Access a third machine via a second machine

I've got three machines:
1. Linux PC:
    - NIC #1:, netmask, gateway:
      (so this is connected over a switch to the Windows machine (2.))
2. Windows 10 PC:
    - NIC #1:, netmask, no gateway
    - NIC #2:, netmask, gateway:
3. Linux machine
    - NIC #1:, netmask, gateway: (Internet)

What do I have to do on which machine to get access from the Linux machine (1.) to the 10.x.x.x network (over the Windows machine (2.)?
I got above scenario working with Internet Connection Sharing on the Windows machine (2.) sharing its NIC #2 on its NIC #2.
However, it is extremely buggy (when restarting the Windows machine it is not working, have to switch on/off to make it work again, etc.)
So, I need a different solution just based on a few static routes perhaps?
Many thanks in advance,
Michael BerendCEOAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Cliff GaliherCommented:
What you want is basically routing 101.  Unfortunately windows *client* has no built-in routing services and really shouldn't be used as a router anyways (both technical and legal reasons for this.)  Windows Server can do this, as can many Linux distros.  But if you insist on keeping machine #2 as windows 10 then you'll have to look at 3rd-party router products, and I am not aware of any that I consider reliable.  

You'll find anecdotal regedits that enable routing (But that's basically what ICS does anyways), but you end up manually managing routes and it still can be finicky unless you get the manual routes "just right" and thus it appears unreliable (and therefore effectively *is* unreliable.)

Microsoft never intended windows 10 to be used this way and to do so would cut into their server sales, so they don't make it easy or really supported. You are hitting that limitation.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Rob WilliamsCommented:
Windows PCs will not do routing by default.  I haven't done it since XP days, but you should still be able to turn on routing on the Windows machine by editing the registry.  I see by the following link it still worked with Win7.

It's not an ideal solution but does work.

Once done then you need to create static routes on the machines on each subnet showing the gateway for the other subnet as your modified PC.
Michael BerendCEOAuthor Commented:
Hi Rob,
Many thanks for your quick answer.
I understood the first part, which I did already (enabled IP Routing on the Windows machine).
Could you just give me one more hint on what machine I would have to set which route then?
Sorry for bothering you with probably something trivial, but I always get confused about these routes.
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

Rob WilliamsCommented:
The routing PC can only see networks directly connected to it, so assume it has 2 NIC's and  It knows the devices on those 2 subnets, but the devices on those two subnets do not know how to route traffic to the other subnet.  By default they use the default gateway and it does not have an answer.  That is actually where the routes should be added, but if wanting to use a PC to route the traffic...….

On every pc on subnet 192.168.100.x you have to add a route such as
route add -p mask

then on every PC on subnet 192.168.200.x you have t add a route such as
route add -p mask

You have to have routes in both directions, so that the packet knows how to get there, and then how to find its way back.

If a device's default gateway happens to be it's respective IP192.168.100.1 or address, the rout is not necessary.

As Cliff said this is not an efficient way to handle routing, but in a pinch I have done so for temporary set ups in the past.
Michael BerendCEOAuthor Commented:
I added a route on the Linux-PC (1.):
- route add -p mask
so it a "ping 10.x.x.x" would hit Windows machine (2.), which is connected with the 10.x.x.x network
however, I don't get an answer back.
What additional route (if any) do I have to set on the Windows machine then, so that the 10.x.x.x answer can find its way back?
Rob WilliamsCommented:
As mentioned the device you are pinging can only respond if you add the return route to it.  The windows device acting as a router, does not need any routes added to itself.

On all devices on the 10.x.x.x network you would have to add
route -p mask mask
Michael BerendCEOAuthor Commented:
Hi Rob and Cliff,
I'd like to thank you for the great and timely answers.
You helped me a great deal.
I decided finally to go with "WinGate" to handle the required routing, since the individual routes on both sides of the networks is impossible to maintain.
Best regards,
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.