Solved

How to configure network to route traffic to sub-net via one router and everything else on another

Posted on 2009-03-30
6
222 Views
Last Modified: 2013-12-14
Hi,
I've got a network with one main router that's handling Internet access/email/Lan-2-Lan VPNS.

To get better performance I've bought another router so I can transfer the LAN-2-LAN VPN to it.

How can I set the main network up so it routes traffice to the remote site though the second router whilst all other traffic goes though the main router?

I'm using hardware router based  VPNs between the remote site and second router.  The netowrk is a SBS 2003 network.

Thanks!
0
Comment
Question by:jmsjms
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 9

Expert Comment

by:hmare
ID: 24018445
You will need to create a static route on the main router telling it that all traffic for x.x.x.x (the remote site) uses the second router as its gateway. You will also need some kind of rule allowing access from the wan to the second router, similar to what you would need for a web server.
0
 
LVL 14

Accepted Solution

by:
Roachy1979 earned 500 total points
ID: 24019271
Easy way is to set a route in a login script for the remote lan on the workstations.  This avoids traffic getting passed from one router to the other.  If your remote lan has the address range of 192.168.10.0/24 for example and the router for the VPN was 192.168.1.254, your route statement would be

route add 192.168.10.0 mask 255.255.255.0 192.168.1.254

you could make this a persistent route (ie only have to add it once on each machine) with the -p switch on the end, so:

route add 192.168.10.0 mask 255.255.255.0 192.168.1.254 -p

The default gateway for the LAN would remain the same (ie the gateway for the internet connection).

Just add the above to a login script and it will become active when users log in.
0
 

Author Comment

by:jmsjms
ID: 24026574
Hi Roachy

I use a VBS loginscript.  Will this work in VBS?  If I have it in their login script with a -p will it just put it in once or will it continue to add it?

Cheers
John
0
Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

 
LVL 14

Expert Comment

by:Roachy1979
ID: 24026685
If the rule exists it will overwrite the existing rule.....so it should be fine.

Not sure about VBS.  I'm sure you could call a separate batch file from within a VBS login script though...just create a .bat file in the Netlogon folder and place a separate call to run that file....
0
 

Author Comment

by:jmsjms
ID: 24082189
I've not yet put it in a script but have used it on a test PC and server.  Works fine on XP and SBS2003 but when I tried it on a W2003 R2 server it didnt like the -p.  Had a look at the /? and it's not listed as an option. Weird eh?

Anyway thanks very much!

John
0
 

Author Closing Comment

by:jmsjms
ID: 31564308
Thanks!
0

Featured Post

Revamp Your Training Process

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question