Windows 2003 server multihomed routing problem

I note your comment but the gateway on the second nic is your problem.
internet traffic will arrive correctly at the server from the 192.168.2.0 subnet. However, the server will need then to forward this traffic to its default gateway and it has two. Confused? Your server will be.

Do an ipconfig /all on your server and post the outpit please.
Check the NIC's and blank the default gateway on the 192.168.2.0 nic.
On your external router, make sure it has a static route for the 192.168.2.0 subnet pointing to the server NIC at 192.168.1.6

Yes, I left the gateway blank on the tcp/ip setting for 192.168.2.1
external router? do you mean the linksys router?
I will post the ipconfig /all for all the interfaces as soon as I get home.

Yes, this would be your linksys. It needs to know that traffic going back to the 192.168.2.0 network must go via the server.

Keith,

OK, I did as you say and added the return route for the 192.168.2.0 on the Linksys gateway.  After adding it, I was able to ping the 192.168.1.1 linksys gateway from the 192.168.2.7 host.  But 192.168.2.7 still canot get onto the Internet.  Any clues?

Here is the info.

Linksys gateway:

Destination LAN IP Subnet Mask Gateway Interface
xxx.xxx.250.1 255.255.255.255 xxx.xxx.246.127 WAN
192.168.2.0 255.255.255.0 192.168.1.6 LAN&Wireless
192.168.1.0 255.255.255.0 192.168.1.6 LAN&Wireless
192.168.1.0 255.255.255.0 192.168.1.1 LAN&Wireless
xxx.100.0.0 255.255.0.0 xxx.100.246.127 WAN
0.0.0.0 0.0.0.0 168.100.250.1 WAN
127.0.0.1 0.0.0.0 127.0.0.1 LOOPBACK

Multihomed 2003 server machine:

Ethernet adapter Local Area Connection 3:



   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Broadcom 570x Gigabit Integrated Controller

   Physical Address. . . . . . . . . : 00-0D-56-3C-0F-FA

   DHCP Enabled. . . . . . . . . . . : No

   IP Address. . . . . . . . . . . . : 192.168.1.6

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Default Gateway . . . . . . . . . : 192.168.1.1

   DNS Servers . . . . . . . . . . . : 192.168.1.2



Ethernet adapter Local Area Connection 4:



   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : USB 10/100 Fast Ethernet Adapter

   Physical Address. . . . . . . . . : 00-50-FC-8E-54-A3

   DHCP Enabled. . . . . . . . . . . : No

   IP Address. . . . . . . . . . . . : 192.168.2.1

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Default Gateway . . . . . . . . . :

   DNS Servers . . . . . . . . . . . : 192.168.1.2


IPv4 Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 0d 56 3c 0f fa ...... Broadcom 570x Gigabit Integrated Controller
0x10004 ...00 50 fc 8e 54 a3 ...... USB 10/100 Fast Ethernet Adapter
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.6     20
        127.0.0.0        255.0.0.0        127.0.0.1        127.0.0.1      1
      192.168.1.0    255.255.255.0      192.168.1.6      192.168.1.6     20
      192.168.1.6  255.255.255.255        127.0.0.1        127.0.0.1     20
    192.168.1.255  255.255.255.255      192.168.1.6      192.168.1.6     20
      192.168.2.0    255.255.255.0      192.168.2.1      192.168.2.1     20
      192.168.2.1  255.255.255.255        127.0.0.1        127.0.0.1     20
    192.168.2.255  255.255.255.255      192.168.2.1      192.168.2.1     20
        224.0.0.0        240.0.0.0      192.168.1.6      192.168.1.6     20
        224.0.0.0        240.0.0.0      192.168.2.1      192.168.2.1     20
  255.255.255.255  255.255.255.255      192.168.1.6      192.168.1.6      1
  255.255.255.255  255.255.255.255      192.168.2.1      192.168.2.1      1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None


192.168.2.7 host info:

Ethernet adapter Wireless Network Connection:



        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : Intel(R) PRO/Wireless 2200BG Network Connection

        Physical Address. . . . . . . . . : 00-12-F0-AA-1A-53



Ethernet adapter Local Area Connection:



        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller

        Physical Address. . . . . . . . . : 00-12-3F-13-86-2E

        Dhcp Enabled. . . . . . . . . . . : No

        IP Address. . . . . . . . . . . . : 192.168.2.7

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.2.1

        DNS Servers . . . . . . . . . . . : 192.168.1.1

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 12 f0 aa 1a 53 ...... Intel(R) PRO/Wireless 2200BG Network Connection - Packet Scheduler Miniport
0x3 ...00 12 3f 13 86 2e ...... Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.2.1     192.168.2.7        20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1        1
      192.168.2.0    255.255.255.0      192.168.2.7     192.168.2.7        20
      192.168.2.7  255.255.255.255        127.0.0.1       127.0.0.1        20
    192.168.2.255  255.255.255.255      192.168.2.7     192.168.2.7        20
        224.0.0.0        240.0.0.0      192.168.2.7     192.168.2.7        20
  255.255.255.255  255.255.255.255      192.168.2.7     192.168.2.7        1
  255.255.255.255  255.255.255.255      192.168.2.7               2        1
Default Gateway:       192.168.2.1
===========================================================================
Persistent Routes:
  None

Thanks

on the client (2.7), do a ping to www.yahoo.com. Is this successful?

If not successful, do a tracert to www.yahoo.com. post the output.

Thanks for the security fix.

To make it easier to makeout, I changed the ip of the interface for the 192.168.1.0 network from 192.168.1.6 to 192.168.1.1
and I changed the linksys gateway ip to 192.168.1.200

So the picture looks like this.

Linksys gateway 192.168.1.200
Multihomed system  192.168.1.1, 192.168.2.1
hosts  192.168.2.7, 192.168.1.2

new routing table for multihomed router:

IPv4 Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 0d 56 3c 0f fa ...... Broadcom 570x Gigabit Integrated Controller
0x10004 ...00 50 fc 8e 54 a3 ...... USB 10/100 Fast Ethernet Adapter
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.200      192.168.1.1      1
        127.0.0.0        255.0.0.0        127.0.0.1        127.0.0.1      1
      192.168.1.0    255.255.255.0      192.168.1.1      192.168.1.1     20
      192.168.1.1  255.255.255.255        127.0.0.1        127.0.0.1     20
    192.168.1.255  255.255.255.255      192.168.1.1      192.168.1.1     20
      192.168.2.0    255.255.255.0      192.168.2.1      192.168.2.1     20
      192.168.2.1  255.255.255.255        127.0.0.1        127.0.0.1     20
    192.168.2.255  255.255.255.255      192.168.2.1      192.168.2.1     20
        224.0.0.0        240.0.0.0      192.168.1.1      192.168.1.1     20
        224.0.0.0        240.0.0.0      192.168.2.1      192.168.2.1     20
  255.255.255.255  255.255.255.255      192.168.1.1      192.168.1.1      1
  255.255.255.255  255.255.255.255      192.168.2.1      192.168.2.1      1
Default Gateway:     192.168.1.200
===========================================================================
Persistent Routes:
  None

Ethernet adapter Local Area Connection 3:



   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Broadcom 570x Gigabit Integrated Controller

   Physical Address. . . . . . . . . : 00-0D-56-3C-0F-FA

   DHCP Enabled. . . . . . . . . . . : No

   IP Address. . . . . . . . . . . . : 192.168.1.1

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Default Gateway . . . . . . . . . : 192.168.1.200

   DNS Servers . . . . . . . . . . . : 192.168.1.2



Ethernet adapter Local Area Connection 4:



   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : USB 10/100 Fast Ethernet Adapter

   Physical Address. . . . . . . . . : 00-50-FC-8E-54-A3

   DHCP Enabled. . . . . . . . . . . : No

   IP Address. . . . . . . . . . . . : 192.168.2.1

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Default Gateway . . . . . . . . . :

   DNS Servers . . . . . . . . . . . : 192.168.1.2


Info for 192.168.2.7

Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.2.1     192.168.2.7        20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1        1
      192.168.2.0    255.255.255.0      192.168.2.7     192.168.2.7        20
      192.168.2.7  255.255.255.255        127.0.0.1       127.0.0.1        20
    192.168.2.255  255.255.255.255      192.168.2.7     192.168.2.7        20
        224.0.0.0        240.0.0.0      192.168.2.7     192.168.2.7        20
  255.255.255.255  255.255.255.255      192.168.2.7               3        1
  255.255.255.255  255.255.255.255      192.168.2.7     192.168.2.7        1
Default Gateway:       192.168.2.1
===========================================================================
Persistent Routes:
  None

Ethernet adapter Local Area Connection:



        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller

        Physical Address. . . . . . . . . : 00-12-3F-13-86-2E

        Dhcp Enabled. . . . . . . . . . . : No

        IP Address. . . . . . . . . . . . : 192.168.2.7

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.2.1

        DNS Servers . . . . . . . . . . . : 192.168.1.2



Ethernet adapter Wireless Network Connection:



        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : Intel(R) PRO/Wireless 2200BG Network Connection

        Physical Address. . . . . . . . . : 00-12-F0-AA-1A-53


Linksys Gateway:

xxx.xxx.250.1 255.255.255.255 xxx.xxx.246.127 WAN
192.168.2.0 255.255.255.0 192.168.1.1 LAN&Wireless
192.168.1.0 255.255.255.0 192.168.1.200 LAN&Wireless
192.168.1.0 255.255.255.0 192.168.1.200 LAN&Wireless
xxx.xxx.0.0 255.255.0.0 xxx.xxx.246.127 WAN
0.0.0.0 0.0.0.0 168.100.250.1 WAN
127.0.0.1 0.0.0.0 127.0.0.1 LOOPBACK
   





Can't get anything public, by ip or by name.

Here is the output.

Pinging www.yahoo.akadns.net [216.109.118.74] with 32 bytes of data:



Request timed out.

Request timed out.

Request timed out.

Request timed out.



Ping statistics for 216.109.118.74:

    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

Tracing route to www.yahoo.akadns.net [216.109.118.74]

over a maximum of 30 hops:



  1     1 ms    <1 ms    <1 ms  192.168.2.1

  2     3 ms     1 ms     1 ms  192.168.1.200

  3     *        *        *     Request timed out.

  4     *        *        *     Request timed out.

  5     *        *        *     Request timed out.

  6     *        *        *     Request timed out.

  7     *        *        *     Request timed out.

  8     *        *        *     Request timed out.

  9     *        *        *     Request timed out.

 10     *  

I think the issue has to do with the linksys gateway but I don't know might be the cause.

Agreed. The tracert shows two things.
1st.  You are getting as far as the Linksys so routing on the server is now fine.
2nd. You are getting a response back so now the paths are correct.
As an aside, we can obviously see your dns is resolving the external addresses OK.
So, your initial question is completed. Routing is now operational through the server. Been a good day so i won't count that as question closed and ask you to start a new one :)

Now we have 192.168.2.0 cannot get to the Internet; correct?

I am assuming the server and anything in the 192.168.1.0 can get to the Internet OK?

On the 192.168.2.7 PC, can you open the linksys web configuration page? (lets just make sure http/https traffic is getting to the linksys as well).

I am also assuming there is no bizarre relationship with your ISP that only allows one subnet to use your link?

How is the linksys connecting to the Internet? ADSL direct? With a modem? External router?

Yes Keith, hosts in the 192.168.1.0 subnet can all get online.  no hosts in the 192.168.2.0 subnet can get online.
The multihomed server can get online because it's default gateway is 192.168.1.200.
The linksys uses pppoe using dsl.
Your point regarding that my isp only allowing only one subnet to get online, that ideal came to me as well and
I think you have a good point there.  That might be the problem.
My other guess is that the problem might be with the Linksys router.  since it is a soho router, it might be incapable of
routing traffics from more than one subnet.  what's your take on that?

I will try to get into the linksys web configure utility on the 2.7 later on and let you know what happens.

Thanks for the help so far :)

Kevin

I know for a fact that my isp doesn't allow relaying of their smtp servers.  I am not sure if that has any connection to using multiple subnets over their systems.  I will try to call them.

I have not used linksys but I have used (and do) a Netgear soho and a Belkin soho. Both of which don't give a hoot about what goes through as the adsl router NATs the traffic. Do you know if you are routing/bridging traffic onto the WAN interface or have you enabled NAT?

No problem kevin. Not sure where you are but I'm in the UK so we might be slightly adrift lol.

OK. Let me know when you are ready.

I just called up my isp provider and the guy said that there is no blockage on their side for multiple subnets.

I am in New York

Keith,

I switch in another gateway and the every thing works.  So, the problem is with the Linksys gateway.
Thanks for all your help.  Couldn't have done it without you.

Kevin

Thanks Kevin and well done.
Regards
keith

Have a nice weekend :)