Re: NAT troubleshooting
- From: Alex Smirnoff <AlexSmirnoff@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sat, 19 Aug 2006 01:48:01 -0700
It's the same subnet - 255.0.0.0. I assume that routing is ok. Again,
according to the documentation, theres nothing special about setting up
routing in NAT config.
"workinghard@xxxxxxxxxxxxxx" wrote:
What about the fact that the client PC is on a different subnet then the.
RRAS/NAT server ... hopw is routing set up?
"Alex Smirnoff" <AlexSmirnoff@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:64CE96F8-FFE3-45BF-BA8B-51C41A443E47@xxxxxxxxxxxxxxxx
Cient says DNS is 10.0.0.16 but it is the RRAS machine which is not a DNSDNS relay is enabled on RRAS and works fine - names are being resolved
server ...?
from
the private network
The client machine lives on 10.0.2.X subnet and the RRAS/NAT Machine onYes, I can ping and access web server using internal address. I switched
10.0.0.X ... can they find each other? Routing is OK?
back from DHCP to static allocation using 10.0.0.0 address and 255.0.0.0
subnet
If your machines live in a Active Directory Domain they should use theNope, no domain - all computers are stand-alone.
internal DNS that is used forActive Directory and which is configured
with
root hints or forwarding ... and so should the RRAS/NAT machine on the
internal side or do you not have a domain at all?
I tried different scenario - set up static port mapping from the public
machine to 10.0.2.1 on port 80. Using windump, I can see arriving packets
on
the public interface, properly translated (entry appears in the "Show
mappings"), sent to the private server. Private interface gets packet back
(10.0.2.1:80 -> external client) but it never gets translated back, even
with
firewall disabled. Mystery... And logging totally sucks - there is nothing
useful.
"workinghard@xxxxxxxxxxxxxx" wrote:
Hello again,
What I see in your IPCONFIG is:
thx for your input & feedback
Nothing special about the config:
Main machine:
Windows IP Configuration
Host Name . . . . . . . . . . . . : myhost
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Local Area Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit
Ethernet
#2
Physical Address. . . . . . . . . : 00-30-48-56-xx-xx
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit
Ethernet
Physical Address. . . . . . . . . : 00-30-48-56-xx-xx
Ethernet adapter External.Jack1:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Dual Port
Server
Adapter
Physical Address. . . . . . . . . : 00-04-23-CE-xx-xx
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : Static external ip
Subnet Mask . . . . . . . . . . . : 255.255.254.0
Default Gateway . . . . . . . . . : ISP gateway
DNS Servers . . . . . . . . . . . : ISP DNS
Ethernet adapter Internal.Jack2:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Dual Port
Server
Adapter #2
Physical Address. . . . . . . . . : 00-04-23-CE-xx-xx
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.16
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : ISP DNS
Local computer:
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : mshome.net
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network
Connection
Physical Address. . . . . . . . . : 00-0C-29-6E-xx-xx
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 10.0.2.10
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Default Gateway . . . . . . . . . : 10.0.0.16
DHCP Server . . . . . . . . . . . : 10.0.0.16
DNS Servers . . . . . . . . . . . : 10.0.0.16
Lease Obtained. . . . . . . . . . : Wednesday, August 16, 2006 2:12:58
AM
Lease Expires . . . . . . . . . . : Wednesday, August 23, 2006 2:12:58
AM
"Alex Smirnoff" <AlexSmirnoff@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:FB3CF43B-4C88-434D-BB5E-16A80AD41980@xxxxxxxxxxxxxxxx
This is pure RRAS, no DNS server. As I mentioned before, DNS is the
only
thing which works fine.
"workinghard@xxxxxxxxxxxxxx" wrote:
I see now that I misread the ipconfig post, the other NIC belongs to a
different machine .. sorry for the confusion ...
What I would do when I look at the IPCONFIG is set the DNS for the
internal
NIC and external NIC to internal DNS Server that uses forwarding or
root
hints, unless you don't have an internal DNS server ... IS this a pure
RRAS
Server of a DC/DNS/RASS with NAT setup?
Cheers
"Alex Smirnoff" <AlexSmirnoff@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:8DD62E88-F1A0-40B1-AC71-149DAE6D05BB@xxxxxxxxxxxxxxxx
I dont follow...which interface are you talking about? Private
interface
does
not have gateway set, public does - but it needs it.
Another observation: NAT creates port mappings for the client - I
can
see
them in the "Show mappings" dialog. But packets do not go outside
(even
with
firewall disabled). Really strange...
"workinghard@xxxxxxxxxxxxxx" wrote:
Hello,
I see you have to internal NIC's on the RRAS sever. Just as a test
try
to
levae the gateway on that NIC with IP x.x.x.20 blank or even better
disable
it. You don't really Need that NIC for NAT to work.
Cheers
"Alex Smirnoff" <AlexSmirnoff@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:BF8507F9-BAF4-4EE1-8D5E-45C789786C82@xxxxxxxxxxxxxxxx
All setup has been done according to the documentation/FAQ. I can
access
the
internet from the main server, I can also ping private machine IP
(and
back).
DNS works. According to windump, packets arrive at the local
interface
but
nothing goes outside. NAT creates port mapping for the outgoing
connection
(I
can see it in the public network interface properties when I try
to
access
a
web site from the internal network)
Nothing special about the config:
Main machine:
Windows IP Configuration
Host Name . . . . . . . . . . . . : myhost
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Local Area Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit
Ethernet
#2
Physical Address. . . . . . . . . : 00-30-48-56-xx-xx
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit
Ethernet
Physical Address. . . . . . . . . : 00-30-48-56-xx-xx
Ethernet adapter External.Jack1:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Dual
Port
Server
Adapter
Physical Address. . . . . . . . . : 00-04-23-CE-xx-xx
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : Static external ip
Subnet Mask . . . . . . . . . . . : 255.255.254.0
Default Gateway . . . . . . . . . : ISP gateway
DNS Servers . . . . . . . . . . . : ISP DNS
Ethernet adapter Internal.Jack2:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Dual
Port
Server
Adapter #2
Physical Address. . . . . . . . . : 00-04-23-CE-xx-xx
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.16
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : ISP DNS
Local computer:
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : mshome.net
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT
Network
Connection
Physical Address. . . . . . . . . : 00-0C-29-6E-xx-xx
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 10.0.2.10
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Default Gateway . . . . . . . . . : 10.0.0.16
DHCP Server . . . . . . . . . . . : 10.0.0.16
DNS Servers . . . . . . . . . . . : 10.0.0.16
Lease Obtained. . . . . . . . . . : Wednesday, August 16, 2006
2:12:58
AM
Lease Expires . . . . . . . . . . : Wednesday, August 23, 2006
2:12:58
AM
"workinghard@xxxxxxxxxxxxxx" wrote:
Hello,
Please post your ipconfig /all here please so we can have a look
at
that
for
starters.
Cheers
"Alex Smirnoff" <AlexSmirnoff@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote
in
message
news:993AFAA1-A7A8-4C0B-AE03-F5405085F536@xxxxxxxxxxxxxxxx
I have installed RRAS in very basic configuration but computers
on
the
private network cannot access the internet. All public/private
interfaces
are
configured properly. DNS is the only thing which is working
fine
from
the
inside. (I can access the internet from the primary server
just
fine)
- References:
- Re: NAT troubleshooting
- From: workinghard
- Re: NAT troubleshooting
- From: Alex Smirnoff
- Re: NAT troubleshooting
- From: workinghard
- Re: NAT troubleshooting
- From: Alex Smirnoff
- Re: NAT troubleshooting
- From: workinghard
- Re: NAT troubleshooting
- From: Alex Smirnoff
- Re: NAT troubleshooting
- From: workinghard
- Re: NAT troubleshooting
- From: Alex Smirnoff
- Re: NAT troubleshooting
- From: workinghard
- Re: NAT troubleshooting
- Prev by Date: Re: Copying Entier Network Folder Contents
- Next by Date: RRAS outbound filter not working
- Previous by thread: Re: NAT troubleshooting
- Next by thread: Inconsistent drive mapping
- Index(es):
Relevant Pages
|
|
