As Bob said, the RRAS router should not have its two NICs in the same IP
subnet. A router routes between subnets, so it doesn't work if both sides
are in the same subnet. (You use a bridge for that).
You will need to put the LAN machines in a different IP subnet from the
"link" segment (ie the segment which links the RRAS router to the firewall).
I would not have used NAT on this router. Surely the firewall is already
doing NAT. With this setup you would be doing NAT twice. You can do without
NAT as long as you add an extra route to the firewall to direct traffic to
the RRAS router. (ie the firewall knows how to reach the internal subnet
via the RRAS router). eg
Internet
|
firewall (static route 192.168.252.0 255.255.255.0
192.168.250.240)
|
192.168.250.240 dg 192.168.250.241
RRAS router
192.168.252.1/24 dg blank
|
LAN machines
192.168.252.x/24 dg 192.168.252.1
"Robert L [MVP - Networking]" <(E-Mail Removed)> wrote in message
news:%(E-Mail Removed)...
You should not assign the same subnet in a multihomed computers. This search
result may help,
Routing Don't add default gateway across disjoint networks Is it possible
both sites of the VPN using the same IP range Metric is the same for both
the remote ...
www.chicagotech.net/routing.htm
Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
"massmax" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) oups.com...
Hi all,
I have two LAN's to be managed.
I have (in the first LAN, assuming as LAN 1) a Win2003 server acting as
a router, using RRAS. I have two NIC on it, one direct to the internal
LAN, the second connected to a firewall (and from this to the internet)
installed and managed by my ISP.
The NIC A (internal LAN) has 192.168.250.101, no default gw.
The NIC B (internet) has 192.168.250.240, default gw: 192.168.250.241
(the firewall).
The firewall has 192.168.250.241
Clients are 192.168.250.x, default gw: 192.168.250.101
The NIC A is connected to a switch, together with the rest of LAN.
The NIC B and the firewall are connected to a second switch.
Clients are currently going in internet, no problems.
This is the configuration in the remote LAN (LAN 2):
The firewall, also installed and managed by my ISP, has
192.168.251.245.
Clients are 192.168.251.x default gw: 192.168.251.245.
No server acting as a router here; easier situation.
Clients here also use internet, no problems.
Well, I can connect from LAN 1 (the first one described above) to LAN
2, I can ping all IP's, use remote desktop etc.
But users working in LAN 2 can just ping the firewall (192.168.250.241)
and the NIC B (192.168.250.240) in the LAN 1, the devices that are on
the same switch.
I have configured RRAS as default wizard, using NAT as option; IP
routing is enabled. It works fine, because clients on LAN 1 can go to
internet and ping LAN 2.
I cannot understand why LAN 2 clients can't see LAN 1...
Any help would be appreciated.
Thanks.
Max
Similar Threads
Linear Mode
