Solved

Unable to access server from a different subnet

Posted on 2011-09-09
11
749 Views
Last Modified: 2012-05-12
I have 2 wireless routers setup on our network for customer use.  These routers function as DHCP servers so everyones laptop and iPhone aren't using up my IP addresses.  We also have several company computers that the customers can use that are connected via these wireless routers.

We recently switched our DC/DNS/DHCP from a server 2000 machine to a server 2008R2 machine, and since the switch, the SEP clients on these machines are unable to connect to the SEPM management server.  I can ping the server from the command prompt, but thats it.

Our network DHCP runs 192.168.100.X IP addresses, but the wireless routers run 192.168.9.X.

I had other problems with the firewall blocking ports for programs that were on the domain, but was able to resolve those by creating rules.  

Is there something I need to do with the firewall to let it recognize these other subnets?
0
Comment
Question by:schmity78
  • 5
  • 4
  • 2
11 Comments
 

Author Comment

by:schmity78
ID: 36513428
All the workstations on the domain are able to connect to the SEPM and function fine.
0
 
LVL 14

Expert Comment

by:setasoujiro
ID: 36513591
so if i understand correctly, you are able to ping the other subnet/server 2008 from the clients in the other range?

how are these routers connected to eachother?
is there another firewall/router which connects their "wan'' interface to the same subnet?
0
 
LVL 11

Expert Comment

by:jimbecher
ID: 36513663
  One of the simplest things to try as far as debugging is to stop the firewall service. Don't turn it off. Stop the service. I have seen several cases where people have said it isn't the firwall it is turned off yet it was still functioning. Stopping the service is the sure way to kill it. That will at least tell you if it is a firewall issue.
0
 

Author Comment

by:schmity78
ID: 36532719
I am able to ping the server that is in the other subnet.  All of the devices are on the same physical network/LAN.  There is no physical firewall, just the Symantec firewall (and windows firewall, which symantec has taken control of).

I have not had a chance to stop the firewall service, I will try that when there aren't so many people here.

Thanks for the advice so far.
0
 
LVL 14

Expert Comment

by:setasoujiro
ID: 36534102
is it possible that the wireless clients connect using DNS and that you did not setup your local DNS in the wireless router?
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 14

Expert Comment

by:setasoujiro
ID: 36534103
to the sepm i mean
0
 

Author Comment

by:schmity78
ID: 36538568
I checked that yesterday and the wireless router DNS is pointed to our internal DNS servers
0
 
LVL 14

Expert Comment

by:setasoujiro
ID: 36538740
so you can ping the SEPM hostname from the wireless clients that have the issue?
0
 
LVL 11

Accepted Solution

by:
jimbecher earned 250 total points
ID: 36538756
I am fishing a little but don't you need a static route on your main internet gateway to get stuff back to the respective wireless routers? Was there a route on the 2000 server that no longer exists?
0
 
LVL 14

Assisted Solution

by:setasoujiro
setasoujiro earned 250 total points
ID: 36538818
@jimbecher, normally of the wifi router handles nat you do not need anymore routes added to the server subnet.

but if the EPSM is trying to reach the clients at 192.168.9.x from the 192.168.100.x subnet, then this is very correct

0
 

Author Comment

by:schmity78
ID: 36539348
Our NAT is handled by our main firewall.   The SEPM is on the .100.X subnet and the clients are on the .7.X subnet.  I can ping the server IP address from the client work station, but the client will not connect.  It wants to connect to port 8014, so I opened that port on the server firewall, but it didnt help.  Maybe there is another port I am not seeing.
0

Featured Post

Promote certifications in your email signature

Has your company recently won an award or achieved a certification? They'll no doubt want to show it off. Email signature images used to promote certifications & awards can instantly establish credibility with a recipient and provide you with numerous benefits.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Redirected folders in a windows domain can be quite useful for a number of reasons, one of them being that with redirected application data, you can give users more seamless experience when logging into different workstations.  For example, if a use…
I was supporting a handful of Windows 2008 (non-R2) 2 node clusters with shared quorum disks. Some had SQL 2008 installed and some were just a vendor application that we supported. For the purposes of this article it doesn’t really matter which so w…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now