Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 764
  • Last Modified:

Unable to access server from a different subnet

I have 2 wireless routers setup on our network for customer use.  These routers function as DHCP servers so everyones laptop and iPhone aren't using up my IP addresses.  We also have several company computers that the customers can use that are connected via these wireless routers.

We recently switched our DC/DNS/DHCP from a server 2000 machine to a server 2008R2 machine, and since the switch, the SEP clients on these machines are unable to connect to the SEPM management server.  I can ping the server from the command prompt, but thats it.

Our network DHCP runs 192.168.100.X IP addresses, but the wireless routers run 192.168.9.X.

I had other problems with the firewall blocking ports for programs that were on the domain, but was able to resolve those by creating rules.  

Is there something I need to do with the firewall to let it recognize these other subnets?
0
schmity78
Asked:
schmity78
  • 5
  • 4
  • 2
2 Solutions
 
schmity78Author Commented:
All the workstations on the domain are able to connect to the SEPM and function fine.
0
 
setasoujiroCommented:
so if i understand correctly, you are able to ping the other subnet/server 2008 from the clients in the other range?

how are these routers connected to eachother?
is there another firewall/router which connects their "wan'' interface to the same subnet?
0
 
jimbecherCommented:
  One of the simplest things to try as far as debugging is to stop the firewall service. Don't turn it off. Stop the service. I have seen several cases where people have said it isn't the firwall it is turned off yet it was still functioning. Stopping the service is the sure way to kill it. That will at least tell you if it is a firewall issue.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
schmity78Author Commented:
I am able to ping the server that is in the other subnet.  All of the devices are on the same physical network/LAN.  There is no physical firewall, just the Symantec firewall (and windows firewall, which symantec has taken control of).

I have not had a chance to stop the firewall service, I will try that when there aren't so many people here.

Thanks for the advice so far.
0
 
setasoujiroCommented:
is it possible that the wireless clients connect using DNS and that you did not setup your local DNS in the wireless router?
0
 
setasoujiroCommented:
to the sepm i mean
0
 
schmity78Author Commented:
I checked that yesterday and the wireless router DNS is pointed to our internal DNS servers
0
 
setasoujiroCommented:
so you can ping the SEPM hostname from the wireless clients that have the issue?
0
 
jimbecherCommented:
I am fishing a little but don't you need a static route on your main internet gateway to get stuff back to the respective wireless routers? Was there a route on the 2000 server that no longer exists?
0
 
setasoujiroCommented:
@jimbecher, normally of the wifi router handles nat you do not need anymore routes added to the server subnet.

but if the EPSM is trying to reach the clients at 192.168.9.x from the 192.168.100.x subnet, then this is very correct

0
 
schmity78Author Commented:
Our NAT is handled by our main firewall.   The SEPM is on the .100.X subnet and the clients are on the .7.X subnet.  I can ping the server IP address from the client work station, but the client will not connect.  It wants to connect to port 8014, so I opened that port on the server firewall, but it didnt help.  Maybe there is another port I am not seeing.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 5
  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now