?
Solved

ROUTE ADD problems on 2003 multihomed system.

Posted on 2004-08-24
7
Medium Priority
?
208 Views
Last Modified: 2011-10-03
BACKGROUND:

We needed to connect a 2003 system to another network via VPN.  The VPN network originally had the same IP scheme as the 2003 network (10.0.0.0/24).  Using a NAT device on the VPN network side, we were able to present a different scheme (172.16.254.0/24) to the 2003 side.
The 2003 side now needs to present a different scheme to the VPN side.  We chose 172.16.252.0/24.  We *cannot* install a NAT device on the 2003 side, so we multihomed the 2003 system:  

NIC 0x1 - 10.0.0.2/24, gateway 10.0.0.1
NIC 0x2 - 172.16.252.2/24, no gateway defined

Both are plugged into the same switch.

10.0.0.1 is a firewall with VPN set-up to the 172.16.254.0/24 network.  The VPN is negotiating and passing traffic.

PROBLEM:

I am attempting to route traffic from the 2003 system to the VPN network.  172.16.252.2 -> 172.16.254.3, and vice versa.

Receiving packets on the additional interface is no problem.  It ARPS fine to the firewall and *receives* data all day long.

*Sending* data is the problem.  The default route uses the 10.0.0.2 interface.  Attempting to add a route to use the additional interface for VPN traffic:

ROUTE ADD 172.16.254.0 MASK 255.255.255.0 10.0.0.1 IF 0x2

Gets me:

"The route addition failed: Either the interface index is wrong or the gateway does not lie on the same network as the interface. Check the IP Address Table for the machine."

This is a stumper.  Any ideas folks???

Thanks!!!!!
0
Comment
Question by:rrsarge
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
7 Comments
 
LVL 15

Expert Comment

by:adamdrayer
ID: 11884845
ROUTE ADD 172.16.254.0 MASK 255.255.255.0 10.0.0.1 IF 2

0
 

Author Comment

by:rrsarge
ID: 11884891
Does not work.  No change in the error.
0
 
LVL 15

Expert Comment

by:adamdrayer
ID: 11884948
sorry.  10.0.0.1 is not on the same network as 172.16.252.2.  This will not work.

In my opinion, you should setup a VPN client to handle this.  Also, I don't understand your comment about not setting up NAT on the 2003 side.  You can setup rules to NAT certain addresses and not others and NAT certain ways.  You could setup a system to NAT all traffic destined for the VPN, and not NAT all others.  You must be running some kind of NAT since your using an RF1918 addressing scheme.
0
 
LVL 15

Accepted Solution

by:
adamdrayer earned 500 total points
ID: 11884970
basically, you're gonna need a gateway on the 172.16.252.2/24 network.
0

Featured Post

ATEN's HDBaseT Presentation at InfoComm 2017

Hear ATEN Product Manager YT Liang review HDBaseT technology, highlighting ATEN’s latest solutions as they relate to real-world applications during her presentation at the HDBaseT booth at InfoComm 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Nslookup is a command line driven utility supplied as part of most Windows operating systems that can reveal information related to domain names and the Internet Protocol (IP) addresses associated with them. In simple terms, it is a tool that can …
Downtime reduced, data recovered by utilizing an Experts Exchange Business Account Challenge The United States Marine Corps employs more than 200,000 active-duty Marines with operations in four continents, all requiring complex networking system…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question