AboutPricingCommunityTeamsStart Free TrialLog in
Avatar of jsstanley
jsstanley
Flag for United States of America asked on

VPN accessing two IP ranges

I have two address ranges in our building.  

The primary one is 10.0.0.1/255.   The subnet is 255.255.255.0 and the gateway is 10.0.0.1.  It consists of our Small Business Server 2003, fileservers and all of our network workstations and printers.  All nodes are attached to  a Linksys router that is set up as a DMZ behind a Comcast Business gateway

The second range is 10.1.22.1/255.  The subnet is 255.255.255.0 and the gateway is 10.1.22.1.   It consists of IP addressable hardware that we sell.  It is a test network.  The router's WAN port is attached to the Domain so the "test" network can have access to the web, and so that computers on the 10.0.0.1/255 network can access the web interface built into the router.

I have one user that accesses both of these networks from his workstation using two NICs.  

This user routinely access the 10.0.0.x network via VPN from job sites and home.  He wants to be able to access devices on both networks via VPN.  

How can this be accomplished?
Networking Hardware-OtherVPN
Avatar of undefined
Last Comment
Qlemo
8/22/2022 - Mon
Qlemo
It should be sufficient if both gateways know of the other's network (have according routes). I assume VPN ip addresses are out of 10.0.0.0 network. When other ip addresses are used, those must be routed on the 10.1.22.1, too.
jsstanley
ASKER
Yes, all my VPN users authenticate onto the SBS server on the 10.0.0.0 network.  Where/How do you suggest I create a route to both networks?
Qlemo
Easist way is to define necessary routes on gateways only, and to define those (local) gateways as default gateways on the corresponding network side.
Your help has saved me hundreds of hours of internet surfing.
fblack61
jsstanley
ASKER
I still do not have a resolution.

If I give myself a static IP on the 10.1.22.x range, I can access all resources on the internet and on my 10.0.0.x network.  But, if I use an IP handed to me by the SBS server (10.0.0.x) I'm unable to touch the 10.1.22.x network.

How can I establish a route in the SBS to the 10.1.22.x network, so my users with an IP of 10.0.0.x will be able to use resources on the 10.1.22.x network?

I believe if I can establish a route on the SBS, my VPN users will have access to the resources on the 10.1.22.x network after they authenticate onto the SBS (10.0.0.2).  Can anyone help with this?
Qlemo
Ok, I see, this is not as easy as I thought first. You would have to set an additional route on Linksys - but I don't think you can do that.

Next idea - change LinkSys net 10.0.0.0 / 8   (= 255.0.0.0). That way, it will post all data for any 10.x address onto the internal network. On the 10.1.x router, you will have to do the same, so packets are sent back.

jsstanley
ASKER
Is this really the solution? Many nodes on the 10.1.22.x network have static IPs.  Changing the subnet would require me to touch each node.  Also I would have to reconfigure domain info.  I really dont want to break my network.......

Do you have any other ideas?
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Qlemo
Please reread my writings. You only have to apply changes to at least the Linksys router (the change to test router should not be necessary as it has two interfaces).
jsstanley
ASKER
The router only lets me configure the last octet.  I can not manually enter the subnet........
Qlemo
Are you able to set a route in Linksys for  10.1.22.x with gateway address of WAN port of the test router?
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
jsstanley
ASKER
All domain PCs are handed an IP via the SBS.  DHCP is configured to hand out a subnet of 255.255.255.0.  I tried hard coding my IP with subnet of 255.0.0.0 and I was able to touch devices on the 10.1.22.x network with an IP of 10.0.0.x.  This does not solve my original problem with being able to access the test network via VPN.

The next step is to change settings in the SBS.  Unfortunately Im unable to make any changes to SBS at this time.  I would like to keep this discussion open until Im unable to make changes to the SBS.

Although a solution was not handed to me, I believe you(Qlemo) should be awarded the points because you got be thinking in the right direction.

I'll post again soon if I have found a solution or need further assistance.
ASKER CERTIFIED SOLUTION
Qlemo
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Plans and Pricing
Resources
Product
Podcasts
Careers
Contact Us
Teams
Certified Expert Program
Credly Partnership
Udemy Partnership
Privacy Policy
Terms of Use

© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent