Link to home
Start Free TrialLog in
Avatar of DaleFrazier
DaleFrazierFlag for United States of America

asked on

I am trying to connect to a domain controller on my lan but can't get past my router?

I have setup a small ms 2003 domain with one dc and a linksys WRT54GS router.  The router is receiving a dynamic address from the ISP, bellsouth.  The network is 192.168.2.x with smask 255.255.255.0.  The server has a static ip and is setup as a dhcp server for the internal network.  DHCP on the router has been disabled.  The internal network is working fine and everyone can access the internet, no problem.  I have opened rdp port 3389 on the router and forwarded to the 2k3 dc.  I enabled the server to receive remote connections.  I used the public ip to attempt to connect to the dc across the internet but it always fails.  I tried the same procedure with vnc remote access but it also failed.

Understand that I am not doing this for the first time.  I have successfully performed this many times in the past.

One odd thing I noticed is that from the internal network I can log into the router from a browser using 192.168.1.1 or 192.168.2.1.  The router is configured with the 192.168.2.1 address.  Any ideas experts?

Dale
Avatar of Scotty_cisco
Scotty_cisco

So what is your outside IP address that you are forwarding ports from to the DC on port 3389?  Are you blocking the port from outside have you configured the pinholes I think they are called?

Thanks
Scott
Avatar of DaleFrazier

ASKER

I am using PAT on my router to translate to the servers private ip.  The outside ip is dynamicly assigned by the isp.  I determine this ip by using the website www.whatismyip.com.  I then attempt to access the server across the internet using the outside/public ip.  I have done it before many times.  Not sure what pinholes are?  Thanks and I hope I answered your question.
You did in a round about sort of way.... you said your port forwarding the port and your using 3389 from the outside to inside and you said you can reach it from the outsid address and inside address when you are on the local lan?  The pinholes I am talking about are usually firewall rule sets that say I allow anyone or a host to this port on this address... not sure if it is just a port forward or what.  do you have an option for a DMZ host?  If so is it enabled could this be causing an issue?  If not then try making the server the DMZ host and see if you can get to it.

Thanks
scott
When I log into the router and check the status tab I see two main sections, router info and internet.  Router info contains firmware ver, mac address, etc.  The internet section has some interesting info.  

       
       Login Type:        Automatic Configuration - DHCP                  
                        IP Address:       192.168.1.1                
                      Subnet Mask:       255.255.255.0               
                      Default Gateway:       192.168.1.254               
                        DNS 1:       192.168.1.254                
                        DNS 2:                     
                        DNS 3:                     
                               
It also has two buttons, dhcp release and dhcp renew.  These ip addresses are assigned by the isp but they are in the private range?  Is this my problem?  If so what is the work around?                                    
                 
that very well could be the problem ... they are NATing the range to give you a private..... when you go out to www.whatismyip.com what do you see at the top of the page?

Thanks
Scott
I see a real public ip address, 70.102.x.x.  How do I work around this issue.  Ive never had an isp do this.
You have multiple nat in the path. The Bellsouth modem is probable configured as a nat router with the 192.168.1.254 lan side ip.
If you want to simplify this, put the modem into bridge mode.
How do you do that and what is bridge mode?  Thanks Dale
>How do you do that and what is bridge mode?

It is an option in one the modem setup pages.
Bridge mode does not perform any nat, or pppoe. The modem passes all ethernet packets to your other router.
Can I access the modem the same way I do the router, with a web browser?
Ok Experts, you have abandoned my question!!  Why, is it to hard?  I am always generous with the points.  True you have helped me to understand the problem but not fix it.  My question is this,

HOW DO I PUT THIS WESTEL DSL MODEM IN BRIDGE MODE?  and will it screw up my internet connection?  

If you don't know, its ok, I don't either.  Thanks Dale
what kind of westel modem is it .... model number also they maybe running private addresses between the CO and your home location if this is the case you may not be able to work around it (doubtful though)

Thanks
Scott
Scotty,

you are right, this exactly what the CO is doing.  Is there any way that I can connect to my private network across the internet in this situation?  Thanks

Dale
This complicates the process if they are doing 1 to 1 nat not a problem if they are using that and a PAT pool then there is nothing you can do.

go out to www.whatismyip.com that should give you your real IP address and then see if you open up a connection to a host on the public side of your modem and fet through.  If not they are likely doing PAT and you can beg the ISP for a routable outside address, if they refuse which many IP's would rather pound sand than do anything that may help you out; your kind of stuck.

I have only seen this in leased office space so I hope I am wrong here.

Thanks
Scott
ASKER CERTIFIED SOLUTION
Avatar of public
public

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial