Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1041
  • Last Modified:

LAN to LAN routing when Windows 2003 Server is not the default gateway

I have already searched through the knowledge base an cannot find an exact answer to what I am trying to achieve.  Please point me in the right direction if an answer is currently posted.

I have a network impairment generator that I am configuring for VoIP testing purpose. (Shundra Cloud)

I have configured a windows 2003 server box with 2 NIC cards and have installed the Shundra software.

Phase one is to just get routing working between two subnets.

Topology:
My existing network consists of a Cisco Catalyst 3560 that is performing routing functions, internet access and is the default gateway. (DG: 192.168.30.1 /24)

I have patched the windows 2003 box into this network and have assigned a static IP address (192.168.30.60 /24)
I have configured the second NIC card with an IP address of (192.168.2.1/24).

There is a PC connected through a linsys switch with a static IP address of 192.168.2.2.  I can ping to the Internal interface of the Windows box (192.168.30.60) from 192.168.2.2. But that is a far as I can get.

I can ping to the default gateway (192.168.30.1) or to the PC 192.168.2.2 from the Windows box.

I have tried enabling RRAS with LAN-to-LAN routing with no success and I have turned on IP forwarding via the tcpip registry key.

Do I need to add static routes on the Cisco Switch or do I need to add them in Windows RRAS?
This is the routing table on the windows box acting as a router:

Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\Administrator>route print

IPv4 Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 04 75 f7 8a c7 ...... 3Com EtherLink XL 10/100 PCI For Complete P
 Management NIC (3C905C-TX) - SHUNRA\Cloud WAN Emulator Miniport
0x10004 ...00 b0 d0 c1 e7 d0 ...... 3Com 3C920 Integrated Fast Ethernet Control
er (3C905C-TX Compatible) - SHUNRA\Cloud WAN Emulator Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask                   Gateway                 Interface         Metric
127.0.0.0                         255.0.0.0                  127.0.0.1                 127.0.0.1            1
192.168.2.0                     255.255.255.0          192.168.2.1             192.168.2.1        1
192.168.2.1                     255.255.255.255      127.0.0.1                 127.0.0.1            1
192.168.2.255                 255.255.255.255      192.168.2.1             192.168.2.1        1
192.168.30.0                   255.255.255.0          192.168.30.60         192.168.30.60     20
192.168.30.60                 255.255.255.255      127.0.0.1                 127.0.0.1             20
192.168.30.255               255.255.255.255      192.168.30.60         192.168.30.60     20
224.0.0.0                         240.0.0.0                  192.168.2.1             192.168.2.1         1
224.0.0.0                         240.0.0.0                  192.168.30.60         192.168.30.60     20
255.255.255.255             255.255.255.255      192.168.2.1             192.168.2.1          1
255.255.255.255             255.255.255.255      192.168.30.60         192.168.30.60      1
===========================================================================
Persistent Routes:
  None

0
ipblue
Asked:
ipblue
  • 4
  • 3
1 Solution
 
kyleb84Commented:
Your routing table of the Windows Router looks fine....

Make sure your 3560 has this route:
- ip route 192.168.2.0 255.255.255.0 192.168.30.60

And your 192.168.2.2 PC has got a default route or a specific route to the 30.0 network (Use one):
Specific:
- route add 192.168.30.0 mask 255.255.255.0 192.168.2.1
Default:
- route add 0.0.0.0 mask 0.0.0.0 192.168.2.1

After confirming that, try:
- ping 192.168.30.1 from 192.168.2.1, and then vice-versa.
- Make sure Windows Firewall is disabled on the Windows Router, and the 192.168.2.2 box.

Look forward to hearing your progress...
0
 
kyleb84Commented:
Sorry that Ping test mentioned above should be:

Ping 192.168.30.1 from 192.168.2.2 (The Client PC), not 2.1 (The Windows Router), and vice-versa.
0
 
ipblueAuthor Commented:
Thanks for the advice. Adding the static route on the c3560 corrected the ping in both directions. When I try to add either the specific or default route onto the PC I get a bad argument statement. I have tried to add this on both the PC and the windows server acting as the router.

The problem that i am having now is that I cannot reach the internet. (I need to do so for licensing purposes)

0
Granular recovery for Microsoft Exchange

With Veeam Explorer for Microsoft Exchange you can choose the Exchange Servers and restore points you’re interested in, and Veeam Explorer will present the contents of those mailbox stores for browsing, searching and exporting.

 
kyleb84Commented:
Cannot access the internet from the Windows Router or the PC?

The PC must have a default route, since the command failed just go to:

Control Panel->Network Connections->(Right Click on your LAN Adaptor)->Properties->
- Scroll down to find "Internet Protocol (TCP/IP)", select it, hit properties.
- Select "Use the following address"
- Add your ip address 192.168.2.2
- Subnet Mask 255.255.255.0
- Default Gateway 192.168.2.1

Select "Use the following DNS server address"
(Enter in your network's DNS server, or your ISP's one)

--------------------------

On your Windows Router, do the same, but right click on the interface that connects to the Cisco switch, not the one that goes to the PC.

Do the same thing for it:
IP: 192.168.30.60
MASK: 255.255.255.0
GW: 192.168.30.1

DNS: (As per your network, or your ISP's recommended DNS servers)

-----------------

If your Default Gateway 192.168.30.1 (Cisco) does NAT etc... then it'll work!

Else if you have another internet modem/router behind that Cisco 3560 you'll have to add routes back to the 192.168.2.0 network via the Cisco switch...

Let me know how you go!
0
 
ipblueAuthor Commented:
I should re-phrase my issue:

I cannot access the internal interface of my PIX from the PC or Windows box acting as a router.
I already had the default gateway and DNS server as specified.

I can not access the internal interface of my pic 515e firewall. The IP address is 192.168.254.254 /24.

All of my other networks have no problem reaching this interface. The ony difference is the router that is connecting the 192.168.2.0 network to the 192.168.30.0 network is not the default router.

Topology goes:

PC -> Windows Server(router) -> c3560 -> Pix 515E -> Intern
I  added a route as follows on the PIX: route inside 192.168.2.0 255.255.255.0 192.168.254.254 1


0
 
kyleb84Commented:
ipblue,

Change that route in the pix to say:

ip route 192.168.2.0 255.255.255.0 192.168.254.X

(I'm guessing your C3560 has a 192.168.254.X ip address that allows it to connect to the PIX? If so replace the above X with the rest of that IP, else can you let me know if the PIX has a 192.168.30.X IP?)

Should work then :)



0
 
ipblueAuthor Commented:
Sorry about this never being closed out.
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now