bazoz
asked on
Private links routing in SBS2003
Two servers, Two ADSL connections
Have two servers (SBS2003 with ISA and 2003 Terminal Server) One ADSL for internet connection and the other ADSL is a private link to remote offices.
This is how I have it setup:
Remote workstations 192.168.1.101 (gateway 192.168.1.1)
|
Private links remote ADSL 192.168.1.1
|
ISP
|
Private links head office ADSL 192.168.16.1 (no gateway)
|
Switch
/ \
/ \___ Terminal Server 192.168.16.3 (gateway 192.168.16.2)
/
1st NIC in SBS2003 192.168.16.2 (no gateway)
ISA
2nd NIC in SBS2003 192.168.0.3 (gateway 192.168.0.1)
|
Internet ADSL 192.168.0.1
|
Now for the problem.
If I remove the SBS2003 box everything works as it should. Remote workstations can terminal server in to head office and I can remote administer the workstations.
Add the SBS2003 back in, it all falls over.
If I do a tracert from 192.168.16.3 (TS) to 192.168.1.101 it goes straight to 192.168.16.2 (SBS) first hop and that’s it.
As I see it, I need to add some routing to the SBS2003 box to send any packets destined for 192.168.1.101 back to 192.168.16.1 but have no idea how to do this.
Maybe it's an ISA issue, just don't know.
Regards
Bazoz
Have two servers (SBS2003 with ISA and 2003 Terminal Server) One ADSL for internet connection and the other ADSL is a private link to remote offices.
This is how I have it setup:
Remote workstations 192.168.1.101 (gateway 192.168.1.1)
|
Private links remote ADSL 192.168.1.1
|
ISP
|
Private links head office ADSL 192.168.16.1 (no gateway)
|
Switch
/ \
/ \___ Terminal Server 192.168.16.3 (gateway 192.168.16.2)
/
1st NIC in SBS2003 192.168.16.2 (no gateway)
ISA
2nd NIC in SBS2003 192.168.0.3 (gateway 192.168.0.1)
|
Internet ADSL 192.168.0.1
|
Now for the problem.
If I remove the SBS2003 box everything works as it should. Remote workstations can terminal server in to head office and I can remote administer the workstations.
Add the SBS2003 back in, it all falls over.
If I do a tracert from 192.168.16.3 (TS) to 192.168.1.101 it goes straight to 192.168.16.2 (SBS) first hop and that’s it.
As I see it, I need to add some routing to the SBS2003 box to send any packets destined for 192.168.1.101 back to 192.168.16.1 but have no idea how to do this.
Maybe it's an ISA issue, just don't know.
Regards
Bazoz
ASKER
Hi sriwi
From TERMINAL SERVER
IPv4 Route Table
========================== ========== ========== ========== ========== =========
Interface List
0x1 .......................... . MS TCP Loopback interface
0x10003 ...00 e0 81 2a cc 8a ...... Broadcom NetXtreme Gigabit Ethernet
========================== ========== ========== ========== ========== =========
========================== ========== ========== ========== ========== =========
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.16.2 192.168.16.3 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.16.0 255.255.255.0 192.168.16.3 192.168.16.3 20
192.168.16.3 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.16.255 255.255.255.255 192.168.16.3 192.168.16.3 20
224.0.0.0 240.0.0.0 192.168.16.3 192.168.16.3 20
255.255.255.255 255.255.255.255 192.168.16.3 192.168.16.3 1
Default Gateway: 192.168.16.2
========================== ========== ========== ========== ========== =========
Persistent Routes:
None
From SBS 2003 (I did have another NIC in the Terminal Server 192.168.0.3 but have since disabled it - it still shows below)
IPv4 Route Table
========================== ========== ========== ========== ========== =========
Interface List
0x1 .......................... . MS TCP Loopback interface
0x2 ...00 e0 81 2b 06 15 ...... Intel(R) PRO/100 S Server Adapter - Packet Scheduler Miniport
0x10004 ...00 e0 81 2b 06 5a ...... Broadcom NetXtreme Gigabit Ethernet - Packet Scheduler Miniport
========================== ========== ========== ========== ========== =========
========================== ========== ========== ========== ========== =========
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.3 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.0.0 255.255.255.0 192.168.0.3 192.168.0.3 20
192.168.0.3 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.0.255 255.255.255.255 192.168.0.3 192.168.0.3 20
192.168.16.0 255.255.255.0 192.168.16.2 192.168.16.2 20
192.168.16.2 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.16.255 255.255.255.255 192.168.16.2 192.168.16.2 20
224.0.0.0 240.0.0.0 192.168.0.3 192.168.0.3 20
224.0.0.0 240.0.0.0 192.168.16.2 192.168.16.2 20
255.255.255.255 255.255.255.255 192.168.0.3 192.168.0.3 1
255.255.255.255 255.255.255.255 192.168.16.2 192.168.16.2 1
Default Gateway: 192.168.0.1
========================== ========== ========== ========== ========== =========
Persistent Routes:
None
From TERMINAL SERVER
IPv4 Route Table
==========================
Interface List
0x1 ..........................
0x10003 ...00 e0 81 2a cc 8a ...... Broadcom NetXtreme Gigabit Ethernet
==========================
==========================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.16.2 192.168.16.3 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.16.0 255.255.255.0 192.168.16.3 192.168.16.3 20
192.168.16.3 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.16.255 255.255.255.255 192.168.16.3 192.168.16.3 20
224.0.0.0 240.0.0.0 192.168.16.3 192.168.16.3 20
255.255.255.255 255.255.255.255 192.168.16.3 192.168.16.3 1
Default Gateway: 192.168.16.2
==========================
Persistent Routes:
None
From SBS 2003 (I did have another NIC in the Terminal Server 192.168.0.3 but have since disabled it - it still shows below)
IPv4 Route Table
==========================
Interface List
0x1 ..........................
0x2 ...00 e0 81 2b 06 15 ...... Intel(R) PRO/100 S Server Adapter - Packet Scheduler Miniport
0x10004 ...00 e0 81 2b 06 5a ...... Broadcom NetXtreme Gigabit Ethernet - Packet Scheduler Miniport
==========================
==========================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.3 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.0.0 255.255.255.0 192.168.0.3 192.168.0.3 20
192.168.0.3 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.0.255 255.255.255.255 192.168.0.3 192.168.0.3 20
192.168.16.0 255.255.255.0 192.168.16.2 192.168.16.2 20
192.168.16.2 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.16.255 255.255.255.255 192.168.16.2 192.168.16.2 20
224.0.0.0 240.0.0.0 192.168.0.3 192.168.0.3 20
224.0.0.0 240.0.0.0 192.168.16.2 192.168.16.2 20
255.255.255.255 255.255.255.255 192.168.0.3 192.168.0.3 1
255.255.255.255 255.255.255.255 192.168.16.2 192.168.16.2 1
Default Gateway: 192.168.0.1
==========================
Persistent Routes:
None
ASKER
Oops, Sorry the other NIC was 192.168.0.4 in the Terminal Server - Since been disabled
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi sriwi
I couldn't get you route to work, but I could get this onto the Terminal Server box.
route -p add 192.168.1.0 mask 255.255.255.0 192.168.16.1
and now it nearly all works except I had to disable the ISA client on the TS box.
What do I need to add to ISA on the SBS2003 box so I can enable the ISA client. Because now the TS box cannot reach the internet.
I couldn't get you route to work, but I could get this onto the Terminal Server box.
route -p add 192.168.1.0 mask 255.255.255.0 192.168.16.1
and now it nearly all works except I had to disable the ISA client on the TS box.
What do I need to add to ISA on the SBS2003 box so I can enable the ISA client. Because now the TS box cannot reach the internet.
you need to put the proxy on your internet explorer, after it should work, remember to put your isa ip address on the proxy address
ASKER
When you run \\SBS2003computername\conn ectcompute r from clients, ISA client and proxy settings get added by default.
But the only way I could get the clients to remote desktop into the TS box was to disable ISA client on the TS
But the only way I could get the clients to remote desktop into the TS box was to disable ISA client on the TS
Cheers