Re: Two Gateways On Same Subnet
- From: "Bill Grant" <not.available@online>
- Date: Tue, 6 Jun 2006 14:43:39 +1000
There is no easy way around that sort of problem. It usually involves a
reconfig of the network. Normally the remotes would connect to your edge
firewall which would be the default route for the LAN machines. The WAN
links are not a problem because you know what address range they use. You
can redirect their traffic pretty easily. But single remote users are a
problem.
Another way to solve remote access problems is to have the remote access
device "inside" the firewall/Internet gateway. You can then route the
traffic destined for a remote user (based on its private IP range which you
do know) to the remote access server. After it is processed (ie encrypted
and encapsulated) it continues to the Internet gateway device.
I can't really see why your LAN machines (other than the servers you
mention) are not also using the firewall as their default gateway. Does
sending all traffic through this device overload it?
A default route is used when no other route is defined for the target
address. The default route has to point to your default gateway. There can
only be one of those. Normally both Internet access from the LAN and remote
access to the LAN require the use of a default route (because there is no
way you can know what the public IP address is going to be). There isn't any
way that you can decide what should go where based on its destination
address.
What device do your remote clients connect to? A Cisco might be able to
decide on one gateway rather than another based on the source address of the
incoming traffic from your remote clients. Windows can't.
Net Admin wrote:
Looking for some advice. I have a Qwest PRN WAN connecting all of
our field offices to our corporate office, using Cisco 1800 routers
and then our main firewall is a Cisco ASA 5510. Our Qwest gateway is
192.168.2.1 and our firewall is 192.168.2.50. Our Exchange server
and three other main Windows Server 2003 file servers that everybody
outside of the corporate use have the 192.168.2.50 set as their
gateway on the NICs. This is so remote users outside of the WAN have
no connectivity issues. All other computers use the 192.168.2.1 for
their gateway through Qwest. We are having connection issues where
anybody using 192.168.2.1 as their gateway cannot see any computers
using the 192.168.2.50 as their gateway. My question is, how can you
make both gateways see each other so that every computer can see one
another? Is it something that can be done through Windows? I have
already tried different methods of routing within the Cisco equipment
but are unsuccessful. A Cisco engineer working for Cisco also saw
that no ip routes or gateway masking can be used. Any ideas how
these two gateways can point traffic at each other?
Any advice or ideas would greatly be appreciated. Thank you.
.
- Prev by Date: Re: Routing table
- Next by Date: Re: windows mobile L2TP/IPSEC to win2k3
- Previous by thread: Wide area wireless
- Next by thread: Win2003 SP1 as DC with 2 NICs for domain
- Index(es):
Relevant Pages
|
|
