FooSoup
asked on
Routing 2 Subnets into a network
Hello all,
I have a strange problem with ip routing and hope you can help.
We have range1 on a 87.*.*.* on subnet 255.255.255.192
we have range2 on 77.*.*.* on subnet 255.255.255.125
Now we have a layer 3 switch that is setup to accept both subnets in vlans. and infront of that 2 routers that pass the range into the layer 3 switch.
Each machine in the network has a ip on both ranges ( windows ) with 1 gateway..... on the primary range. BUT we can not seem to get to "ports" on the 2nd range but can on the primary range.
Help please!!
I have a strange problem with ip routing and hope you can help.
We have range1 on a 87.*.*.* on subnet 255.255.255.192
we have range2 on 77.*.*.* on subnet 255.255.255.125
Now we have a layer 3 switch that is setup to accept both subnets in vlans. and infront of that 2 routers that pass the range into the layer 3 switch.
Each machine in the network has a ip on both ranges ( windows ) with 1 gateway..... on the primary range. BUT we can not seem to get to "ports" on the 2nd range but can on the primary range.
Help please!!
R T
Is 255.255.255.125 a valid subnet?
ASKER
oops its 128 sorry about that :/
Your setup won't work because the PC will use the 1 gateway, so the 2nd IP won't be able to communicate with the network. To do what you want, you'd have to install a 2nd NIC in each PC.
Can you tell us the switch types (Cisco PIX, 3600, etc.), the routing protocols used, how they are interconnected, as well as a more detailed description of the VLANs?
ASKER
OK bit more detail
Switch is a HP procurve 2600
We are just using untagged and tagged vlans so they can talk to each other. each machine has 2 NIC's i 1 has range 1 on, (2 has range 2 on but with no gateway). Now what i was thinking due to windows being rubbish is if i would have to put a static route locally on each machine for the second subnet ?
Switch is a HP procurve 2600
We are just using untagged and tagged vlans so they can talk to each other. each machine has 2 NIC's i 1 has range 1 on, (2 has range 2 on but with no gateway). Now what i was thinking due to windows being rubbish is if i would have to put a static route locally on each machine for the second subnet ?
What are you trying to accomplish by giving a PC two different IPs? There might be a different way to reach your goal.
Yes, the 2nd NIC also needs a gateway in its subnet.
If you use a DHCP server with 2 NICs, IP options can be assigned automatically for each NIC.
ASKER
We have websites and email on machines but the main thing is we do ssl sites so we need ips for each website hence the second range as we ran out of ips on the primary range
Is the Procurve providing Ip routing? You have 2 subnets pointing to 1 gateway?
If you want to add the routes...
addroute 87.xxx.xxx.xxx 77.xxx.xxx.xxx
If you want to add the routes...
addroute 87.xxx.xxx.xxx 77.xxx.xxx.xxx
ASKER
Yes the procurve is doing the routing we can ping the 2nd range from outside the network but can not connect to anything on ports e.g. 80 , 25, 443 but can on the first range
You don't need a separate IP for each website. SSL certificates are specific to the FQDN of the website. The SSL certificate isn't tied to the server, or IP; it's tied to the FQDN.
I stand corrected... I've looked it up, and even though the certificate isn't tied to the IP you do need an individual IP for each SSL site.
Do you have trunking properly configured between the ProCurve and the router? Are the ACLs properly configured in the router/firewall to access those ports on the 2nd subnet?
ASKER
Now that i am not sure.. im going to look into configuartion gateways for specific vlans to see if i can do vlan specific gateways but im not sure if the procurve can do that.. if not maybe port specific gateways :/ and the trunking is auto configured on the procurve as far as i am aware i just what port is in what vlan...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I think thats the problem i cant see a way to set a gateway for each vlan
ASKER
ok here is what we have (see attached) each pc has 2 nics in
the first nic has a ip and the gateway ( ip for vlan 1 ) the second nic has a ip but no gateway (windows machine) both ip ranges are on diff subnets btw. The 0.0.0.0 route on the switch is rt1
Now we can ping the ips on both ranges from another site but we can only connect to ports on the first range not the second
any ideas?
network-map.jpg
the first nic has a ip and the gateway ( ip for vlan 1 ) the second nic has a ip but no gateway (windows machine) both ip ranges are on diff subnets btw. The 0.0.0.0 route on the switch is rt1
Now we can ping the ips on both ranges from another site but we can only connect to ports on the first range not the second
any ideas?
network-map.jpg
ASKER
I figured it out finally. i had to set static routes on each machine to get it to work correctly and also to allow the connection to each subnet.