General discussion

Locked

Cannot tracert beyond gateway

By DoubleShocker ·
I recently switched all devices from DHCP to static IP's on the corporate LAN. Everything seems to work just fine, with one very annoying exception:

I cannot tracert beyond the gateway any longer. The results show the first hop as 192.168.0.1 (Internet Gateway), and every destination after that is unreachable.

The DNS resolves just fine, and when performing a tracert on www.google.com for instance, resolves the correct IP address for their webservers.

I'm combing through all the IP settings today, but would love to know if anyone can give me a simple fix for this annoyance.

Best regards,

Chris

This conversation is currently closed to new comments.

6 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by curlergirl In reply to Cannot tracert beyond gat ...

Are you sure that you could do a tracert beyond the gateway before that? It's very unlikely that simply changing from dynamic to static IPs internally would change the ability to do this. The most likely cause is that many gateway routers have ICMP traffic blocked at the gateway as a security measure.

Hope this helps!

Collapse -

by DoubleShocker In reply to

Poster rated this answer.

We could definately tracert before we made the change. I think it has something to do with the fact that we have a very messy network configuration here. I've inherited it, and am trying to do my best to configure it within typically recognized standards.

For instance, the main router has been acting as a DHCP server. It is connected to the IP network via T-1 ethernet hand off from carrier, and then connected to a 48 port managed switch.

All our computers and servers are connected into that switch, along with 3 WAP devices. Two of those WAPs are crummy little home wireless routers, and the other is a crummy little home wireless access point. Those are connected to the switch and are set to NOT offer DHCP to their clients.

The wireless clients are getting DHCP served by the main router.

It gets worse.

We also use VOIP phones, so all those devices were set to DHCP, and received their IPs from the router. Recently, we changed all the VOIP phones to static, all the desktops to static, all the servers and printers were already static, and all the WAP's are static.

The only thing remaining dynamic are the wireless laptops which we are moving to static today.

My goal is to turn the "DHCP server" function off on the main router, and move it to the Windows 2003 server, where it can be better managed. I envosion a static network with DHCP for the occassional visit from remote staff.

Since we have not changed any configurations on the main router (which, embarrassingly is called a NetComm / Splitronic - read: could not afford a good router) I am confused by the sudden loss of tracert capability.

I will look into the ICMP config on that router, and report back with any anomolies.

Thanks for your rapid response!

Chris

Collapse -

by cmiller5400 In reply to Cannot tracert beyond gat ...

Well, temporarily change one of the stations back to DHCP and see if a tracert works. If not probably the isp is blocking ICMP on their routers.

Collapse -

by DoubleShocker In reply to

Poster rated this answer.

Collapse -

by DoubleShocker In reply to Cannot tracert beyond gat ...

I still cannot tracert, so it must not be the DHCP thing.

In looking at the SYSLOG of the gateway, I see that these tracert's are being BLOCKED by the router as DoS Attacks:Oversized ping.

Wha?

I've never had this problem before. With no configuration changes, no firmware changes, and apparently no difference between the DHCP/static IP config, how is it possible this router is seeing tracert's as oversized pings?

One likely answer - our internet gateway is a POS.

I can not find a way to reduce the buffer size / packet size on the tracert. When I try to ping out with a standard 32 byte buffer, the router allows it. When I increase to 64 it is blocked as a DoS, which is what it should do, per the configuration.

Should I now assume that tracert buffer size is greater than 32 bytes and cannot be configured?

Help!

Thanks,

Chris

Collapse -

by DoubleShocker In reply to Cannot tracert beyond gat ...

This question was closed by the author

Back to Windows Forum
6 total posts (Page 1 of 1)  

Related Discussions

Related Forums