Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Two routers at the same time?

Posted on 2007-03-28
4
Medium Priority
?
206 Views
Last Modified: 2010-04-17
Hi guys,

we just bought Cisco 1841-T1 router to replace Netgear FVS318 V3. I was wondering if it is possible to use Cisco router as a main router and Netgear just for VPN connection?

Thank you.
0
Comment
Question by:Yury Merezhkov
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 11

Expert Comment

by:Zenith63
ID: 18811783
It really depends on your setup.

How are the VPNs setup at the moment?  Do the remote users get IPs in your subnet or are they on a seperate subnet?  Do you have a fixed list of IPs that will be "VPNed" people connecting in?

What you need to overcome here is how do computers on your LAN know where to route packets to?  Normal behaviour is if a computer wants to talk to another computer on the local LAN (decided by considering it's own IP address and subnet mask) it broadcasts it on the LAN, if it wants to talk to a computer it has decided is NOT on the LAN (again considering it's own IP and subnet mask) it sends the packets to its default gateway.
Again without knowing your setup I'm guessing a bit here, but basically you'll need to modify this behaviour to say: If on the LAN broadcast as normal, if trying to talk to an IP used by a VPN user send packets to the Netgear, otherwise send it to the default gateway (Cisco).  You can do this with the route command on any computers that may need to talk to VPNed clients as follows -

Assume VPNed users have IPs 192.168.2.x and your LAN has IPs 192.168.1.x.  The internal IP of the Cisco is 192.168.1.253 and the internal IP of the Netgear is 192.168.1.254.
Set the default gateway on all internal computers to 192.168.1.253.  Now issue the command
'route -p add 192.168.2.0 mask 255.255.255.0 192.168.1.254'
This tells the computer to route all traffic for 192.168.2.x addresses to 192.168.1.254 (the Netgear).

Another option, if your Cisco allows it, is to have it send traffic destined for 192.168.2.x over to the Netgear.  Only certain Ciscos support sending traffic back out the interface it came in like this.  This would save the route command on the LAN PCs but puts more load on the Cisco.
0
 
LVL 7

Author Comment

by:Yury Merezhkov
ID: 18811871
I kinda understand what you are saying.

What we have now is two Netgear routers. One in the main office, the other one is across the road. The VPN location right now has only one pc but will have 5 more in the near future. VPN users have their own subnet (192.168.0.xxx). Main office is 192.168.1.xxx. So, basically yes, I do have a fixed list of IPs. Let's say they are 192.168.0.1 - 192.168.0.5.
0
 
LVL 11

Accepted Solution

by:
Zenith63 earned 2000 total points
ID: 18811945
Perfect!

In the smaller site you don't need to make any changes.
In the main site you'll be changing the default gateway on all the pcs/servers to the IP of the Cisco.  Then on any computers that users in the remote site will want to talk to (usually just the servers but it applies for any pcs as well) just run the route command above adjusting the IPs as appropriate.  Assuming the IP of the Netgear will be 192.168.1.254 the command would be -
'route -p add 192.168.0.0 mask 255.255.255.0 192.168.1.254'

The -p means persistent, so the PCs can be restarted and won't lose the route.  You could add the route command to a logon script for all PCs though so it doesn't need to be remembered each time you add a new PC.
0
 
LVL 7

Author Comment

by:Yury Merezhkov
ID: 18811987
Perfect solution for me. Thank you very much.
0

Featured Post

Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
This program is used to assist in finding and resolving common problems with wireless connections.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question