General discussion

Locked

IP Routing

By TPCosmo ·
I am having difficulty setting up a network for our new remote office. One office has a nt4 server with an IP scheme 192.168.89.x. Our new office has windows 2000 server and is set up with 192.168.90.x scheme. I set a VPN from the 2000 svr to the NT4 svr with persistent connection. The problem lies in the fact that I can not ping from client machines on the 2000 network to the remote network. From the 2000 server i can ping just fine, but clients can't. They browse the web, so the client setupis fine.
I think its with routing but cant add what i think should be in the table which is below:


0.0.0.0 0.0.0.0 209.242.61.89 209.242.61.91 1

127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1

192.168.89.0 255.255.255.0 192.168.89.241 192.168.89.242 1

192.168.89.241 255.255.255.255 192.168.89.242 192.168.89.242 1

192.168.89.242 255.255.255.255 127.0.0.1 127.0.0.1 1

192.168.89.255 255.255.255.255 192.168.89.242 192.168.89.242 1

192.168.90.0 255.255.255.0 192.168.90.1 192.168.90.1 1

192.168.90.1 255.255.255.255 127.0.0.1 127.0.0.1 1

192.168.90.40 255.255.255.255 127.0.0.1 127.0.0.1 1

192.168.90.255 255.255.255.255 192.168.90.1 192.168.90.1 1

209.172.177.26 255.255.255.255 209.242.61.89 209.242.61.91 1

209.242.61.88 255.255.255.248 209.242.61.91 209.242.61.91 1

209.242.61.91 255.255.255.255 127.0.0.1 127.0.0.1 1

209.242.61.255 255.255.255.255 209.242.61.91 209.242.61.91 1
224.0.0.0 224.0.0.0 192.168.89.242 192.168.89.242 1
224.0.0.0 224.0.0.0 192.168.90.1 192.168.90.1 1

224.0.0.0 224.0.0.0 209.242.61.91
209.242.61.91 1

255.255.255.255 255.255.255.255 192.168.90.1 192.168.90.1 1

Default Gateway: 209.242.61.89

does anything look funny in this table?
Am I in the right place?

This conversation is currently closed to new comments.

10 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

IP Routing

by Joseph Moore In reply to IP Routing

I am a little confused by your setup, so let me see if I get this right.

Site1 ---------------------- Site2
NT4 ------------------------ Win2K
---------VPN Tunnel----------------
clients -------------------- clients


Ok. The Win2K VPN server can PING the clients behind the NT4 server. Clients BEHIND the Win2K server CANNOT PING the NT4 clients.
Right?

Then, I would do this. Open Routing & Remote Access snap-in on the Win2K server, expand Server Status -> IP Routing -> Static Routes.
Right-click and choose New Static Route.
In the Interface drop-down, choose the NIC on the Win2K that is the outbound interface for the VPN (the NIC that connects via VPN to the NT4 server). Put in IP address range (192.168.89.0 or 192.168.90.0-- I am confused from your question which server is on which network) in the Destination box. Put in your 255.255.255.0 mask in the Network Mask box. Put in the IP address of the NT4 NIC in the Gateway box. Leave the Metric at 1.

That should do it. It sounds like you are having a problem routing from RRAS to the NT4 server for your clients. So, put in a static route in RRAS to do this.

hope this helps

Collapse -

IP Routing

by TPCosmo In reply to IP Routing

Joseph, Thanks for the quick response. Your diagram is dead on, and to clear up the confusion the w2k network is the 192.168.90.x network. And, yes, you are right, clients behind the w2k server cant ping clients behind the nt4 server, nor can they ping the nt4 server itself.
Unfortunately the solution you provided didn't work. I already had a static route set in RRAS but had it configured a little differently. From the interface drop down menu I set it to use the VPN, not an actual NIC. Its isset with a destination of 192.1686.89.0, mask 255.255.255.0, and with no gateway. I deleted that route and added one like you suggested, but then I couldn't ping the remote nt4 network from the server or client machines. I guess I'm confused why I would put the 192.168.89.0 as the destination, and 192.168.89.1 as the gateway. Any other suggestions? Is there a way to manually edit the routing tables other than the route add/delete commands. I'm not having good luck with the route DELETE command.Thanks again....

Collapse -

IP Routing

by TPCosmo In reply to IP Routing

OOPs, I forgot another question. Would there have to be a VPN set up on the nt4 side, pointing back to the w2k network to get the ping to work properly between networks?

Collapse -

IP Routing

by acattr In reply to IP Routing

your static route entry on the 2k box is correct, you specify the network, then subnet mask, then select the dial on demand adapter for the gateway. Interesting thing is that you never spoke about what you were using on the NT server.

My questionis.... On the NT box are you using RRAS(AKA StealHead) for windows NT, or just simple RAS? If your using RAS, then that explains why your 192.168.90.x users can't see the other network. RAS does not do routing, so your not doing a network to network vpn tunnel, your actually doing a client to network VPN tunnel. The 2000 server being the client. RRAS for NT looks and acts just like the one on 2000.

I don't know where you can download RRAS for NT anymore. I think I have a copy of it at home, its no larger than 5mb. Link below for whitepaper on Setting up Demand-Dial Connections with RRAS for NT.

http://tinyurl.com/4b9n

Collapse -

IP Routing

by TPCosmo In reply to IP Routing

Poster rated this answer

Collapse -

IP Routing

by quintar51 In reply to IP Routing

Quote - "I guess I'm confused why I would put the 192.168.89.0 as the destination, and 192.168.89.1 as the gateway"

The reason behind this, is that your NT network is on the 192.168.89.0 network. If you look at your routing table, you'll notice that the entry for this destination is
"192.168.89.0 255.255.255.0 192.168.89.241 192.168.89.242 1"

However, this isn't correct. That entry states that in order for you to get to the 192.168.89.0 network, you need to go through 192.168.0.89.241. However, if you check your setup again, you'll notice that you need to go through the NT server itself, which is 192.168.89.1.

That's what Joseph meant in his answer. You need to change that route and make sure the gateway is the NT server itself.

The route should appear as 192.168.89.0 255.255.255.0 192.168.89.1 1

Take a look at your entry for 192.168.90.0
It's the correct one there. So all you have to do is use the same logic for that 192.168.89.0 route.

Collapse -

IP Routing

by TPCosmo In reply to IP Routing

Poster rated this answer

Collapse -

IP Routing

by Dennis@l In reply to IP Routing

I understand correctly you are installing a VPN, A VPN uses Point to Point protocol so NT4 server can ping W2k server, client can ping its respective server, that is the way it is supose to work. You can however still map to a drive or resources onthe other server manually "\\server1\printer2".

Collapse -

IP Routing

by TPCosmo In reply to IP Routing

Poster rated this answer

Collapse -

IP Routing

by TPCosmo In reply to IP Routing

This question was closed by the author

Back to Networks Forum
10 total posts (Page 1 of 1)  

Related Discussions

Related Forums