General discussion

Locked

Routing and Remote Access

By Mikel~T ·
I have a hybrid network of Macs and PCs. The Macs and the majority of the PCS are on one subnet with their own router and gateway. The rest of the PCs are on another subnet with their own gateway and router that is connected to our corporate office. Corporate has setup an intranet server in their office, and I need to get access for all of the Mac and PCs on the non-corporate subnet setup ASAP. Here's the problem: our ISP will not allow me access to the firewall they have installed for us. They aren't "able to remedy this situation at this time", so I'm trying to setup one of my W2K Servers as a router using the Routing and Remote Access feature. I have two network cards with one on each of the two subnets I have in the building. Now I just need to figure out how to route any requests for the intranet server at corporate's office.

Any advice?

Thanks in advance.

Mike

This conversation is currently closed to new comments.

11 total posts (Page 1 of 2)   01 | 02   Next
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Routing and Remote Access

by Shanghai Sam In reply to Routing and Remote Access

If your MAC systems use the AppleTalk protocol, be sure to enable that protocol on your Win2k Server/Router. Otherwise, your AppleTalk traffic will not pass through the router.
Open the network connection properties on your Win2k Server/Router. Choose one of the Server/Router NICs (Network Interface Card) as your primary subnet side. On this NIC enter a IP Address, Subnet Mask, and the Default Gateway which is compliant with that subnet. Use the gateway address of that subnet?s side.
On your second NIC enter the IP Address and Subnet Mask which is compliant with that subnet?LEAVE THE Gateway Address BLANK. In your client systems on the secondary subnet, add a second gateway. The client Gateway is the IP Address of your secondary NIC on the Server/Router. To enable IP Forwarding in Win2k Server:
1. Open Registry Editor.
Caution: Incorrectly editing the registry may severely damage your system. Before making changes to the registry, you should back up any valueddata on the computer.
2. In Registry Editor, navigate to the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\Tcpip \Parameters

3. Select the following entry:

IPEnableRouter: REG_DWOR 0x0

4. To enableIP forwarding for all network connections installed and used by this computer, assign a value of 1.
5. Close Registry Editor.

Notes
?To open Registry Editor, click Start, click Run, type regedt32, and then click OK.
?You must be logged on asan administrator or a member of the Administrators group in order to complete this procedure.
?By default, IP forwarding is disabled.

For best practices, reboot your Win2k Server/Router.
PS. If you have an old NT server, Server/Router configuration is simpler.

Collapse -

Routing and Remote Access

by Mikel~T In reply to Routing and Remote Access

I made all of the changes you described, and it still doesn't appear to work. Is there anything else I could try or look at to confirm that I make the correct changes?

Mike

Collapse -

Routing and Remote Access

by mike-r In reply to Routing and Remote Access

If your MAC systems use the AppleTalk protocol, be sure to enable that protocol on your Win2k Server/Router. Otherwise, your AppleTalk traffic will not pass through the router.
Open the network connection properties on your Win2k Server/Router. Choose one of the Server/Router NICs (Network Interface Card) as your primary subnet side. On this NIC enter the IP Address, Subnet Mask, and Default Gateway, which are compliant with that subnet. Use the gateway address of that subnet?s side.
On your second NIC enter the IP Address and Subnet Mask, which are compliant with that subnet?LEAVE THE Gateway Address BLANK. In your client systems on the secondary subnet, add a second gateway?That Gateway is the IP Address of your secondaryNIC on the Server/Router.
Now enable IP Forwarding:
1. Open Registry Editor.
Caution: Incorrectly editing the registry may severely damage your system. Before making changes to the registry, you should back up any valued data on the computer.
2. In Registry Editor, navigate to the following registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\Tcpip \Parameters

3. Select the following entry:

IPEnableRouter: REG_DWOR 0x0

4. To enable IP forwarding for all network connections installed and used by this computer, assign a value of 1.
5. Close Registry Editor.

Notes
?To open Registry Editor, click Start, click Run, type regedt32, and then click OK.
?You must be logged on as an administrator ora member of the Administrators group in order to complete this procedure.
?By default, IP forwarding is disabled.

For best practices, reboot your Win2k Server/Router.
PS. If you have an old NT server, Server/Router configuration is simpler.

Collapse -

Routing and Remote Access

by Mikel~T In reply to Routing and Remote Access

I made all of the changes you described, and it still doesn't appear to work. Is there anything else I could try or look at to confirm that I make the correct changes?

Mike

Collapse -

Routing and Remote Access

by Stillatit In reply to Routing and Remote Access

As I understand it, your setup is:

LAN1--------Router---Gateway to somewhere

LAN2 ------Router----Gateway to corporate

This assumes the MAC's are using TCP/IP.

If you have an NT server with two NIC cards, one on LAN1 with appropriate address and one on LAN2 with appropriate address, do the setup as follows:

Install RRAS.

In RRAS admin, define the interface cards.

In RRAS admin, define static routes for each LAN.

In RRAS admin, define the existing routers as the default gateway(s).

In RRAS admin, define a static route for the corporate network, pointing at the appropriate router.

In RRAS admin, turn on RIP, in whatever flavor the corporate router is using. This will allow the corporate router to get RIP advertisements telling it about available routes back to LAN1 and LAN2. (This assumes you cannot get into the corporate router. If you can, you might put in static routes to LAN1 and LAN2.)

On each station on LAN1 and LAN2, point the default gateway at the appropriate NIC card on the NT server.

That should do it.

When a station on LAN1 has traffic for somewhere on LAN2 or corporate (like the server), the traffic goes to the NT, which (staticly) routes it to LAN2 or to the router to corporate. If the station on LAN1 has traffic for an unknown destination, the traffic hits the NT, which forwards it to its default gateway.

When a station on LAN2 has traffic off its segment it goes to the NT, which puts it on LAN1 or corporate if appropriate, or sends it to its default gateway if unknown.

Good luck.

Collapse -

Routing and Remote Access

by Mikel~T In reply to Routing and Remote Access

I'm trying to use a Windows 2000 Server as the router, not an NT Server. Any suggestions for Windows 2000 Server?

Thanks though.

Mike

Collapse -

Routing and Remote Access

by Shanghai Sam In reply to Routing and Remote Access

Mike- In my earlier reply I did not mention an important addition needed to make the server/router system viable (there is a limit to the number of characters allowed in this help format): your external routers must reflect the internal subnet(s) within their local routing table (your machines will go to the local external router first for route information?assuming that this is their gateway). Let?s assume your external routers are Cisco?simply add an 'ip route' statement.
The Cisco configuration statement is in the form of 'ip route [address of adjoining segment] [adjoining segment mask] [address of router NIC on this segment]'.
As an example ONLY: your first segment is 192.176.10.0 and second segment is 192.176.12.0. The NIC addresses on your server/router are 192.176.10.8 and 192.176.12.8 respectively. The Cisco router configuration commands are (for the 10 side external router) ?ip route 192.176.12.0 255.255.255.0 192.176.10.8 and (for the 12 side external router) ?ip route 192.176.10.0 255.255.255.0 192.176.12.8.
Note that these commands are specific to Cisco. If you use another type of router, use the correct router configuration command.
I have successfully configured three local subnets at my locationusing the instructions I have submitted to you in two installments. If you need more detailed help, please write me at miker@osbi.state.ok.us. Good luck.

Collapse -

Routing and Remote Access

by Mikel~T In reply to Routing and Remote Access

Poster rated this answer

Collapse -

Routing and Remote Access

by mike-r In reply to Routing and Remote Access

Mike- In my earlier reply I did not mention an important addition needed to make the server/router system viable (there is a limit to the number of characters allowed in this help format): your external routers must reflect the internal subnet(s) within their local routing table (your machines will go to the local external router first for route information?assuming that this is their gateway). Let?s assume your external routers are Cisco?simply add an 'ip route' statement.
The Cisco configuration statement is in the form of 'ip route [address of adjoining segment] [adjoining segment mask] [address of router NIC on this segment]'.
As an example ONLY: your first segment is 192.176.10.0 and second segment is 192.176.12.0. The NIC addresses on your server/router are 192.176.10.8 and 192.176.12.8 respectively. The Cisco router configuration commands are (for the 10 side external router) ?ip route 192.176.12.0 255.255.255.0 192.176.10.8 and (for the 12 side external router) ?ip route 192.176.10.0 255.255.255.0 192.176.12.8.
Note that these commands are specific to Cisco. If you use another type of router, use the correct router configuration command.
I have successfully configured three local subnets at my locationusing the instructions I have submitted to you in two installments. If you need more detailed help, please write me at miker@osbi.state.ok.us. Good luck.

Collapse -

Routing and Remote Access

by Mikel~T In reply to Routing and Remote Access

The main issue I'm faced with is that the "admin" for the corporate connection is less than helpful, my ISP is even worse, and my manager wants this issue resolved without their assistance due to the track record. I appreciate your help, but it hasbecome obvious that I need to crack some heads together to get this accomplished. thank you for your assistance.

Mike

Back to Windows Forum
11 total posts (Page 1 of 2)   01 | 02   Next

Related Discussions

Related Forums