 and 5 are netgear FR114P's configured with IP's 10.8.15.1 (5th floor) and 10.0.0.1 (2nd floor).  Both default gateway's on the routers are point to the firewall in the ground floor (192.168.100.193).

The reason I did this was so that from the sonicwall firewall I regulate bandwidth (via IP) using the rules with the sonicwall firewall.  I've checked the rules on the Sonicwall and theirs non to say that I cannot access these networks.  Maybe I need to take a closer look at this.

0
 
LVL 7

Expert Comment

by:NicBrey
Comment Utility
Your 10.8.15.1 router is connected to the    192.168.100.0 network with an ethernet interface??  What is the IP address of that interface??
Your 10.0.0.0 router is connected to the    192.168.100.0 network with an ethernet interface??  What is the IP address of that interface??

Then you need to configure 2 routes on your 192.168.100.193   box that point to the IP addresses of the above interfaces

example

ip route  10.8.15.0   255.255.255.0    192.168.100.xxx
ip route  10.0.0.0   255.0.0.0    192.168.100.xxx






     
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Before I go to far, let's explain HA (High Availability) and why you should consider it.  High availability is the mechanism used to provide redundancy to any service at the same site and appears as a single service to the users of that service.  As…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now