Solved

How to configure network to route traffic to sub-net via one router and everything else on another

Posted on 2009-03-30
6
219 Views
Last Modified: 2013-12-14
Hi,
I've got a network with one main router that's handling Internet access/email/Lan-2-Lan VPNS.

To get better performance I've bought another router so I can transfer the LAN-2-LAN VPN to it.

How can I set the main network up so it routes traffice to the remote site though the second router whilst all other traffic goes though the main router?

I'm using hardware router based  VPNs between the remote site and second router.  The netowrk is a SBS 2003 network.

Thanks!
0
Comment
Question by:jmsjms
  • 3
  • 2
6 Comments
 
LVL 9

Expert Comment

by:hmare
ID: 24018445
You will need to create a static route on the main router telling it that all traffic for x.x.x.x (the remote site) uses the second router as its gateway. You will also need some kind of rule allowing access from the wan to the second router, similar to what you would need for a web server.
0
 
LVL 14

Accepted Solution

by:
Roachy1979 earned 500 total points
ID: 24019271
Easy way is to set a route in a login script for the remote lan on the workstations.  This avoids traffic getting passed from one router to the other.  If your remote lan has the address range of 192.168.10.0/24 for example and the router for the VPN was 192.168.1.254, your route statement would be

route add 192.168.10.0 mask 255.255.255.0 192.168.1.254

you could make this a persistent route (ie only have to add it once on each machine) with the -p switch on the end, so:

route add 192.168.10.0 mask 255.255.255.0 192.168.1.254 -p

The default gateway for the LAN would remain the same (ie the gateway for the internet connection).

Just add the above to a login script and it will become active when users log in.
0
 

Author Comment

by:jmsjms
ID: 24026574
Hi Roachy

I use a VBS loginscript.  Will this work in VBS?  If I have it in their login script with a -p will it just put it in once or will it continue to add it?

Cheers
John
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 14

Expert Comment

by:Roachy1979
ID: 24026685
If the rule exists it will overwrite the existing rule.....so it should be fine.

Not sure about VBS.  I'm sure you could call a separate batch file from within a VBS login script though...just create a .bat file in the Netlogon folder and place a separate call to run that file....
0
 

Author Comment

by:jmsjms
ID: 24082189
I've not yet put it in a script but have used it on a test PC and server.  Works fine on XP and SBS2003 but when I tried it on a W2003 R2 server it didnt like the -p.  Had a look at the /? and it's not listed as an option. Weird eh?

Anyway thanks very much!

John
0
 

Author Closing Comment

by:jmsjms
ID: 31564308
Thanks!
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question