Solved

Routing 2 networks

Posted on 2011-03-25
16
507 Views
Last Modified: 2012-05-11
Hi,

I have 2 networks on different networks, 192.168.1.0/24 and 192.168.5.0/24 they both have their seperate internet connection and their own router but i need them to be able to access data, i thought about using LAN Routing but i couldnt get this to work.  There are 2 NICs in one of the server - am i being sill and missed something?

I configured lan routing and added the rip protocol then added both interfaces....

Thanks
0
Comment
Question by:infopls
  • 8
  • 5
  • 3
16 Comments
 
LVL 10

Expert Comment

by:joelsplace
ID: 35216202
Access data between various devices or just both networks access data on the one server with the two nics?
0
 

Author Comment

by:infopls
ID: 35216319
I need access between various devices and both networks...

i got it working with access one way with access just to the routing server...
0
 
LVL 10

Assisted Solution

by:joelsplace
joelsplace earned 75 total points
ID: 35216453
Have you tried just connecting the networks and setting up the mask so that they can see each other?
255.255.0.0 would allow them to see anything 192.168.x.x but their gateways would still be the same so they would send data meant for the outside to their own gateway.
If you use VPNs to other networks then that could cause a problem if the other networks use 192.168.x
0
 

Author Comment

by:infopls
ID: 35216526
One server has 2 NICs with static IP's of both the networks but i should be able to configure a lan route as i can physically run a cable from the switch to the server on the other network which i have done but i was expecting once the lan route with rip was configured i would be able to talk across both networks...
0
 
LVL 25

Accepted Solution

by:
Fred Marshall earned 175 total points
ID: 35216710
The most direct way to do this is with a router.   The function may be provided by your internet gateway routers or it might be separate.  One LAN on one side and one LAN on the other (in Router mode on some).

It helps to always think of this being a 2-way symmetrical arrangement - so whatever is on one LAN should be duplicated on the other LAN.

Here's a typical arrangement:
Add a router with a LAN#1 address on one side and a LAN#2 address on the other side.  Set to run in Router and not Gateway mode so there's no NAT.  Some routers do this by turning off NAT and others do it by setting the mode.

On the LAN #1 internet gateway router add add a route so that packets originating on LAN #1 are directed to the LAN #1 address of the router.  This way, packets originating on LAN #1, destined for LAN #2 will go to their gateway as usual for "foreign" addresses.  The gateway router will send them to the new router as the next hop and the router knows about LAN#2 and will send the packets to its LAN #2 port.

Do the same thing on the LAN #2 internet gateway router - routing packets destined for LAN #1 to the LAN #2 address of the new router.

Packets coming out of the router will be on the LAN they belong on and will go directly to the intended destination computer.  So, there's no extra hop at the receiving end.

Some gateway routers may not want to allow responses due to stateful packet inspection rules.  So, if there are problems with this, it could be there.  For example:

PING a remote computer:
- packet goes to the gateway and is forwarded to the router.
- packet traverses the router and is destined for the target computer
- the target computer responds
- the responding packet goes to the local gateway which has no packet state context for it.  So, it's either forwarded or it isn't.....  If it's forwarded:
- packet is forwarded to the router
- packet traverses the router and is destined for the PING-originating computer

A Traceroute from one LAN to the other should look something like this:

Local gateway
Local port of the interLAN router
Remote computer

You may be able to use the multi-homed server as the "router" here.  Just about any 2-NIC computer would do it by adding:
- a route from LAN #1 subnet to LAN #2 subnet with the LAN #2 NIC as the next hop.
- a route from LAN #2 subnet to LAN #1 subnet with the LAN #1 NIC as the next hop.
... nice and symmetrical.

0
 

Author Comment

by:infopls
ID: 35216925
I need this to be kept internally as requested by the client.  Thats why i thought doing a multihomed server would be a good idea but i just cannot get both networks to speak..
0
 
LVL 10

Expert Comment

by:joelsplace
ID: 35217107
I've got a client with a similar situation that is using my subnet mask solution successfully.
0
 
LVL 25

Expert Comment

by:Fred Marshall
ID: 35217362
I don't know what you mean by "kept internally".  I think everything I mentioned was "internal" pretty much....

Have you set up the routing in the server as described?  Please provide the result from:

route print

0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 25

Expert Comment

by:Fred Marshall
ID: 35217394
joelsplace suggests a subnetting approach which could work.

In effect, this creates a single larger subnet with multiple internet gateways.
I think you'd want to be sure that the subnet masks on *all* devices match - including the gateways.
0
 

Author Comment

by:infopls
ID: 35217475
Is that a route add? Could you give me the correct syntax for this and and will attempt this over the weekend.

With the subnet would I have to change both sites and the dhcp or just the multi homed server?  Sorry about all the questions.
0
 

Author Comment

by:infopls
ID: 35217485
At the moment both sites are on a 255.255.255.0 subnet
0
 
LVL 25

Expert Comment

by:Fred Marshall
ID: 35217570
I understand that the subnet masks are currently 255.255.255.0.  OK.

Windows route add:

route -p ADD “destination network” MASK “destination subnet mask”  “gateway ip” metric "N"

where everyting in quotes is entered without the quotes as ip addresses and N an integer.

From:
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/route.mspx?mfr=true

Syntax
route [-f] [-p] [Command [Destination] [mask Netmask] [Gateway] [metric Metric]] [if Interface]]


0
 

Author Comment

by:infopls
ID: 35217607
Okay, I shall have a go in the next day when I am back in the office and will report back
0
 

Author Comment

by:infopls
ID: 35230251
Sorry i am still a little confused, do i do the route add on the server of the client workstations that are trying to connect to the other network?
0
 
LVL 25

Expert Comment

by:Fred Marshall
ID: 35235803
I think I'd mentioned this before:

You can either do this on *all* the computers OR you can do it once, on a router.
The notation is for a computer.
Router setting methods will vary but the ideas are the same.
0
 

Author Closing Comment

by:infopls
ID: 35382619
Managed to do it via the router, thanks for your input guys.  Much appreciated
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now