?
Solved

ROUTE ADD Networking Help

Posted on 2006-10-30
9
Medium Priority
?
498 Views
Last Modified: 2008-03-10
I have a network that lives on 192.168.0.x.  Very standard stuff, gateway on .1, etc.

We need to create a VPN to another site (that has an subnet of 192.168.11.x)

We have 'split' our Internet connection.  The original router, which will be used for regular Internet usage will stay at 192.168.0.1.

We have put in a new VPN router and that lives on the network 192.168.25.x (with the router itself being .1)

Each have their own external IP connecting to the Internet.

Both routers plug into the 24 port switch of the network.

I need to put in a route statement (all the workstations) so that all traffic destined for the .11.x network goes out the .25.1 gateway.

I am having some trouble, which I think is with the subnet mask (however, I am ready to be corrected).

Should I setup the subnet masks on each workstation to be 255.255.0.0 and then have a

ROUTE ADD statement 192.168.11.0 MASK 255.255.0.0 192.168.25.1

I am getting a variety of errors when I try this.

Also, what should the subnet of the VPN router be set to?

Help appreciated...

Thanks,

TN
0
Comment
Question by:tnorman
9 Comments
 
LVL 15

Expert Comment

by:Juan Ocasio
ID: 17838913
Try

Route add 192.168.0.0 MASK 255.255.0.0 192.168.25.1 1
0
 
LVL 57

Expert Comment

by:giltjr
ID: 17838959
You need to re-evalute you IP addressing.  If you use 255.255.0.0, then every IP address from 192.168.0.0 through 192.168.255.255 will be on the same subnet.  This means that 192.168.1.x will think it can talk directly to 192.168.11.x withOUT going through a router.

You seem to have 3 what I would guess are 3 unique subnets, 192.168.1.0/24, 192.168.11.0/24, and 192.168.25.0/24.

If you want to route between the three, then you will need a router on each subnet that is connected to each of the other subnets, or one router that is connected to all three subnets.

0
 
LVL 5

Accepted Solution

by:
risner_it earned 2000 total points
ID: 17838988
tnorman,

i think your making this more complex than it needs to be. to simplify this you can do one of two things.

1-(in my opinion the best)Use the VPN Router as your main internet connection router also. Set your VPN router ip from the 25.X network back to the 0.X network after the vpn tunnel is estabblished when traffic from your network destined for the 11.X network hits your vpn router now at 192.168.0.1 it will know to route it through the vpn tunnel.

This is typical of SMB type setups.

2-(option 2 sticks with your "split" internet connection) Configure your VPN router for 192.168.0.254 and then create the vpn tunnel for the 11.X network and once its established.

Route add 192.168.11.0 mask 255.255.255.0 192.168.1.254 1 to work stations.

and everything on network should have /24 subnet mask (255.255.255.0)

This is typical of corperate frame-relay connection setups.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 2

Expert Comment

by:HeavyWaterLTD
ID: 17839001
you need to either put the VPN router on the same subnet as your original router 192.168.0.x.... and add a route for 192.168.11.x network pointing to the new IP address of your VPN router.

OR

if your original router allows secondary ip addressing then add a secondary ip address to the interface in the 192.168.25.x range. then add a route for 192.168.11.x network to 192.168.25.1.

In your current configuration the 2 routers will never route to each other because they do not share the same subnet to route to (in other words there is no layer 3 connectivity)
0
 
LVL 2

Expert Comment

by:ner_1808
ID: 17840497
risner_it has got the easiest solutions for you without changing too much in option 2.
0
 

Author Comment

by:tnorman
ID: 17842114
Thanks everyone for your comments.  We are trying 'risner_it' #2 solution this morning.

I will report back.

Thanks,

TN
0
 
LVL 5

Expert Comment

by:risner_it
ID: 17842407
tnorman,

let me know if you get stuck =)
0
 

Author Comment

by:tnorman
ID: 17873838
Solution #2 worked great.  We wanted to keep this installation 'separate' from the other users.

Thanks!

TN
0
 
LVL 5

Expert Comment

by:risner_it
ID: 17877949
tnorman,

glad it helped, even though i mistyped the route add part should have been 192.168.0.254 but i see you got the idea.

-risner_it
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question