DaleFrazier
asked on
I am trying to connect to a domain controller on my lan but can't get past my router?
I have setup a small ms 2003 domain with one dc and a linksys WRT54GS router. The router is receiving a dynamic address from the ISP, bellsouth. The network is 192.168.2.x with smask 255.255.255.0. The server has a static ip and is setup as a dhcp server for the internal network. DHCP on the router has been disabled. The internal network is working fine and everyone can access the internet, no problem. I have opened rdp port 3389 on the router and forwarded to the 2k3 dc. I enabled the server to receive remote connections. I used the public ip to attempt to connect to the dc across the internet but it always fails. I tried the same procedure with vnc remote access but it also failed.
Understand that I am not doing this for the first time. I have successfully performed this many times in the past.
One odd thing I noticed is that from the internal network I can log into the router from a browser using 192.168.1.1 or 192.168.2.1. The router is configured with the 192.168.2.1 address. Any ideas experts?
Dale
Understand that I am not doing this for the first time. I have successfully performed this many times in the past.
One odd thing I noticed is that from the internal network I can log into the router from a browser using 192.168.1.1 or 192.168.2.1. The router is configured with the 192.168.2.1 address. Any ideas experts?
Dale
ASKER
I am using PAT on my router to translate to the servers private ip. The outside ip is dynamicly assigned by the isp. I determine this ip by using the website www.whatismyip.com. I then attempt to access the server across the internet using the outside/public ip. I have done it before many times. Not sure what pinholes are? Thanks and I hope I answered your question.
You did in a round about sort of way.... you said your port forwarding the port and your using 3389 from the outside to inside and you said you can reach it from the outsid address and inside address when you are on the local lan? The pinholes I am talking about are usually firewall rule sets that say I allow anyone or a host to this port on this address... not sure if it is just a port forward or what. do you have an option for a DMZ host? If so is it enabled could this be causing an issue? If not then try making the server the DMZ host and see if you can get to it.
Thanks
scott
Thanks
scott
ASKER
When I log into the router and check the status tab I see two main sections, router info and internet. Router info contains firmware ver, mac address, etc. The internet section has some interesting info.
Login Type: Automatic Configuration - DHCP
IP Address: 192.168.1.1
Subnet Mask: 255.255.255.0
Default Gateway: 192.168.1.254
DNS 1: 192.168.1.254
DNS 2:
DNS 3:
It also has two buttons, dhcp release and dhcp renew. These ip addresses are assigned by the isp but they are in the private range? Is this my problem? If so what is the work around?
Login Type: Automatic Configuration - DHCP
IP Address: 192.168.1.1
Subnet Mask: 255.255.255.0
Default Gateway: 192.168.1.254
DNS 1: 192.168.1.254
DNS 2:
DNS 3:
It also has two buttons, dhcp release and dhcp renew. These ip addresses are assigned by the isp but they are in the private range? Is this my problem? If so what is the work around?
that very well could be the problem ... they are NATing the range to give you a private..... when you go out to www.whatismyip.com what do you see at the top of the page?
Thanks
Scott
Thanks
Scott
ASKER
I see a real public ip address, 70.102.x.x. How do I work around this issue. Ive never had an isp do this.
You have multiple nat in the path. The Bellsouth modem is probable configured as a nat router with the 192.168.1.254 lan side ip.
If you want to simplify this, put the modem into bridge mode.
If you want to simplify this, put the modem into bridge mode.
ASKER
How do you do that and what is bridge mode? Thanks Dale
>How do you do that and what is bridge mode?
It is an option in one the modem setup pages.
Bridge mode does not perform any nat, or pppoe. The modem passes all ethernet packets to your other router.
It is an option in one the modem setup pages.
Bridge mode does not perform any nat, or pppoe. The modem passes all ethernet packets to your other router.
ASKER
Can I access the modem the same way I do the router, with a web browser?
ASKER
Ok Experts, you have abandoned my question!! Why, is it to hard? I am always generous with the points. True you have helped me to understand the problem but not fix it. My question is this,
HOW DO I PUT THIS WESTEL DSL MODEM IN BRIDGE MODE? and will it screw up my internet connection?
If you don't know, its ok, I don't either. Thanks Dale
HOW DO I PUT THIS WESTEL DSL MODEM IN BRIDGE MODE? and will it screw up my internet connection?
If you don't know, its ok, I don't either. Thanks Dale
what kind of westel modem is it .... model number also they maybe running private addresses between the CO and your home location if this is the case you may not be able to work around it (doubtful though)
Thanks
Scott
Thanks
Scott
ASKER
Scotty,
you are right, this exactly what the CO is doing. Is there any way that I can connect to my private network across the internet in this situation? Thanks
Dale
you are right, this exactly what the CO is doing. Is there any way that I can connect to my private network across the internet in this situation? Thanks
Dale
This complicates the process if they are doing 1 to 1 nat not a problem if they are using that and a PAT pool then there is nothing you can do.
go out to www.whatismyip.com that should give you your real IP address and then see if you open up a connection to a host on the public side of your modem and fet through. If not they are likely doing PAT and you can beg the ISP for a routable outside address, if they refuse which many IP's would rather pound sand than do anything that may help you out; your kind of stuck.
I have only seen this in leased office space so I hope I am wrong here.
Thanks
Scott
go out to www.whatismyip.com that should give you your real IP address and then see if you open up a connection to a host on the public side of your modem and fet through. If not they are likely doing PAT and you can beg the ISP for a routable outside address, if they refuse which many IP's would rather pound sand than do anything that may help you out; your kind of stuck.
I have only seen this in leased office space so I hope I am wrong here.
Thanks
Scott
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Thanks
Scott