Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Unable to communicate to Network Segment on same subnet

Posted on 2012-03-21
12
Medium Priority
?
663 Views
Last Modified: 2012-03-22
Currently the network is setup as follows.
IP: 192.168.17.x
Subnet: 255.255.240.0
Gateway: 192.168.17.1
DNS: 192.168.17.1
         192.168.17.10

I have configured another router on same physical network to be static with:
WAN IP: 192.168.17.45
Subnet: 255.255.240.0
Gateway: 192.168.17.1

Internal:  192.168.20.10
Subnet: 255.255.240.0
Gateway: 192.168.20.10
DNS: 192.168.20.10

From 192.168.17.x, I cannot ping 192.168.20.10
Cannot ping from 192.168.20.x to 192.168.17.1

Nor am I able to get out to the internet, I'm at a total loss right now, does anyone have some insight into this?

I have disabled firewall rules on each end to test, still nothing.
0
Comment
Question by:MSkrezec
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
  • +3
12 Comments
 
LVL 37

Expert Comment

by:Neil Russell
ID: 37749153
You have Gateway: 192.168.17.1

What is 192.168.17.1? Does it have routes set for the 192.168.20.x address?
0
 
LVL 7

Expert Comment

by:raeldri
ID: 37749234
I'd agree with Neilsr, I'd guess the issue is that 192.168.17.1 doesn't know how to reach the other network(192.168.20.0)
0
 
LVL 8

Accepted Solution

by:
d0ughb0y earned 600 total points
ID: 37749251
The problem is your subnet masks. Because of your masks, your inside and outside addresses are on the same network.

A mask of 255.255.240.0 means that the network goes from:
192.168.16.0 - 192.168.31.255

Now the question is: Why are you using a 255.255.240.0 mask? If there's no real reason for you to be doing so, you should do one of the following:

Change the subnet masks to 255.255.255.0 all around, which will give you networks of 192.168.17.0-192.168.17.255 and 192.168.20.0-192.168.20.255. You should be able to route between those.
Change the IP scheme inside the internal router to 192.168.32.0 with a mask of 255.255.255.0.

Doing one of those ought to enable you to get out from behind the inside router. As for routing from the 17 network to the other network (i.e. inbound), you're probably going to need to do some static routing somewhere to tell your 17 clients to point to the 17.45 address if they want to reach devices on the other side of the internal router. You could probably do that on the external router, which would make it easier to handle.
0
Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

 
LVL 37

Expert Comment

by:Neil Russell
ID: 37749255
You can only have ONE default gateway on your network. That gateway MUST know of all routes it needs to access other networks.
0
 
LVL 8

Expert Comment

by:d0ughb0y
ID: 37749275
The default gateway is for the inside clients (i.e. on the inside of the internal router.) But it's still not going to work because both sides are on the same subnet. In fact, I'm surprised that the router allowed it.
0
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 600 total points
ID: 37749393
You stated what is wrong within your problem description:

     "Unable to communicate to Network Segment on same subnet"

Based on your subnet mask, addresses your IP subnet includes addresses 172.16.16.1 - 172.16.31.254.  As you seem to know, this means that 172.16.17.x and 172..16.20.x are within the same IP subnet.

As you seem to imply you also know they are on different "network segments", also known as different LAN.

To expand on d0ughb0y explanation a bit, which may make it clearer.  Hosts within the same IP subnet must be on the same LAN segment in order to talk to each other.

So you need to do something so that your hosts are on different IP subnets.
0
 
LVL 8

Expert Comment

by:d0ughb0y
ID: 37749471
Except that it's 192.168, not 172.16 - but I know why you said that. :)
0
 
LVL 57

Expert Comment

by:giltjr
ID: 37749517
Oh, crap.  I'm doing a bunch of work on my network in our 172.16 subnets.

Thanks for catching that.
0
 
LVL 11

Expert Comment

by:Khandakar Ashfaqur Rahman
ID: 37752152
If you communicate within same subnet then you don't need to use router but simply you can use switch.Your Network IP Range: 192.168.16.1 - 192.168.31.254
When you are using router then it seems you want to create another LAN.For that case, you must not use any IP between 192.168.16.1 - 192.168.31.254 for your routers internal interface. You may use different IP for your routers LAN interface like: 192.168.0.1/24
0
 

Author Closing Comment

by:MSkrezec
ID: 37752411
Thanks guys, it's a bit more clear to me now -- I understood that a static route might have needed to be but in place, however I was under the impression that since I had placed a router with Gateway, it would handle and forward all request outbound/block incoming.  I've got it up and running now using 255.255.255.0 subnet and .32 as d0ughb0y had suggested.

We've currently got 2 networks on the same subnet 255.255.240.0, other is at 13 and ours is at 17, couldn't I technically use .32 on 255.255.240.0?
0
 
LVL 8

Expert Comment

by:d0ughb0y
ID: 37752750
Yes you could use the 255.255.240.0 mask on the 32.0 subnet, which would give you addresses from 192.168.32.0-192.168.47.255. But do you need subnets that large?
0
 

Author Comment

by:MSkrezec
ID: 37754827
Well, we currently have 2 full racks virtualized for production environment on first segment, all of IT on 2nd segment, and plan to have a dedicated virtual test environment on 3rd segment.  However, subnetting is not my strongest point, guess I slept too much in Highschool, however still got my CCNA.

My engineer was off yesterday, didn't want to have to bother him while i'm playing around and didn't want to take production down, so to experts-exchange I go!

Thanks for the help guys.
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

An article on effective troubleshooting
This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question