Solved

Demand Dial Routing

Posted on 2004-04-08
9
277 Views
Last Modified: 2010-04-13
If the format is bad please visit here to read the post and reply back at EE.
http://forums.hexus.net/showthread.php?p=178485#post178485

I am having problems with routing from a client which is connected to a server which uses "Demand Dialing" to gain access to

a specific subnet.

Here is the routing table of the server BEFORE the Demand Dial connection is created:
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric      Additional Information
          0.0.0.0          0.0.0.0    217.34.225.78    217.34.225.75     30      Out onto the internet
         10.0.0.0        255.0.0.0        10.1.0.30      10.1.255.30      1      
         10.1.0.0      255.255.0.0      10.1.255.30      10.1.255.30     20      
      10.1.250.10  255.255.255.255        127.0.0.1        127.0.0.1     50      VPN [IN] STUFF (old connection)
      10.1.255.30  255.255.255.255        127.0.0.1        127.0.0.1     20      Company Network
   10.255.255.255  255.255.255.255      10.1.255.30      10.1.255.30     20      
        127.0.0.0        255.0.0.0        127.0.0.1        127.0.0.1      1
       172.18.0.0      255.255.0.0     172.18.0.200     172.18.0.200     20      
     172.18.0.200  255.255.255.255        127.0.0.1        127.0.0.1     20      RIS Network
   172.18.255.255  255.255.255.255     172.18.0.200     172.18.0.200     20
    217.34.225.72  255.255.255.248    217.34.225.75    217.34.225.75     30
    217.34.225.75  255.255.255.255        127.0.0.1        127.0.0.1     30
   217.34.225.255  255.255.255.255    217.34.225.75    217.34.225.75     30
        224.0.0.0        240.0.0.0      10.1.255.30      10.1.255.30     20
        224.0.0.0        240.0.0.0     172.18.0.200     172.18.0.200     20
        224.0.0.0        240.0.0.0    217.34.225.75    217.34.225.75     30
  255.255.255.255  255.255.255.255      10.1.255.30      10.1.255.30      1
  255.255.255.255  255.255.255.255     172.18.0.200     172.18.0.200      1
  255.255.255.255  255.255.255.255    217.34.225.75    217.34.225.75      1
Default Gateway:     217.34.225.78
===========================================================================

So I have 3 interfaces as you can see, 217 - Internet NIC, 10 - Internal Company network and 172 - Internal RIS network.

Routing a remote access/NAT is setup and everything works fine, 172 can ping 10 network, 10 can access internet, 172 can

access internet. Now the problem is when I setup "Demand Dialing".
Setup:
Demand Dial 192.168.0.0/16 access via VPN 82.152.32.72 PERSISTENT

Now here is new routing table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    217.34.225.78    217.34.225.75     30
         10.0.0.0        255.0.0.0        10.1.0.30      10.1.255.30      1
         10.1.0.0      255.255.0.0      10.1.255.30      10.1.255.30     20
      10.1.250.10  255.255.255.255        127.0.0.1        127.0.0.1     50
      10.1.255.30  255.255.255.255        127.0.0.1        127.0.0.1     20
   10.255.255.255  255.255.255.255      10.1.255.30      10.1.255.30     20
     82.152.32.72  255.255.255.255    217.34.225.78    217.34.225.75     30
        127.0.0.0        255.0.0.0        127.0.0.1        127.0.0.1      1
       172.18.0.0      255.255.0.0     172.18.0.200     172.18.0.200     20
     172.18.0.200  255.255.255.255        127.0.0.1        127.0.0.1     20
   172.18.255.255  255.255.255.255     172.18.0.200     172.18.0.200     20
      192.168.0.0      255.255.0.0          0.0.0.0     192.168.1.17      1
      192.168.0.0      255.255.0.0     192.168.1.19     192.168.1.17      1
     192.168.1.17  255.255.255.255        127.0.0.1        127.0.0.1     50
     192.168.1.19  255.255.255.255     192.168.1.17     192.168.1.17      1
    192.168.1.255  255.255.255.255     192.168.1.17     192.168.1.17     50
    217.34.225.72  255.255.255.248    217.34.225.75    217.34.225.75     30
    217.34.225.75  255.255.255.255        127.0.0.1        127.0.0.1     30
   217.34.225.255  255.255.255.255    217.34.225.75    217.34.225.75     30
        224.0.0.0        240.0.0.0      10.1.255.30      10.1.255.30     20
        224.0.0.0        240.0.0.0     172.18.0.200     172.18.0.200     20
        224.0.0.0        240.0.0.0     192.168.1.17     192.168.1.17     50
        224.0.0.0        240.0.0.0    217.34.225.75    217.34.225.75     30
  255.255.255.255  255.255.255.255      10.1.255.30      10.1.255.30      1
  255.255.255.255  255.255.255.255     172.18.0.200     172.18.0.200      1
  255.255.255.255  255.255.255.255    217.34.225.75    217.34.225.75      1
Default Gateway:     217.34.225.78
===========================================================================

Now the Demand Dial server can ping 192.168.1.1 which is the internal IP of 82.152.32.72
Reply from 192.168.1.1: bytes=32 time=66ms TTL=128
Reply from 192.168.1.1: bytes=32 time=71ms TTL=128
Reply from 192.168.1.1: bytes=32 time=72ms TTL=128
Reply from 192.168.1.1: bytes=32 time=90ms TTL=128

but the clients, for example them on the 10 network cannot.
Tracing route to 192.168.1.1 over a maximum of 30 hops

  1    <1 ms    <1 ms    <1 ms  DC1-2003 [10.1.255.30]
  2     *        *        *     Request timed out.
  3     *        *        *     Request timed out.
  4     *        *        *     Request timed out.
  5     *           ETC

Why not? The clinet can ping everything else. All the following options are turned on on the server:
Routing and Remote access: LAN and demand dial routing
Routing and Remote access: IP: Enable IP Routing
Routing and Remote access: IP: Allow IP based remote access and demand dial connection
Routing and Remote access: IP Routing: General: Demand Dial connection: Enable IP router manager

No filtering is setup anywhere.
What gets me is the fact all other routing works apart from the demand dial up one. All the clients have the server set as

its default gateway and its dns (although dns does not apply here)

thanks if anyone can help
0
Comment
Question by:Rick111
  • 4
  • 3
9 Comments
 
LVL 16

Expert Comment

by:JamesDS
Comment Utility
Rick111

You need a route from your clients to the remote LAN and unless the Demand Dial Router is also your default gateway there will be no route back for the ping traffic

This command should sort it:

ROUTE ADD -P 192.168.0.0 MASK 255.255.0.0 10.1.255.30

I am assuming that your remote LAN is and entire b class address and that the internal NIC on your Demand Dial Router is 10.1.255.30. If i'm wrong then change the numbers to fit your setup.

the -p makes the route addition permanent

Cheers

JamesDS
0
 
LVL 16

Expert Comment

by:JamesDS
Comment Utility
sorry, run the command at your clients, NOT The server!

Cheers

JamesDS
0
 
LVL 3

Author Comment

by:Rick111
Comment Utility
I'm just leaving work now and going for a swift drink, when I get home I'll review your answer and let you know if it has worked (and delete this reply)

cya soon, cheers for your reply
0
 
LVL 3

Author Comment

by:Rick111
Comment Utility
ROUTE ADD -P 192.168.0.0 MASK 255.255.0.0 10.1.255.30
-----------------------------------------
10.1.255.30 is the default gateway of the clients anyway so all traffic gets routed through. The server (10.1.255.30) can ping the 192 network fine (over demand dial), but when the clients (10.1.255.45 for example) ping 192.168.1.1 it gets sent to the gateway 10.1.255.30 but then can't go anywhere, so the routing is screwed somewhere, but other pings work fine. I only have the problem when using demand dial routes.

This is from a 10 client (not server), pinging/tracert a 192. 10.1.255.30 is the gateway
Tracing route to 192.168.1.1 over a maximum of 30 hops

  1    <1 ms    <1 ms    <1 ms  DC1-2003 [10.1.255.30]
  2     *        *        *     Request timed out.


this [IS] from the server
Reply from 192.168.1.1: bytes=32 time=66ms TTL=128
Reply from 192.168.1.1: bytes=32 time=71ms TTL=128
Reply from 192.168.1.1: bytes=32 time=72ms TTL=128
Reply from 192.168.1.1: bytes=32 time=90ms TTL=128



0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 3

Author Comment

by:Rick111
Comment Utility
I've sorted it, it was a biggie, if anyone wants to know how mail me rick1_11@hotmail.com
0
 
LVL 16

Expert Comment

by:JamesDS
Comment Utility
If you sort it yourself, you can go to community support and get refund

You should post the answer here to help others

Cheers
JamesDS
0
 
LVL 3

Author Comment

by:Rick111
Comment Utility
ok here's the solution in short:
After I setup the dial on demand connection for 172 network, setup the static route to my table and set it to dial on request, I had to add the virtual adapter for 172 to the NAT configuration as a public interface connected to the internet with TCP/UPD headers been translated.

The problem was when I was pinging the 172 network, although it was been doing over my internet connection/VPN (which was setup on the 217 NIC), NAT would not pass it to the 172 "virtual adapter" because it had not been added to the NAT configuration.

Hope this help,
Rick111
0
 
LVL 1

Accepted Solution

by:
GhostMod earned 0 total points
Comment Utility
PAQd, 350 points refunded.

GhostMod
Community Support Moderator
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
In this article, you will read about the trends across the human resources departments for the upcoming year. Some of them include improving employee experience, adopting new technologies, using HR software to its full extent, and integrating artifi…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now