Solved

Windows 2003 routing - 500 points!

Posted on 2004-08-23
14
245 Views
Last Modified: 2010-04-11
Hi

Can anyone tell me whether it's possible to set up LAN routing between 2 subnets using a Windows 2003 server with a single NIC?

I am setting up a new Windows 2003 PDC for a client and I want to be able to get to the internet via my own network. The client's server is on subnet 192.168.200.0 and my internal network subnet is 192.168.100.0 - my network consists of a single Windows 2003 server (PDC) with a few workstations and a Cisco 837 ADSL router as gateway.

I *think* I need a static route set up from the client's PDC using RRAS but I'm not sure whether this requires two NICs in the box and I don't know how to set this up anyway!

Any thoughts please?

thanks

Rob

0
Comment
Question by:WebAdviser
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 5
  • 2
14 Comments
 
LVL 4

Expert Comment

by:Kooroo
ID: 11872702
If I understand the question correctly, you should be able to add a route with

destination 0.0.0.0 netmask 0.0.0.0 gateway <gateway to your LAN (192.168.100.1?)> interface <whatever your NIC is> after removing the old default route. That way, any IP that is not a member of the 192.168.200.0 network uses your 192.168.100.0 gateway.

I think you may not need to specify another interface with only one nic.

if your could post your routing table from the box, I could probably come up with a better idea of what I'm looking at tho.
0
 

Author Comment

by:WebAdviser
ID: 11873066
Hi

I hope this will help!

Thanks

Rob


(Routing tables below)

===============================================

Routing table for my internal network (192.168.100.0 subnet) with ADSL gateway router:

Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0  192.168.100.100  192.168.100.10       20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
    192.168.100.0    255.255.255.0   192.168.100.10  192.168.100.10       20
   192.168.100.10  255.255.255.255        127.0.0.1       127.0.0.1       20
  192.168.100.255  255.255.255.255   192.168.100.10  192.168.100.10       20
        224.0.0.0        240.0.0.0   192.168.100.10  192.168.100.10       20
  255.255.255.255  255.255.255.255   192.168.100.10  192.168.100.10       1
Default Gateway:   192.168.100.100
===========================================================================
Persistent Routes:
  None




===============================================

Routing Table for new server (192.168.200.0 subnet)

Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0  192.168.200.100    192.168.200.1     20
        127.0.0.0        255.0.0.0        127.0.0.1        127.0.0.1      1
    192.168.200.0    255.255.255.0    192.168.200.1    192.168.200.1     20
    192.168.200.1  255.255.255.255        127.0.0.1        127.0.0.1     20
  192.168.200.255  255.255.255.255    192.168.200.1    192.168.200.1     20
        224.0.0.0        240.0.0.0    192.168.200.1    192.168.200.1     20
  255.255.255.255  255.255.255.255    192.168.200.1    192.168.200.1      1
Default Gateway:   192.168.200.100
===========================================================================
Persistent Routes:
  None

=====================================================


0
 
LVL 4

Expert Comment

by:Kooroo
ID: 11873798
On the new server, do
route CHANGE 0.0.0.0 MASK 0.0.0.0 192.168.100.100

to change back

route CHANGE 0.0.0.0 MASK 0.0.0.0 192.168.200.100

keep in mind this is assuming that the 192.168.100.0 subnet is visible from this box, else you're just gonna get failures.
0
Why Off-Site Backups Are The Only Way To Go

You are probably backing up your data—but how and where? Ransomware is on the rise and there are variants that specifically target backups. Read on to discover why off-site is the way to go.

 

Author Comment

by:WebAdviser
ID: 11873858
Thanks for the suggestion Kooroo.

I ran the command and got this:

C:\Documents and Settings\Fred>route CHANGE 0.0.0.0 MASK 0.0.0.0 192.168.100.100

The route change failed: Either the interface index is wrong or the gateway does not lie on the same network as the interface. Check the IP Address Table for the machine.


Any thoughts?

thanks

Rob
0
 
LVL 4

Expert Comment

by:Kooroo
ID: 11874244
First off, can you ping and tracert 192.168.100.100 ?

If so, I think it's because your subnet mask is 255.255.255.0 and windows is trying to be clever.

you could change your subnet mask to 255.255.0.0 and the command should work. Also tho, you will have to do

route add 192.168.200.0 MASK 255.255.255.0 192.168.200.1 METRIC 20

essentially, the route CHANGE 0.0.0.0 changes the default gateway used for any addresses that haven't been caught by other routing rules (like internet IPs). The route ADD 192.168.200.0 says that before you hit the default gateway, if the destination belongs to the 192.168.200.0 network, use the gateway 192.168.200.1.

0
 

Author Comment

by:WebAdviser
ID: 11874421
Nope sorry that doesn't seem to be working either.

I can't ping or tracert 192.168.100.100 - I've changed the subnet mask and executed the route add and route change commands you suggested.

Sorry....

Rob
0
 
LVL 4

Expert Comment

by:Kooroo
ID: 11875678
is this machine physically connected to your 192.168.100.0 network?

Try to give the machine a 192.168.100.0 network address and ping the gateway. essentially, that one NIC should be connected to both gateways somehow.
0
 
LVL 4

Expert Comment

by:sriwi
ID: 11877763
Try this,

Create a VPN connection from 100.x range to 200.x Range (set up the SBS server as the VPN server, and the client will will dial in through VPN).

Cheers.
0
 

Author Comment

by:WebAdviser
ID: 11878578
Thanks for your comments Kooroo and sriwi...

To answer your points:

- The new machine (192.168.200.1) IS physically connected (directly) to the 192.168.100.0 subnet (my internal network) - I'd like to use RRAS on the new machine to route internet traffic off the new machine through to my gateway at 192.168.100.100 if possible

- Kooroos's comment about "one NIC should be connected to both gateways somehow" I guess is what I'm trying to achieve!

- sriwi comment is an interesting thought... I think it might be better to use the new machine as the VPN client and my internal network as the VPN server (it already acts as a VPN server)

I'll try these and get back to you...

regards

Rob
0
 

Author Comment

by:WebAdviser
ID: 11879891
OK well I've tried the VPN suggestion and the new server can't connect. I'm not quite sure how it could if I couldn't ping the 192.168.100.100 router on the other subnet...

Any further thoughts much appreciated.

thanks

Rob
0
 
LVL 4

Expert Comment

by:Kooroo
ID: 11895112
I'm kinda curious as to why you can't ping the 192.168.100.0 network. Did you change your Netmask to 255.255.0.0?
0
 

Author Comment

by:WebAdviser
ID: 11895448
Yes I changed the netmask as you suggested.

I've found a temp workaround by getting a wireless usb network card into the new server and connecting to the wireless point on my internal network.

Rob
0
 
LVL 4

Accepted Solution

by:
sriwi earned 500 total points
ID: 11898544
I think the most important here to get it working is the routing table on the cisco router,

I am not the expert on cisco, but i would think the following will work:

nat on eth0 to go from 192.168.100.x range to 192.168.200.x, or on the static ip route table on cisco.

This may work because the only pysical connection that have layer 3 function is on the router only, there we need to put it in the router to connect all of these network together.

I hope this help.

Cheers

0
 

Author Comment

by:WebAdviser
ID: 11900016
Thanks sriwi. I'll give this a go....

Rob
0

Featured Post

Turn your laptop into a mobile console!

The CV211 Laptop USB Console Adapter provides a direct Laptop-to-Computer connection for fast and easy remote desktop access with no software to install.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question