Solved

ROUTE ADD Networking Help

Posted on 2006-10-30
9
433 Views
Last Modified: 2008-03-10
I have a network that lives on 192.168.0.x.  Very standard stuff, gateway on .1, etc.

We need to create a VPN to another site (that has an subnet of 192.168.11.x)

We have 'split' our Internet connection.  The original router, which will be used for regular Internet usage will stay at 192.168.0.1.

We have put in a new VPN router and that lives on the network 192.168.25.x (with the router itself being .1)

Each have their own external IP connecting to the Internet.

Both routers plug into the 24 port switch of the network.

I need to put in a route statement (all the workstations) so that all traffic destined for the .11.x network goes out the .25.1 gateway.

I am having some trouble, which I think is with the subnet mask (however, I am ready to be corrected).

Should I setup the subnet masks on each workstation to be 255.255.0.0 and then have a

ROUTE ADD statement 192.168.11.0 MASK 255.255.0.0 192.168.25.1

I am getting a variety of errors when I try this.

Also, what should the subnet of the VPN router be set to?

Help appreciated...

Thanks,

TN
0
Comment
Question by:tnorman
9 Comments
 
LVL 14

Expert Comment

by:Juan Ocasio
ID: 17838913
Try

Route add 192.168.0.0 MASK 255.255.0.0 192.168.25.1 1
0
 
LVL 57

Expert Comment

by:giltjr
ID: 17838959
You need to re-evalute you IP addressing.  If you use 255.255.0.0, then every IP address from 192.168.0.0 through 192.168.255.255 will be on the same subnet.  This means that 192.168.1.x will think it can talk directly to 192.168.11.x withOUT going through a router.

You seem to have 3 what I would guess are 3 unique subnets, 192.168.1.0/24, 192.168.11.0/24, and 192.168.25.0/24.

If you want to route between the three, then you will need a router on each subnet that is connected to each of the other subnets, or one router that is connected to all three subnets.

0
 
LVL 5

Accepted Solution

by:
risner_it earned 500 total points
ID: 17838988
tnorman,

i think your making this more complex than it needs to be. to simplify this you can do one of two things.

1-(in my opinion the best)Use the VPN Router as your main internet connection router also. Set your VPN router ip from the 25.X network back to the 0.X network after the vpn tunnel is estabblished when traffic from your network destined for the 11.X network hits your vpn router now at 192.168.0.1 it will know to route it through the vpn tunnel.

This is typical of SMB type setups.

2-(option 2 sticks with your "split" internet connection) Configure your VPN router for 192.168.0.254 and then create the vpn tunnel for the 11.X network and once its established.

Route add 192.168.11.0 mask 255.255.255.0 192.168.1.254 1 to work stations.

and everything on network should have /24 subnet mask (255.255.255.0)

This is typical of corperate frame-relay connection setups.
0
 
LVL 2

Expert Comment

by:HeavyWaterLTD
ID: 17839001
you need to either put the VPN router on the same subnet as your original router 192.168.0.x.... and add a route for 192.168.11.x network pointing to the new IP address of your VPN router.

OR

if your original router allows secondary ip addressing then add a secondary ip address to the interface in the 192.168.25.x range. then add a route for 192.168.11.x network to 192.168.25.1.

In your current configuration the 2 routers will never route to each other because they do not share the same subnet to route to (in other words there is no layer 3 connectivity)
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 2

Expert Comment

by:ner_1808
ID: 17840497
risner_it has got the easiest solutions for you without changing too much in option 2.
0
 

Author Comment

by:tnorman
ID: 17842114
Thanks everyone for your comments.  We are trying 'risner_it' #2 solution this morning.

I will report back.

Thanks,

TN
0
 
LVL 5

Expert Comment

by:risner_it
ID: 17842407
tnorman,

let me know if you get stuck =)
0
 

Author Comment

by:tnorman
ID: 17873838
Solution #2 worked great.  We wanted to keep this installation 'separate' from the other users.

Thanks!

TN
0
 
LVL 5

Expert Comment

by:risner_it
ID: 17877949
tnorman,

glad it helped, even though i mistyped the route add part should have been 192.168.0.254 but i see you got the idea.

-risner_it
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now