?
Solved

Cannot see/ping dial-in Remote Network

Posted on 2005-03-10
57
Medium Priority
?
408 Views
Last Modified: 2010-03-18
Hi All,

I have set up our remote office to dial in to our office using a Win XP Pro machine with ICS to dial to our Win 2000 Server running RRAS.

The setup is as follows:

Remote Office Subnet:  192.168.5.X
Our Office Subnet:        192.168.4.X

If the Remote Win XP machine (IP: 192.168.5.4) dials our Win 2000 RRAS Server, it authenticates and is assigned the IP: 192.168.4.253 on our local subnet.

ICS works fine because all PC's at the Remote Office (192.168.5.X) can see our network (192.168.4.X). However, no one from our office can ping any IP's on the remote network. For example:


192.168.5.5 can Ping 192.168.4.6

BUT

192.168.4.6 cannot Ping 192.168.5.5


I also cannot ping the remote network (192.168.5.X) from the Win 2000 RRAS Server (192.168.4.4). Have tried putting some of the following Static Routes in RRAS Manager with no luck:


Destination      Subnet                Gateway          Interface

192.168.5.0     255.255.255.0     192.168.4.4      Local Area Connection
192.168.5.0     255.255.255.0     192.168.4.4      Internal
192.168.5.0     255.255.255.0     192.168.4.253   Local Area Connection
192.168.5.0     255.255.255.0     192.168.4.253   Internal


Hope someone can help.

Many thanks,

C
0
Comment
Question by:centurion
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 30
  • 25
57 Comments
 
LVL 18

Expert Comment

by:crissand
ID: 13507964
If XP SP2, the ping is blocked in windows firewall. Open the firewall control, choose ICMP and check the box Allow incoming echo request.
0
 
LVL 15

Expert Comment

by:wingatesl
ID: 13513611
Is the 2000 RRAS server the internet gateway, or do you have a router?
If you have a router try adding a route for 192.168.5.0 -> 192.168.4.4

Shawn
0
 

Author Comment

by:centurion
ID: 13515293
Thanks for the replies.

The Win XP machine is SP1 and the Windows Firewall is disbaled. The only option checked in the Advanced tab of the Network Connection Properties is the "Allow other network users to use this computer's Internet connection".

The Win 2000 box is the gateway. There is no router on any of the networks. Also, there is no internet access on any of the networks. They are isolated from any public network infrastructure.

Regards,

C
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 

Author Comment

by:centurion
ID: 13516009
Update.

Have enabled the windows firewall on the Win XP SP1 box and checked all the rules that allow both inbound and outbound traffic.

Still no luck.

C
0
 

Author Comment

by:centurion
ID: 13517790
OK.

Have increased the points to 300, as I really need an answer to this.

Thanks,

C
0
 
LVL 18

Expert Comment

by:crissand
ID: 13517950
From the network 192.168.4.x can you ping 192.168.4.253? What about the other nic of this machine, 192.168.5.4?
0
 

Author Comment

by:centurion
ID: 13533795
Thanks for the reply Crissand.

I can ping 192.168.4.253 from any machine on either network OK.
0
 
LVL 18

Expert Comment

by:crissand
ID: 13533964
Then the problem is in the routing between 192.168.5.4 and 192.168.4.253, for ICMP packets. If it's XP SP1, the firewall is ICF, not Windows firewall. Use the ICMP option to allow incoming ICMP traffic.
0
 

Author Comment

by:centurion
ID: 13534144
Sorry, I meant ICF. I have checked all the rules in the ICF which allow both incoming and outgoing comms, including ICMP, but I still don't get any positive results. Even from the Win2000 RRAS Server.
0
 
LVL 18

Expert Comment

by:crissand
ID: 13534409
Do you have a default gateway in the TCP/IP properties of one of the NIC's of the XP computer? Better start a command prompt, type ipconfig/all and paste here the result.
0
 

Author Comment

by:centurion
ID: 13535512
Windows 2000 RRAS Server IPConfig:
****************************
Windows 2000 IP Configuration

        Host Name . . . . . . . . . . . . : RAS
        Primary DNS Suffix  . . . . . . . :
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : Yes
        WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Netelligent 10/100TX PCI UTP Controller
        Physical Address. . . . . . . . . : 00-80-5F-FE-BB-06
        DHCP Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.4.4
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . :
        DNS Servers . . . . . . . . . . . : 192.168.4.3
        Primary WINS Server . . . . . . . : 192.168.4.3

PPP adapter RAS Server (Dial In) Interface:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
        Physical Address. . . . . . . . . : 00-53-45-00-00-00
        DHCP Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.4.252
        Subnet Mask . . . . . . . . . . . : 255.255.255.255
        Default Gateway . . . . . . . . . :
        DNS Servers . . . . . . . . . . . :



Windows XP Pro SP1 PC  IPConfig:
*************************
Windows IP Configuration

        Host Name . . . . . . . . . . . . : LANGATEWAY
        Primary Dns Suffix  . . . . . . . :
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : Yes
        WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet for hp
        Physical Address. . . . . . . . . : 00-11-0A-39-AA-B5
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.5.4
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . :

PPP adapter Head Office:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
        Physical Address. . . . . . . . . : 00-53-45-00-00-00
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.4.253
        Subnet Mask . . . . . . . . . . . : 255.255.255.255
        Default Gateway . . . . . . . . . : 192.168.4.253
        DNS Servers . . . . . . . . . . . : 192.168.4.3
        Primary WINS Server . . . . . . . : 192.168.4.3
0
 
LVL 18

Expert Comment

by:crissand
ID: 13535676
ppp adapter head office must not have a default gateway, or you must add a static route in the xp computer. Something like

route add 192.168.5.0 MASK 255.255.255.0 192.168.5.4

This way the xp computer will know that the gateway for the network 192.168.5.0/24 is 192.168.5.4
0
 

Author Comment

by:centurion
ID: 13536384
I had a look at the route table on the XP machine. The route suggested was already in there:

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 11 0a 39 aa b5 ...... Broadcom NetXtreme Gigabit Ethernet for hp - Packet Scheduler Miniport
0x20004 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway           Interface              Metric
          0.0.0.0                 0.0.0.0           192.168.4.253   192.168.4.253       1
        127.0.0.0               255.0.0.0        127.0.0.1          127.0.0.1              1
    192.168.4.252      255.255.255.255   192.168.4.253    192.168.4.253      1
    192.168.4.253      255.255.255.255   127.0.0.1           127.0.0.1             50
    192.168.4.255      255.255.255.255   192.168.4.253    192.168.4.253      50
      192.168.5.0       255.255.255.0       192.168.5.4        192.168.5.4         20
      192.168.5.4       255.255.255.255    127.0.0.1           127.0.0.1            20
    192.168.5.255     255.255.255.255    192.168.5.4        192.168.5.4         20
        224.0.0.0        240.0.0.0               192.168.5.4        192.168.5.4        20
        224.0.0.0        240.0.0.0               192.168.4.253    192.168.4.253       1
  255.255.255.255  255.255.255.255      192.168.5.4       192.168.5.4       1
Default Gateway:     192.168.4.253
===========================================================================
Persistent Routes:
  None
0
 
LVL 18

Expert Comment

by:crissand
ID: 13536541
I recommend upgrading to XP SP2. This way, the firewall is more configurable.
0
 

Author Comment

by:centurion
ID: 13536665
I would have done this already but the PC is running essential software to the business that gets corrupted on upgrade to SP2. As of yet we cannot see how to resolve the upgrade issue.
0
 
LVL 18

Expert Comment

by:crissand
ID: 13536743
What can I say. Run route -f to clear all routes, then delete the default gateway and restart computer.
0
 

Author Comment

by:centurion
ID: 13546412
I ran "ROUTE -F" a few times and restarted the system but no luck. When I did a "ROUTE PRINT" all the entries re-appeared.
0
 
LVL 18

Expert Comment

by:crissand
ID: 13546493
It's ok. The dial-up connection is manually configured, I guess. Can you delete the default gateway?
0
 

Author Comment

by:centurion
ID: 13546682
The dial-up connection takes the settings from the Win 2000 RRAS Server.

How do I delete the Default Gateway? I thought it did that when I ran "ROUTE -F", because there was no entry for default gateway after I ran the command whereas there was an entry before.
0
 
LVL 18

Expert Comment

by:crissand
ID: 13546793
Try to reverse the order of binding in Network and Dial-up Connections/Advanced/Advanced Settings/Adapters and bindings.
0
 

Author Comment

by:centurion
ID: 13564889
Sorry about the late reply. Out of the office yesterday.

Reversed the order of the bindings. No luck I'm afraid.
0
 

Author Comment

by:centurion
ID: 13564908
Oh, sorry. Forgot to mention.

I'm increasing the points as well, as I'd like to resolve this as soon as poss.
0
 
LVL 18

Expert Comment

by:crissand
ID: 13565318
I think the ICMP is blocked somewhere. Can you access with explorer some computer in the 192.168.5.xxx network from the other one?
0
 

Author Comment

by:centurion
ID: 13565525
No. Just the shares of the computer dialing in.
0
 
LVL 18

Expert Comment

by:crissand
ID: 13566099
Let's try a bridge connection. Disable Internet Connection Sharing, select both adapters and create a bridge.

I have something that show how to create a vpn connection here:

http://asia.cnet.com/enterprise/netadmin/0,39035505,39050037-39000223c-1,00.htm

but I don't know if it's fitted.
0
 

Author Comment

by:centurion
ID: 13566425
I thought that you can't Bridge a dial-up connection with a LAN connection? Am I mistaken?

What are we trying to achieve with the VPN?

Dialing in to the remote network from our network has never been an option. That is why I posted the question here. If we could have done that initialy, I would never have posted this question here.

Appologies if that sounds rude, I'm just trying to explain the best way I can.
0
 
LVL 18

Expert Comment

by:crissand
ID: 13567124
True, dialup connection cannot be bridged.

No problem, I understand, it's frustrating for me too. But let's start again. You don't have to use Internet Connection Sharing to connect two machines by dial-up. Instead is better to configure the connection to accept incoming connection from the server, or create with the wizzard a connection using Set up a home or small office network or "Set up and advanced connection".

I don't exactly know why in your environment it isn't working, because I've done this configuration starting with Windows NT4 without problems.

Let's see again: You must have tcp/ip, client for microsoft network, file and printing sharing for microsoft network on each adapter.
0
 

Author Comment

by:centurion
ID: 13567753
Yep. TCP/IP, Client for MS Networks, and File and Print Sharing is enabled on each adapter.
0
 
LVL 18

Expert Comment

by:crissand
ID: 13574058
I'm afraid the only posibility is to make the XP computer host, using the wizzard. You can make a VPN or no VPN connection between the two computers.
0
 

Author Comment

by:centurion
ID: 13576417
Not an option I'm afraid. I need to resolve this through routing.

Is there any freeware or shareware out there that can act like a router? Or a software router? Basically something that gives you more routing power than what is available through Windows?
0
 
LVL 18

Expert Comment

by:crissand
ID: 13590175
602 Suite, from here:

http://software602.com/products/ls/

but it's free for only 5 users.

Can I suggest to try to use for connection a Windows 2000 (SP4) workstation to replace the Windows XP Pro, if any available?
0
 

Author Comment

by:centurion
ID: 13590452
Thanks for the reply crissand.

I'm afraid that there are no Win 2000 PC's at the remote office. Only Win 98 and Win XP PC's. No servers either unfortunately.

I'll have a look at LAN Suite and let you know as soon as poss.

Do you think this the next logical step (LAN Suite) if you were in my position? If not, which way would you go next?
0
 
LVL 18

Expert Comment

by:crissand
ID: 13590511
First, I'll try another workstation with XP, then a workstation with Windows 98.
Then I'll try a router (a pair of routers, if possible). But this can be expensive.

As far as I remember, when I have configured something like this, the Windows NT workstation was used as host.

Probably, the best solution is an VPN over a good Internet connection.
0
 

Author Comment

by:centurion
ID: 13653532
Hi Crissand,

Still working on it and having no luck I'm afraid.

I had no luck with the 602LAN Suite basically because it still does NAT, however I did have an idea...

Do you know of any software out there that can Bridge a Dial-up connection to a LAN connection? Without implementing NAT obviously. Just a straight through Bridge.

Or alternatively, any way of hacking or changing the Dial-up connection in Windows XP to make it a LAN connection? Basically fooling XP to think that the Dial-up connection is a LAN connection. That way I may be able to bridge the two in XP.

Thanks.
0
 
LVL 18

Expert Comment

by:crissand
ID: 13653870
I'm afraid the answer is no to both questions. What about installing the modem in a cheap Linux computer? There are some software packages that act as routers, easy to install and configure. I know this is Microsoft Network but, what can I say, do you want to buy a server software?
0
 

Author Comment

by:centurion
ID: 13653905
If something will do the trick I may well have to...
0
 

Author Comment

by:centurion
ID: 13653911
Anything in mind?
0
 
LVL 18

Expert Comment

by:crissand
ID: 13653973
Lot of people use Smoothwall: http://www.smoothwall.org/
0
 

Author Comment

by:centurion
ID: 13654039
Yep. Heard of it. Tried to use it some years back but the PC I was using had SCSI drives and they were'nt accept by SW at that time.

Any Windows OS's at all?
0
 
LVL 18

Expert Comment

by:crissand
ID: 13660566
This looks like a windows router, but I never test it:

http://inetshaper.com/tutorial.html
0
 

Author Comment

by:centurion
ID: 13672976
I've set up a Test Environment to mirror our true setup and I've almost managed to get it working.

I've managed to achieve all of this by just adding routes using the ROUTE command.

I can now ping the LAN that is dialing in (Remote Office) which is what I was after.

However, the only thing is that the LAN that is dialing in (Remote Office) cannot access any of the network it is dialing in to (Our Office LAN).

The setup is as follows:


                       LAN                         Dial-up                           LAN
     PC A -------------------- PC B --------->--------- PC C -------------------- PC D
    Win98                        WinXP                       NT4 RAS                       Win98
192.168.10.2              192.168.10.1                192.168.3.3                192.168.3.26
                     Dial-up IP: 192.168.3.254   Server IP: 192.168.3.253


Win XP Pro SP1 (PC B) Dials the Win NT 4 RAS Server (PC C).
Routes added to all PC's.
Win XP Pro PC does not share the Internet connection as this will create NAT.

I can ping PC A from PC D (going this way <- ). PC D can ping evertything.
I can ping PC A from PC C (going this way <- ). PC C can ping evertything.
I can ping PC A from PC B (going this way <- ). PC B can ping evertything.

PC A can ping PC B and PC C. But it can NOT ping PC D.

Have added route to PC B to tell it that 192.168.3.0 network is thorugh 192.166.3.254 (IP Addr assigned to it on Office LAN).

If I turn on Internet Connection Sharing on the XP PC (PC B), then I loose the capability to get to PC A from PC D becuse of the NAT.

Question is, I have managed to get sooo close. Am I missing something?
0
 
LVL 18

Expert Comment

by:crissand
ID: 13680295
Can you ping 192.168.3.253, the LAN interface of the server?
0
 

Author Comment

by:centurion
ID: 13682231
Yes
0
 
LVL 18

Expert Comment

by:crissand
ID: 13696719
You don't have a route between 192.168.3.253 and 192.168.3.26. How are the addresses assigned, like this?

    dial-up to the other network---192.168.3.253-| NT4RAS|-192.168.3.3----------------192.168.3.26

If yes, the missing route can be between 192.168.3.253 and 192.168.3.3.

If it's like this:

    dial-up to the other network---192.168.3.3-| NT4RAS|-192.168.3.253----------------192.168.3.26

the missing route is direct between 3.253 and 3.26.

What is the default gateway of 192.168.2.26?
0
 

Author Comment

by:centurion
ID: 13698105
Default gateway of 192.168.3.26 is 192.168.3.3.

192.168.10.2 CAN ping 192.168.3.254, 192.168.3.253, 192.168.3.3 but CAN NOT ping 192.168.3.26.

192.168.3.26 CAN ping 192.168.3.254, 192.168.3.253, 192.168.3.3, 192.168.3.26 (It can ping everything).
0
 

Author Comment

by:centurion
ID: 13698114
Sorry, last line meant to read:

192.168.3.26 CAN ping 192.168.3.254, 192.168.3.253, 192.168.3.3, 192.168.10.2 (It can ping everything).
0
 
LVL 18

Expert Comment

by:crissand
ID: 13698219
But 192.168.10.2 can ping 192.168.3.3?
1.If not, is a problem of internal routing in the RAS server.
2.If yes, a route between 192.168.3.3 and 192.168.3.26 must be added.

I understand the network is configured like this:

dial-up to the other network---192.168.3.253-| NT4RAS|-192.168.3.3----------------192.168.3.26

where 192.168.3.253 is the modem's address and 192.168.3.3 is LAN board's address.
0
 

Author Comment

by:centurion
ID: 13698599
Yes 192.168.10.2 can ping 192.168.3.3.

A route already exists for the whole 192.168.3.0 network in the routing table on the 192.168.3.3 server, yet 192.168.10.2 still cannot ping 192.168.3.26. Do you think I need to add a direct route to 192.168.3.26?

Here is the network setup in a bit more detail:


                         Remote Office LAN                         PC - B   Dials   PC - C                           Our Office LAN
           PC A -------------------------------- PC B ------------------->------------------- PC C -------------------------------- PC D
          Win98                                       WinXP                                               NT4 RAS                                      Win98
LAN IP: 192.168.10.2                 LAN IP: 192.168.10.1                            LAN IP: 192.168.3.3                    LAN IP: 192.168.3.26
                                            Modem IP: 192.168.3.254                     Server IP: 192.168.3.253

0
 
LVL 18

Expert Comment

by:crissand
ID: 13698628
I think so, because both server's interfaces are in the same network.
0
 

Author Comment

by:centurion
ID: 13699424
Didn't work. However, I did find something of interest.

If I add the route to PC B or PC C I still cannot ping 192.168.3.26 from 192.168.10.2.

But, if I ping 192.168.10.2 from 192.168.3.26 and once I get the replies, I go back to 192.168.10.2 and try again, it works.

Up until now, I kept disconnecting and restarting which must have wiped the routing table and I never tried it in this specific way before.

Do you think this is RIP that is causing this? And if so, are we getting any closer to solving the problem?

Thing is I can only ping an IP address from 192.168.10.2 that has already pinged it. I would like to be able to see the whole 192.168.3.0 network from 192.168.10.2, not just the IP's that have pinged it.

0
 
LVL 18

Expert Comment

by:crissand
ID: 13699558
Suggestion: print the routing table on the server, ping 192.168.10.2 from 192.168.3.26, the way that it's working, and verify the routing table on the server. If it's the same at the one before pinging, I'm confused.
0
 

Author Comment

by:centurion
ID: 13725442
Bare with me Crissand. I've been tasked to do something quite urgent for the next few days but will return on this as soon as I am done.
0
 
LVL 18

Accepted Solution

by:
crissand earned 2000 total points
ID: 13725967
Take your time!
0
 

Author Comment

by:centurion
ID: 13916058
The question has not been abandoned.

As you can see from my above statement I was tasked to work on something Urgent for what was thought would take just a few days.

To date I am still working on that same task. As yet I have not had time to return to this problem.

I admit I should have posted an update, but I have been totaly absorbed in what I am doing and totally forgot about this question.

I would like to keep this question open for a while longer so that I may return to it and try to resolve this problem.

If this will not be possible, please let me know so that I can award the points to Crissand as it has been his help that has allowed me to progress in the troubleshooting of this problem, even though I have not found an answer yet.
0
 

Author Comment

by:centurion
ID: 14076988
Crissand,

It looks like I will not have time for the foreseeable future to continue with this so thank you for your help on this so far.

I may re-activate this post when I can and try and finish this off as I feel that I am really close.
0
 
LVL 18

Expert Comment

by:crissand
ID: 14084358
I hope I'll be here.
0

Featured Post

Supports up to 4K resolution!

The VS192 2-Port 4K DisplayPort Splitter is perfect for anyone who needs to send one source of DisplayPort high definition video to two or four DisplayPort displays. The VS192 can split and also expand DisplayPort audio/video signal on two or four DisplayPort monitors.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A brief overview to explain gateways, default gateways and static routes OR NO - you CANNOT have two default gateways on the same server, PC or other Windows-based network device. In simple terms a gateway is formed when a computer such as a serv…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question