Computers getting "The network path was not found" message

All:

Thank you for taking time to read this post.

Here's the issue in a nutshell:

Two LAN segments, A (10.1.0.x) and B (10.0.0.x), connected via a private
pt-to-point network put in place by our ISP. Routers on each side are
essentially acting as bridges. Both sides see each other fine and I can
tracert from one machine (on one segment) to another machine (on the other
segment) going either direction just fine.

Segment B hosts the DC's and Member Servers.

Segment A PC's can see the DC's and connect fine to them; Segment A PC's
can't connect to any of the Member Servers, so Outlook is not working, among
other things. The error message above is obviously the issue.

I've done some "Googling" to see if anything might point to a solution, but
so far no luck.

What am I missing?

Thanks,

Lou

The solution is everything I have been saying all along in the other thread.

Then you may have a DNS & WINS design issue on top of that. There is no way
to answer that without knowing the Active Directory Structure.

-------------------Location A---------------
Clients:
IP = 10.1.0.x
Mask = 255.255.255.0
Gwy = 10.1.0.1 (router-A)

Adtran Router - A:
LAN Int = 10.1.0.1
Mask = 255.255.255.0
Gwy = none
--------
WAN Int = 192.168.200.2
Mask = 255.255.255.0 or 255.255.255.252
Gwy = 192.168.200.1 (router - B)



-------------------Location B---------------
Clients:
IP = 10.0.0.x
Mask = 255.255.255.0
Gwy = 10.0.0.218 (router-B)

Adtran Router - B:
LAN Int = 10.0.0.218
Mask = 255.255.255.0
Gwy = 10.0.0.3 (the ISA Internal Nic)
---------
WAN Int = 192.168.200.1
Mask = 255.255.255.0 or 255.255.255.252
Gwy = N/A
---------
Static Route on "router-B"
ID = 10.1.0.0
Mask = 255.255.255.0
Gwy = 192.168.200.2
Interface = 192.168.200.1

The Celestix ISA:
LAN Int = 10.0.0.3
Mask = 255.255.255.0
Gwy = none
---------
WAN Int = 12..x.x.x
Mask = [ISP specified]
Gwy = 12.x.x.x [ISP specified]
---------
Static Route on "ISA"
ID = 10.0.0.0
Mask = 255.0.0.0
Gwy = 10.0.0.2 218
Interface = [auto-determined]

Internal Network Definition
Addresses Tab
10.0.0.0 --- 10.0.0.255
10.1.0.0 --- 10.1.0.255
(or just use 10.0.0.0---10.255.255.255 and forget it)



--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
"LJH" <(E-Mail Removed)> wrote in message
news:%(E-Mail Removed)...
> All:
>
> Thank you for taking time to read this post.
>
> Here's the issue in a nutshell:
>
> Two LAN segments, A (10.1.0.x) and B (10.0.0.x), connected via a private
> pt-to-point network put in place by our ISP. Routers on each side are
> essentially acting as bridges. Both sides see each other fine and I can
> tracert from one machine (on one segment) to another machine (on the other
> segment) going either direction just fine.
>
> Segment B hosts the DC's and Member Servers.
>
> Segment A PC's can see the DC's and connect fine to them; Segment A PC's
> can't connect to any of the Member Servers, so Outlook is not working,
> among other things. The error message above is obviously the issue.
>
> I've done some "Googling" to see if anything might point to a solution,
> but so far no luck.
>
> What am I missing?
>
> Thanks,
>
> Lou
>

OK...glad you sent this again, because it reminded of the one question I had
after looking at this the first time.

Regarding Location B, why would the Client Gwy address be set to 10.0.0.218
and point AWAY from the I'net? This is probably the logical side of me
missing a key point, but it doesn't make sense (not saying you're wrong,
just telling you I'm not seeing it)



"Phillip Windell" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> The solution is everything I have been saying all along in the other
> thread.
>
> Then you may have a DNS & WINS design issue on top of that. There is no
> way to answer that without knowing the Active Directory Structure.
>
> -------------------Location A---------------
> Clients:
> IP = 10.1.0.x
> Mask = 255.255.255.0
> Gwy = 10.1.0.1 (router-A)
>
> Adtran Router - A:
> LAN Int = 10.1.0.1
> Mask = 255.255.255.0
> Gwy = none
> --------
> WAN Int = 192.168.200.2
> Mask = 255.255.255.0 or 255.255.255.252
> Gwy = 192.168.200.1 (router - B)
>
>
>
> -------------------Location B---------------
> Clients:
> IP = 10.0.0.x
> Mask = 255.255.255.0
> Gwy = 10.0.0.218 (router-B)
>
> Adtran Router - B:
> LAN Int = 10.0.0.218
> Mask = 255.255.255.0
> Gwy = 10.0.0.3 (the ISA Internal Nic)
> ---------
> WAN Int = 192.168.200.1
> Mask = 255.255.255.0 or 255.255.255.252
> Gwy = N/A
> ---------
> Static Route on "router-B"
> ID = 10.1.0.0
> Mask = 255.255.255.0
> Gwy = 192.168.200.2
> Interface = 192.168.200.1
>
> The Celestix ISA:
> LAN Int = 10.0.0.3
> Mask = 255.255.255.0
> Gwy = none
> ---------
> WAN Int = 12..x.x.x
> Mask = [ISP specified]
> Gwy = 12.x.x.x [ISP specified]
> ---------
> Static Route on "ISA"
> ID = 10.0.0.0
> Mask = 255.0.0.0
> Gwy = 10.0.0.2 218
> Interface = [auto-determined]
>
> Internal Network Definition
> Addresses Tab
> 10.0.0.0 --- 10.0.0.255
> 10.1.0.0 --- 10.1.0.255
> (or just use 10.0.0.0---10.255.255.255 and forget it)
>
>
>
> --
> Phillip Windell
> www.wandtv.com
>
> The views expressed, are my own and not those of my employer, or
> Microsoft,
> or anyone else associated with me, including my cats.
> -----------------------------------------------------
> "LJH" <(E-Mail Removed)> wrote in message
> news:%(E-Mail Removed)...
>> All:
>>
>> Thank you for taking time to read this post.
>>
>> Here's the issue in a nutshell:
>>
>> Two LAN segments, A (10.1.0.x) and B (10.0.0.x), connected via a private
>> pt-to-point network put in place by our ISP. Routers on each side are
>> essentially acting as bridges. Both sides see each other fine and I can
>> tracert from one machine (on one segment) to another machine (on the
>> other segment) going either direction just fine.
>>
>> Segment B hosts the DC's and Member Servers.
>>
>> Segment A PC's can see the DC's and connect fine to them; Segment A PC's
>> can't connect to any of the Member Servers, so Outlook is not working,
>> among other things. The error message above is obviously the issue.
>>
>> I've done some "Googling" to see if anything might point to a solution,
>> but so far no luck.
>>
>> What am I missing?
>>
>> Thanks,
>>
>> Lou
>>
>
>

"LJH" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> OK...glad you sent this again, because it reminded of the one question I
> had after looking at this the first time.
>
> Regarding Location B, why would the Client Gwy address be set to
> 10.0.0.218 and point AWAY from the I'net?

Because Clients are not supposed to make routing decisions. Who does?
Routers do,...not firewalls,...Routers do,...that's what they are designed
for. When you have a packet who's destination is outside the local subnet
you do *not* just automatically send it to the Internet Device as if it is
always going to be the Internet. What do you do?,...you send it to the
"decision maker" for the LAN's Routing Scheme,...and who is that?,...it is
the LAN Router,..which in your case is the local Adtran Router in the Site.

What happens when it gets to the Router? The Router compares the
destination to the Routing Table and askes, "Where does this go?"

If the Routing Table says "It goes to Site-A's IP Segment"
Then it passes the Packet to Site-A's Adtran Router

If the Routing Table says "I have no entry for this, I have no idea where it
goes"
Then it is passed to the Default Gateway (which is???,...the ISA)

Contray to common misconceptions,...most of the traffic on a LAN does not go
to the Internet,...it goes toward accessing File Share, Application's Data
Access, Authentication requests, DHCP Queries and Renewals,..and a dozen
other LAN function including but not limited to Ethernet Infrastructure
traffic and Ethernet Broadcasts. So it makes sense (and more effiecient) to
not assume anything not destine for the local subnet is for the Internet

--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------

Phillip...All I've got to say is "Thanks" for not using the hammer to hard.
I get it/I got it.

I was so stuck in the mode of our old box essentially (and incorrectly)
acting as the router that I tried to duplicate things when we cut over to
the new circuit and added the new ISA box into the mix. Obviously this
caused issues, b/c of you correctly pointing out that I was thinking in too
linear a matter. I now understand while all network devices on the 10.0.0.x
*SHOULD* be (and are now) using 10.0.0.218 as their gateway.

Everybody in the other building had left prior to me getting this change in
place and updating the router, but a quick RDP to their file server and then
a browse back to a few of the member servers that were previously
unreachable shows that they're all talking now.

I think a good bit of what you wrote (and what I read in the links you
pointed me to) FINALLY "clicked."

I'll keep you posted, but I think we're headed to green pastures.

Thank you again,

Lou

"Phillip Windell" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> "LJH" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>> OK...glad you sent this again, because it reminded of the one question I
>> had after looking at this the first time.
>>
>> Regarding Location B, why would the Client Gwy address be set to
>> 10.0.0.218 and point AWAY from the I'net?
>
> Because Clients are not supposed to make routing decisions. Who does?
> Routers do,...not firewalls,...Routers do,...that's what they are designed
> for. When you have a packet who's destination is outside the local subnet
> you do *not* just automatically send it to the Internet Device as if it is
> always going to be the Internet. What do you do?,...you send it to the
> "decision maker" for the LAN's Routing Scheme,...and who is that?,...it is
> the LAN Router,..which in your case is the local Adtran Router in the
> Site.
>
> What happens when it gets to the Router? The Router compares the
> destination to the Routing Table and askes, "Where does this go?"
>
> If the Routing Table says "It goes to Site-A's IP Segment"
> Then it passes the Packet to Site-A's Adtran Router
>
> If the Routing Table says "I have no entry for this, I have no idea where
> it goes"
> Then it is passed to the Default Gateway (which is???,...the ISA)
>
> Contray to common misconceptions,...most of the traffic on a LAN does not
> go to the Internet,...it goes toward accessing File Share, Application's
> Data Access, Authentication requests, DHCP Queries and Renewals,..and a
> dozen other LAN function including but not limited to Ethernet
> Infrastructure traffic and Ethernet Broadcasts. So it makes sense (and
> more effiecient) to not assume anything not destine for the local subnet
> is for the Internet
>
> --
> Phillip Windell
> www.wandtv.com
>
> The views expressed, are my own and not those of my employer, or
> Microsoft,
> or anyone else associated with me, including my cats.
> -----------------------------------------------------
>
>

There is a statement here that I can't let go past.

" Routers on each side are essentially acting as bridges."

They are not. They are acting as routers. A bridge connects two segments
which are in the same IP subnet. If they are in different IP subnets, they
can only see each other if they are routed.

"LJH" <(E-Mail Removed)> wrote in message
news:#(E-Mail Removed)...
> All:
>
> Thank you for taking time to read this post.
>
> Here's the issue in a nutshell:
>
> Two LAN segments, A (10.1.0.x) and B (10.0.0.x), connected via a private
> pt-to-point network put in place by our ISP. Routers on each side are
> essentially acting as bridges. Both sides see each other fine and I can
> tracert from one machine (on one segment) to another machine (on the other
> segment) going either direction just fine.
>
> Segment B hosts the DC's and Member Servers.
>
> Segment A PC's can see the DC's and connect fine to them; Segment A PC's
> can't connect to any of the Member Servers, so Outlook is not working,
> among other things. The error message above is obviously the issue.
>
> I've done some "Googling" to see if anything might point to a solution,
> but so far no luck.
>
> What am I missing?
>
> Thanks,
>
> Lou
>

Thanks, Bill.

Yeah, as you likely saw in my 7:22PM post, I finally "got" this fact.
Thankfully, Phillip stuck with me long enough that my non-WAN brain grasped
what he'd been trying to tell me all along.

Glad you were in the "on-deck" circle to pick up if Phillip gave up on
me...

Cheers,

Lou


"Bill Grant" <not.available@online> wrote in message
news:(E-Mail Removed)...
> There is a statement here that I can't let go past.
>
> " Routers on each side are essentially acting as bridges."
>
> They are not. They are acting as routers. A bridge connects two
> segments which are in the same IP subnet. If they are in different IP
> subnets, they can only see each other if they are routed.
>
> "LJH" <(E-Mail Removed)> wrote in message
> news:#(E-Mail Removed)...
>> All:
>>
>> Thank you for taking time to read this post.
>>
>> Here's the issue in a nutshell:
>>
>> Two LAN segments, A (10.1.0.x) and B (10.0.0.x), connected via a private
>> pt-to-point network put in place by our ISP. Routers on each side are
>> essentially acting as bridges. Both sides see each other fine and I can
>> tracert from one machine (on one segment) to another machine (on the
>> other segment) going either direction just fine.
>>
>> Segment B hosts the DC's and Member Servers.
>>
>> Segment A PC's can see the DC's and connect fine to them; Segment A PC's
>> can't connect to any of the Member Servers, so Outlook is not working,
>> among other things. The error message above is obviously the issue.
>>
>> I've done some "Googling" to see if anything might point to a solution,
>> but so far no luck.
>>
>> What am I missing?
>>
>> Thanks,
>>
>> Lou
>>

Good eye Bill. I didn't see that.
I was mostly operating off of past posts in other groups & threads. This
story has a long history going back into the ISA groups. You're only
seeing a small piece with this last post, but I think he has got it figured
out now.


--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------


"Bill Grant" <not.available@online> wrote in message
news:(E-Mail Removed)...
> There is a statement here that I can't let go past.
>
> " Routers on each side are essentially acting as bridges."
>
> They are not. They are acting as routers. A bridge connects two
> segments which are in the same IP subnet. If they are in different IP
> subnets, they can only see each other if they are routed.

"Phillip Windell" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Contray to common misconceptions,...most of the traffic on a LAN does not
> go to the Internet,...it goes toward accessing File Share, Application's
> Data Access, Authentication requests, DHCP Queries and Renewals,..and a
> dozen other LAN function including but not limited to Ethernet
> Infrastructure traffic and Ethernet Broadcasts. So it makes sense (and
> more effiecient) to not assume anything not destine for the local subnet
> is for the Internet

If this was not the case, then everyone is misguided by wanting to run
Gigabit on the LAN while running a few Mbps on the Internet side,...we would
have to run the Internet at Gigabit speeds and let our LANs run at 3-to-10
Mbps over the Ethernet.

--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------

"LJH" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Everybody in the other building had left prior to me getting this change
> in place and updating the router, but a quick RDP to their file server and
> then a browse back to a few of the member servers that were previously
> unreachable shows that they're all talking now.

Very good.
We'll have to see how it turns out,..but I think you will be pleasantly
surprised at the smooth and logical way it operates when done properly. It
will also be more scalable and flexible in the future.

Since your ISA is new and this ISA works a lot different than your old
ISA2000 you may have mysteries to sort out there as time goes on, but with a
solid network infrastructure the prolems will be less "vague" and more
obvious to what they are and how to deal with them. That's why I preach so
much about having a good network design,..it is the foundation of everything
else.

--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------