dodyryda1
asked on
Network subnet mask issue
hi hope someone can help.... i have a problem with routing between two subnets... setup is as follows...
computer A on lan connects to remote server via vpn, this connection is shared so Computer B on Lan can also connect to the remote server. the remote [192.168.0.0] and local networks [192.168.3.0] are on different subnets with a subnet mask of 255.255.255.0. trouble is that clients on the remote network cannot see computer B, whilst computer A appears fine as the vpn connection holds an address on it's network.I have a static route setup server side that points to computer Bs network back through the vpn connection...what i'm guessing is that i need to alter the subnet mask on computer A so that it will route traffic between both networks... what should this be ? and what connection should it be on the local area connection or the vpn connection ? for that machine or do i need to change the mask on all machines? thanks for any suggestions
computer A on lan connects to remote server via vpn, this connection is shared so Computer B on Lan can also connect to the remote server. the remote [192.168.0.0] and local networks [192.168.3.0] are on different subnets with a subnet mask of 255.255.255.0. trouble is that clients on the remote network cannot see computer B, whilst computer A appears fine as the vpn connection holds an address on it's network.I have a static route setup server side that points to computer Bs network back through the vpn connection...what i'm guessing is that i need to alter the subnet mask on computer A so that it will route traffic between both networks... what should this be ? and what connection should it be on the local area connection or the vpn connection ? for that machine or do i need to change the mask on all machines? thanks for any suggestions
ASKER
hi .. yes computer a is the vpn endpoint and i have enabled ip fowarding n this computer , this is a winxp computer. the remote clients have a static route setup via dhcp to computer B's Lan via computer A's vpn lan ip address ...
What do you mean Computer A's VPN lan IP? They (remote clients) should have a route set for Computer A's LAN address. The remote clients do not need to know anything about the VPN just what machine on thier local subnet (192.168.0.0) to send packets to for 192.168.3.0.
ASKER
what i mean is i have a classless static route setup with the destition as 192.168.3.0 with the router address the same as the ip assigned to the vpn client...
ASKER
sorry which is assigned through dhcp scope options
What is the address that's assigned to the VPN client?
Can you go to Computer B and from a command prompt run: route print
go to Computer A and do the same
go to a Computer other than Computer A on 192.168.0.0/24 subnet and do the same
then post the results here. I'm finding it difficult to visualise your problem. By the sounds of things it should work.
Can you go to Computer B and from a command prompt run: route print
go to Computer A and do the same
go to a Computer other than Computer A on 192.168.0.0/24 subnet and do the same
then post the results here. I'm finding it difficult to visualise your problem. By the sounds of things it should work.
ASKER
thanks for your help spot.. manage to find the problem .. a static route ad been setup on the vpn server that had created two routes to the 192.168.3.0 subnet. so on computer a i had two conflicting routes to the 192.68.3.0 subnet.. now when i browse the network on computer a i can see all computers [remote server,clients and computer B],, however when browse from a client on the remote lan. i can see computer A but not computer B, i guess is this due to netbios being unable to be routed over vpn ?
ASKER
as i still cannot ping computer b from the remote network
Hi,
If you can't ping B from the remote network you've not resolved the problem.
By the sounds of things
- Computer A can ping it's local network and Computer B.
- Computer B can ping Computer A and it's local network.
Would that be correct? So all you've managed to do is establish the tunnel nothing more.
If you can't ping B from the remote network you've not resolved the problem.
By the sounds of things
- Computer A can ping it's local network and Computer B.
- Computer B can ping Computer A and it's local network.
Would that be correct? So all you've managed to do is establish the tunnel nothing more.
ASKER
correct .. still as of yet not working but beginning to suspect that computerA is the problem ... at the weekend i setup another network using my laptop at home dialing in to the same router with a 192.168.2.0 subnet and the ping from remote server back [192.168.0.1] to laptop [192.168.2.5]worked perfectly ....
this would seem to isolate the problem either at Computer A or on the router. For the problem network when i route print and look at the tables everything appears to be pointing at the correct interfaces.. firewalls are not blocking the traffic... computer a side is served by a netgear dg834gt. .. starting to wonder whether it could be this causing the problem blocking ports.. over my vpn
nb. From computer B
Both laptop and computer A are xp box's, so i have enabled ip forwarding registry key in tcpip>parameters this has always been the case..
this would seem to isolate the problem either at Computer A or on the router. For the problem network when i route print and look at the tables everything appears to be pointing at the correct interfaces.. firewalls are not blocking the traffic... computer a side is served by a netgear dg834gt. .. starting to wonder whether it could be this causing the problem blocking ports.. over my vpn
nb. From computer B
Both laptop and computer A are xp box's, so i have enabled ip forwarding registry key in tcpip>parameters this has always been the case..
ASKER
think i will get rid of this netgear router at troublesome end and use another draytek ... whilst annoying cannot get this to work cannot really afford any more time on this issue thanlks for your assitance spot
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I doubt very much that this is a subnet mask issue.