Re: connect to bridge modem

I thought about the mask also. The ISP is using that for the whole group
connected to their system (I expect).

Upshot is that you shouldn't need to do anything in ISA defining
192.168.1.x, as long as the 'internal' network is defined correctly, only
subnet 192.168.0.0/24. So we need to check something.

ISA console, Configuration, Networks, Internal. What networks are defined?

I'll ask a friend (Amy, an ISA MVP) her opinion, in mine ISA makes it too
easy to add the other private ranges to this definition, IMHO I _only_ want
my own internal network defined here.

BTW: If you ever plan on using VPN you'd do well to run the 'change server
IP address' wiz and move out of the .0 subnet, many home routers default to
this subnet, therefore blocking VPN. 192.168.56.0/24 for instance.

"dima" <dima@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:E7A1E0E7-AF69-43C8-B3BF-6C3C541E217F@xxxxxxxxxxxxxxxx
Thank you all very much for the detailed explanations!

The external mask was not a typo; that line was not modified from the
"ipconfig /all" output.

I understand that the external gateway has no business routing private IP
addresses, and it probably won't be able to anyway, as I'm sure I'm not
the
only customer with a 192.168.1.1 modem IP address. What I was hoping for
is a
way to connect to the bridge modem without going through the gateway. I
might
just try bringing the modem out of bridged mode, and see if that works.

What bothers me about this issue is that the modem's configuration
interface
includes a page for monitoring DSL line/connection statistics, yet the
entire
feature is _useless_, becaue I cannot access it when the bridged modem is
connected to the DSL line!

Thanks again,

--
dima

"SuperGumby [SBS MVP]" wrote:

from the RFC

Because private addresses have no global meaning, routing information
about private networks shall not be propagated on inter-enterprise
links, and packets with private source or destination addresses
should not be forwarded across such links. Routers in networks not
using private address space, especially those of Internet service
providers, are expected to be configured to reject (filter out)
routing information about private networks. If such a router receives
such information the rejection shall not be treated as a routing
protocol error.

SO, 'non routable' across public IP space.

But I thought about our specific circumstance.

I can't be bothered looking at, and I'm certainly not gonna buy (I hate
DLink) the device in question, nor its manual.

As a strict interpretation of IP the gateway (142.xxx.xxx.1) has no idea
where to send traffic for 192.168.whatever (and by RFC should not route
it
even if it did know via where).

An ISA server has two 'local subnets', 'internal' and 'external'. In our
case 192.168.0.0/24 is internal and 142.xxx.xxx.228/255.255.248.0 is
external. I believe this may in fact be a typo and the external mask is
actually 255.255.255.248, no SMB needs 8*255-2 public hosts and due to
IPv4
capacity it is _unlikely_ any ISP will give a small organisation such a
block.

IP traffic either occurs on the local subnet or is routed through the
default gateway, or a specific gateway if such is defined.

Routers actually operate at 'ethernet level' so can do _funny_ things at
the
IP level (I probably still have a router laying around here somewhere
which
will happily allow traffic between private IP subnets outside its own,
could
be a DLink).

Our situation is:
ISA--bridge modem--ADSL/ATM--ISA's Gateway.

Nothing you do to ISA will allow access to the 'fake' IP on the ADSL
modem
unless the modem interprets ethernet requests and recognises such as
requiring redirection to its management interface.

Windows/ISA will send traffic to the 192.168.0 network through its
'internal' interface, traffic for the debatable 'external' subnet through
its external interface, and all other traffic through the gateway defined
on
its 'external' interface. As part of 'all other traffic' 192.168.1.x will
be
passed to the gateway, and the gateway a) probably doesn't know where to
send it, and B) shouldn't send it even if it did.

Don't ya love IP!!! It's very simple.


.

Relevant Pages

  • Re: Setting up a static IP behind a router
    ... it needs me to enter a default gateway address and subnet mask. ... subnet mask what the router expects or what my ISP expects (255.255.248.0 ... What they may be driving at is the use of *private* subnets. ...
    (uk.comp.os.linux)
  • Re: crossover cable connection problems...
    ... You have your subnet and default gateway in two different networks, ... SNM: 255.255.0.0 ...
    (microsoft.public.windowsxp.general)
  • Windows XP and bridging 2 networks
    ... We want to connect two different networks: ... We have a machine with 192.168.1.1 IP with a subnet of 255.255.0.0 and ... out to the internet via the 192.168.0.1 gateway. ... Todd ...
    (microsoft.public.windowsxp.network_web)
  • conecting 2 networks
    ... We want to connect two different networks: ... We have a machine with 192.168.1.1 IP with a subnet of 255.255.0.0 and ... out to the internet via the 192.168.0.1 gateway. ... Todd ...
    (microsoft.public.windows.server.networking)
  • Re: how to share internet among offices but keep security intact?
    ... can you explain how you would setup different networks ... to prevent the traffic on the main router from "seeing" the other ... if i used different subnet values ie. ... gateway value must be inside subnet values, ...
    (comp.sys.ibm.pc.hardware.networking)