Solved

Simple Windows 2008 R2 routing issue

Posted on 2014-02-02
5
379 Views
Last Modified: 2014-02-03
Dear Experts,

I have a standard routing setup, which just doesn't work right:

The Windows server has two NICs, 1 (192.168.1.6/24) which is connected to an Internet router (default gateway is set to 192.168.1.1, the router's IP) and NIC 2 (192.168.0.6/24 - no default gateway specificed in the NIC's settings). PCs are connected to the LAN on NIC 2, their default gateway is set to 192.168.0.6. RRAS has been enabled on the server, using custom configuration, LAN-Routing and otherwise accepting the defaults. The server can connect to the Internet just fine, but the PCs on the LAN behind NIC 2 can't.

What could be wrong? Who can I get the PCs on NIC2 to reach the Internet? I'm attaching the route print output of the server below. (There're also some entries dealing with 10.8.0.0/24, which is a VPN transfer network, that should have nothing to do with all this.)

Thank you and best regards,

Thomas

===========================================================================
Schnittstellenliste
 23...00 ff 4d 23 66 7a ......TAP-Win32 Adapter V9
 21...00 25 64 fe 5a 06 ......LAN 2 extern
 19...00 25 64 fe 5a 04 ......LAN 1 intern
  1...........................Software Loopback Interface 1
 11...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter
 13...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter #2
 16...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter #3
 20...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4-Routentabelle
===========================================================================
Aktive Routen:
     Netzwerkziel    Netzwerkmaske          Gateway    Schnittstelle Metrik
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.6    261
         10.8.0.0    255.255.255.0         10.8.0.2      192.168.1.6      6
         10.8.0.0    255.255.255.0         10.8.0.2         10.8.0.1     31
         10.8.0.0  255.255.255.252   Auf Verbindung          10.8.0.1    286
         10.8.0.1  255.255.255.255   Auf Verbindung          10.8.0.1    286
         10.8.0.3  255.255.255.255   Auf Verbindung          10.8.0.1    286
        127.0.0.0        255.0.0.0   Auf Verbindung         127.0.0.1    306
        127.0.0.1  255.255.255.255   Auf Verbindung         127.0.0.1    306
  127.255.255.255  255.255.255.255   Auf Verbindung         127.0.0.1    306
      192.168.0.0    255.255.255.0   Auf Verbindung       192.168.0.6    261
      192.168.0.6  255.255.255.255   Auf Verbindung       192.168.0.6    261
    192.168.0.255  255.255.255.255   Auf Verbindung       192.168.0.6    261
      192.168.1.0    255.255.255.0   Auf Verbindung       192.168.1.6    261
      192.168.1.6  255.255.255.255   Auf Verbindung       192.168.1.6    261
    192.168.1.255  255.255.255.255   Auf Verbindung       192.168.1.6    261
        224.0.0.0        240.0.0.0   Auf Verbindung         127.0.0.1    306
        224.0.0.0        240.0.0.0   Auf Verbindung          10.8.0.1    286
        224.0.0.0        240.0.0.0   Auf Verbindung       192.168.0.6    261
        224.0.0.0        240.0.0.0   Auf Verbindung       192.168.1.6    261
  255.255.255.255  255.255.255.255   Auf Verbindung         127.0.0.1    306
  255.255.255.255  255.255.255.255   Auf Verbindung          10.8.0.1    286
  255.255.255.255  255.255.255.255   Auf Verbindung       192.168.0.6    261
  255.255.255.255  255.255.255.255   Auf Verbindung       192.168.1.6    261
===========================================================================
St„ndige Routen:
  Netzwerkadresse          Netzmaske  Gatewayadresse  Metrik
         10.8.0.0    255.255.255.0         10.8.0.2       1
          0.0.0.0          0.0.0.0      192.168.1.1  Standard 
===========================================================================

IPv6-Routentabelle
===========================================================================
Aktive Routen:
 If Metrik Netzwerkziel             Gateway
  1    306 ::1/128                  Auf Verbindung
 23    286 fe80::/64                Auf Verbindung
 19    261 fe80::/64                Auf Verbindung
 21    261 fe80::/64                Auf Verbindung
 21    261 fe80::594c:163c:5e19:4fd/128
                                    Auf Verbindung
 23    286 fe80::a9c2:f114:91ae:daf/128
                                    Auf Verbindung
 19    261 fe80::ed95:1ef:c56f:67c8/128
                                    Auf Verbindung
  1    306 ff00::/8                 Auf Verbindung
 23    286 ff00::/8                 Auf Verbindung
 19    261 ff00::/8                 Auf Verbindung
 21    261 ff00::/8                 Auf Verbindung
===========================================================================
St„ndige Routen:
  Keine

Open in new window

0
Comment
Question by:Staudte
  • 3
  • 2
5 Comments
 
LVL 35

Expert Comment

by:Mahesh
ID: 39828877
Either you need to enable Internet connection sharing (ICS) OR NAT component on server so that client can connect to internet

Check below video for more details

http://www.youtube.com/watch?v=Eb_7wWFO600

http://technet.microsoft.com/en-us/library/dd469812.aspx - Server NAT
Put NAT IP as default gateway on client Machines

Mahesh
0
 

Author Comment

by:Staudte
ID: 39828888
Hi Mahesh,

thanks for the quick reply. I think I have ICS enabled, because if I go into the settings of the server in RRAS, click on IPv4 there's a checkbox in "activate IPv4-Fowarding" (translated from german). Also, on the "General" tab, the "activate this computer as IPv4-Router" is checked, too.

As far NAT is concerned, I had activated that and that did indeed let the clients on NIC 2 connect to the Internet, but then RDP access through the VPN (on the 10.8.0.0/24 network) would not work anymore. Also, I don't think that NAT should be involved here - this is a general routing issue and should in principle work without NAT.

Tom
0
 
LVL 35

Accepted Solution

by:
Mahesh earned 500 total points
ID: 39828924
For ICS, you need to enable it in properties of network card connected to internet on server and for that you don't require RRAS to be deployed.
Its old concept since windows XP

I suggest you to go for NAT which can be best suite to your current scenario

Mahesh
0
 

Author Closing Comment

by:Staudte
ID: 39828954
I see.... that option is indeed not checked. However, if I'd enable that now it would change the IP of the NIC to 192.168.137.1 - which is unacceptable. I wonder why this suddenly changed anyway - it used to work fine. By the way: I enabled RRAS as a LAN-Router a looong time ago to handle the VPN's routing. As a side effect, the PCs were able to connect to the Internet (that wasn't really anticipated at that time, but welcomed). I had definitely never enabled ICS intentionally - just added the LAN Router Role to the server.

Anyway... we'll change the infrastructure today to have all PCs on the same network on NIC 1 - the structure with two separated networks was there only for historical reasons and has just never been touched - time to touch it now :-)
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 39828962
Yes, basically when you enable ICS on network card connected to internet, another private network card IP segment immediately changes to 192.168.0.1 segment probably

Check below article for step by step
http://support.microsoft.com/kb/306126

Mahesh
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Server 2008 R2 Datacenter Repair OS 20 47
DFS Replication in Another Domain 3 43
Ping Through ASA Firewall 6 23
vmdk greater than 2TB 2 27
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now