Re: route trafic from external to internal adapter

Hi Bill,
Thanks for your continious help.
"Site" is the office where computers are. Both networks are in one location.
I am remoting into networks through PPTP and RDP and am on a subnet not
related to subnets in question.
It looks like routing through external adapter to internal adapter is not
possible, since external adapter is default gateway and NAT for subnet
connected to internal adapter.
Following is the replay I've got on MS Partners group:

********************************************************
According to your post, I understand that you have some concerns how to
make your clients from 10.1.1.x subnets connects to the terminal server in
192.168.30.0 subnet, behind o f SBS Server. If I am off-base on that,
please let me know.

First of all, based on your configuration, the SBS server act as the
gateway and proxy server for 192.168.30.x client computers. As this is a
proxy server, it cannot work as a router to route packets from 10.1.1.x to
192.168.30.x.

********************************************************

I still have to confirm whart was the meaning of "Proxy Server" term he
used, but if he was refering to NAT, then routing to inside is not possible.
Just to confirm here, I am not aware of SBS acting as a proxy server at
present. It is Gateway and NAT for 192.168.30.X, but no proxy.

What do you think of this answer?

Will keep you posted if more replays from MS Partner group.

Regards,
Alex




"Bill Grant" wrote:

Sites? There was no mention of sites before. It was just two hubs. Exactly
how are these two LANs connected?

Routing is a two-way process. There must be a route (default or
specific) from A to B and also from B to A.

If the default gateway for 192.168.30.11 is to the RRAS router and the
default gateway for the RRAS router is the Cisco, routing in that direction
is fine. In the other direction, all you should need is the static route on
the Cisco to forward traffic for 192.168.30 to the RRAS router. Once it gets
to the RRAS router it will be delivered directly. If the static route on the
Cisco is correct you should be able to tracert from 10.1.1.x (including the
Cisco) to 192.168.30.11 (and yes, 10.1.1.2 should show up as a step in the
path).

"Alex" <Alex@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:347E966A-F73E-4F2C-82BA-6545506FA569@xxxxxxxxxxxxxxxx
Hi Bill,
Thanks for your answer.
I have Cisco 877 router on that site and that one has static route to
192.168.30.X setup.
I have RRAS active on a SBS server and no firewall software I know of.
One of the concerns is the following:
When I traceroute from 10.1.1.1 cisco router to 192.168.30.10, I am geting
no IP addresses showing in path. I presume 10.1.1.2 is suppose to show as
a
step in a path, but I can not see it. Is that because Cisco router is not
routing to the right gateway or because some block exists on SBS external
interface (10.1.1.2)?
Unfortunately, the site is far away and i do not have access to it. I also
have no remote access to 10.1.1.X workstations (no credentials to log on).

Regards,
Alex



"Bill Grant" wrote:

The first thing you have to do is enable IP routing on the server, so
that it can forward the traffic. The next thing you need to do is add
extra
routing to get the traffic to the internal router.

The routing would look like this.

Internet
|
gateway
10.1.1.1
|
workstations
10.1.1.x dg 10.1.1.1
|
10.1.1.2 dg 10.1.1.1
server
192.168.30.10 dg blank
|
192.168.30.11 dg 192.168.30.10

To get the traffic from 10.1.1 to 192.168.30. you need to add a
static route to the gateway router.

192.168.30.0 255.255.255.0 10.1.1.2

If for some reason you can't add this to the gateway router you will
need to add it to every client in the 10.1.1 subnet which needs to access
the TS in 192.168.

"Alex" <Alex@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:89CBEFEF-2499-49A7-B5F3-EDA3B5796465@xxxxxxxxxxxxxxxx
This is (simplified) setup:

10.1.1.1 default gateway
|
HUB ----- 10.1.1.X - subnet with workgroup clients
|
10.1.1.2 as "external IP of SBS server
|
192.168.30.10 as internal IP of SBS server
|
HUB
|
192.168.30.11 Terminal server IP address

I know that setup is not very clever, but that is what I inherited and
can
not change.
The question is how to allow trafic originating from 10.1.1.X subnet to
reach 192.168.30.11 (terminal server)

Regards,
Alex






.

Relevant Pages

  • Re: Half Bridge mode and multi-homed box
    ... The router takes all the authentication and link negotiation burden ... > laptop screen whilst I tried to replicate it on the server. ... helldesk of provider) from whoever remembers it for too long. ... The provider's gateway is on a completely different ...
    (comp.unix.bsd.freebsd.misc)
  • Re: 2 NIC SBS2003R2 LAN/WAN Firewall Router Connection Failure
    ... I have to admit to a preference for VMWare Server which can only be ... I've asked the other SBS MVP's to comment on the current status of SBS ... I connected directly to the router and changed its LAN side subnet ...
    (microsoft.public.windows.server.sbs)
  • Re: Running out of IP addresses
    ... In fact it is pretty hard to find a hardware LAN router these days. ... I think it worth planning a second subnet at this stage as I can see the existing scope running out, even with a 'full range' on the current subnet. ... I understand that I will need to introduce a DHCP server on the second subnet. ...
    (microsoft.public.windows.server.networking)
  • Re: Half Bridge mode and multi-homed box
    ... The router takes all the authentication and link negotiation burden ... > that the server somehow doesn't ask for a default gateway. ... I tried putting the default route that the laptop gets into rc.conf. ...
    (comp.unix.bsd.freebsd.misc)
  • Re: gateway IP address
    ... An Ethernet network is a 'local' environment, ... a gateway IP address can ... send the Ethernet frame to the router, so that it can pass it to the device ... Device A on Subnet 1, needs to talk to Device B on Subnet 2. ...
    (comp.dcom.sys.cisco)