Multihomed PC As Router

My problem is as follows: I have 2 domains on the same physical segment.
Domain 1 is 192.168.100.x and Domain 2 is 192.168.200.x. I have a
multihomed PC (running Windows Server 2003) and am trying to have each
domain be able to access the other. Right Now the multi-homed PC can ping
either network. However the clients can't ping the other domain. My
configuration is as follows. Can anyone tell me what my problem is? Do I
need to set up a static route? If so how would I do that? What is the
exact configuration of the static route? I do have ip forwarding enabled.

Client 1 on Domain 1
IP Address 192.168.200.100
Subnet Mask 255.255.255.0
Gateway 192.168.200.1

Multihomed Domain Controller
Nic 1 Nic 2
IP Address 192.168.200.1 IP Address 192.168.100.1
Subnet Mask 255.255.255.0 Subnet Mask 255.255.255.0
Gateway None Gateway 192.168.100.254
(outside)

Client 1 on Domain 2
IP Address 192.168.100.100
Subnet Mask 255.255.255.0
Gateway 192.168.100.254

Thanks for you help!!!

Kim

The Default Gateway on "Client1 on Domain2" is wrong. It should the machine
you are using as a router (192.168.100.1). If however the IP#
192.168.100.254 is some other router you haven't mentioned, then things will
get complicated.

Also be sure that "routing" (aka "IP Forwarding") is enabled on the machine
you are using as a router.


--

Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com


"Kim" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> My problem is as follows: I have 2 domains on the same physical segment.
> Domain 1 is 192.168.100.x and Domain 2 is 192.168.200.x. I have a
> multihomed PC (running Windows Server 2003) and am trying to have each
> domain be able to access the other. Right Now the multi-homed PC can ping
> either network. However the clients can't ping the other domain. My
> configuration is as follows. Can anyone tell me what my problem is? Do I
> need to set up a static route? If so how would I do that? What is the
> exact configuration of the static route? I do have ip forwarding enabled.
>
> Client 1 on Domain 1
> IP Address 192.168.200.100
> Subnet Mask 255.255.255.0
> Gateway 192.168.200.1
>
> Multihomed Domain Controller
> Nic 1 Nic 2
> IP Address 192.168.200.1 IP Address 192.168.100.1
> Subnet Mask 255.255.255.0 Subnet Mask 255.255.255.0
> Gateway None Gateway 192.168.100.254
> (outside)
>
> Client 1 on Domain 2
> IP Address 192.168.100.100
> Subnet Mask 255.255.255.0
> Gateway 192.168.100.254
>
> Thanks for you help!!!
>
> Kim
>
>
>

>My problem is as follows: I have 2 domains on the same physical segment.
>Domain 1 is 192.168.100.x and Domain 2 is 192.168.200.x. I have a
>multihomed PC (running Windows Server 2003) and am trying to have each
>domain be able to access the other. Right Now the multi-homed PC can ping
>either network. However the clients can't ping the other domain. My
>configuration is as follows. Can anyone tell me what my problem is? Do I
>need to set up a static route? If so how would I do that? What is the
>exact configuration of the static route? I do have ip forwarding enabled.
>
> Client 1 on Domain 1
> IP Address 192.168.200.100
> Subnet Mask 255.255.255.0
> Gateway 192.168.200.1
>
> Multihomed Domain Controller
> Nic 1 Nic 2
>IP Address 192.168.200.1 IP Address 192.168.100.1
>Subnet Mask 255.255.255.0 Subnet Mask 255.255.255.0
>Gateway None Gateway 192.168.100.254
>(outside)
>
> Client 1 on Domain 2
> IP Address 192.168.100.100
> Subnet Mask 255.255.255.0
> Gateway 192.168.100.254
>
>Thanks for you help!!!
>
>Kim
>
>
>
>
Kim,

What it looks like is that the Client 1 Domain 2 is pointing to 192.168.100.254 (not the Windows Router for Default Gateway). In this configuration the Client
1 on Domain 1 machine will send an ICMP ECHO REQUEST to its Gateway (192.168.200.1) because it does not know of a route in its local routing table
for the destination 192.168.100.x.

This frame is passed to the Windows router who knows how to get to the 192.168.100.x network because it has a leg on that network. The router than
forwards to the request to the host.

***THE NEXT STEP IS PROBABLY THE ISSUE:

The client then receives the ECHO REQUEST frame and because it does not have a route locally back to the sender, it send its response to the Default
Gateway Configured on Client 1 Domain 2 (192.168.100.254). ****THIS IS NOT THE WINDOWS ROUTER.

You are probably getting a request timed out error message as the packets are just flying off into space at this point. There are several things that can
be done to fix this.

1. On the Client 1 Domain 2 system (the system that you are pinging from Client 1 Domain 1), you can add a static route to that systems routing table
using the following command:

route add 192.168.200.0 MASK 255.255.255.0 192.168.100.1

This is just a test route that will be lost at the next reboot because we did not use the "p" switch to make the route persistent across boots.

Try to ping this client now. This client should respond.

2. A recommended solution to this would be to add a route to the 192.168.100.254 router for the 192.168.200.x network. This way you make a single
change on one system that allows all communication to work. This way when the Client 1 Domain 2 client responds to the ICMP ECHO REQUEST and
passes that data to it Default Gateway, the gateway knows how to get to the 192.168.200.x network!

3. Point both Client 1 Domain 1 and Client 1 Domain 2 to the Windows System for Default Gateway. The Windows Server has a default gateway of
192.168.100.254 which is the router that probably controls access to the internet for your clients. This should work as well.

Additional resources
================================================== =============
178993 How to Use Static Routes with Routing and Remote Access Service
http://support.microsoft.com/?id=178993

For more information you can type Route add /? At the command prompt for switch and usage data.


T.J. Campana [MSFT]
Microsoft EPS Networking
--
This posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this message are best directed to the newsgroup/thread from which they originated.

Thank you so much TJ! That fixed our problem! We will add a route on our
internet gateway.

Kim

"TJ Campana [MSFT]" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> >My problem is as follows: I have 2 domains on the same physical segment.
> >Domain 1 is 192.168.100.x and Domain 2 is 192.168.200.x. I have a
> >multihomed PC (running Windows Server 2003) and am trying to have each
> >domain be able to access the other. Right Now the multi-homed PC can
ping
> >either network. However the clients can't ping the other domain. My
> >configuration is as follows. Can anyone tell me what my problem is? Do
I
> >need to set up a static route? If so how would I do that? What is the
> >exact configuration of the static route? I do have ip forwarding
enabled.
> >
> > Client 1 on Domain 1
> > IP Address 192.168.200.100
> > Subnet Mask 255.255.255.0
> > Gateway 192.168.200.1
> >
> > Multihomed Domain Controller
> > Nic 1 Nic 2
> >IP Address 192.168.200.1 IP Address 192.168.100.1
> >Subnet Mask 255.255.255.0 Subnet Mask 255.255.255.0
> >Gateway None Gateway 192.168.100.254
> >(outside)
> >
> > Client 1 on Domain 2
> > IP Address 192.168.100.100
> > Subnet Mask 255.255.255.0
> > Gateway 192.168.100.254
> >
> >Thanks for you help!!!
> >
> >Kim
> >
> >
> >
> >
> Kim,
>
> What it looks like is that the Client 1 Domain 2 is pointing to
192.168.100.254 (not the Windows Router for Default Gateway). In this
configuration the Client
> 1 on Domain 1 machine will send an ICMP ECHO REQUEST to its Gateway
(192.168.200.1) because it does not know of a route in its local routing
table
> for the destination 192.168.100.x.
>
> This frame is passed to the Windows router who knows how to get to the
192.168.100.x network because it has a leg on that network. The router than
> forwards to the request to the host.
>
> ***THE NEXT STEP IS PROBABLY THE ISSUE:
>
> The client then receives the ECHO REQUEST frame and because it does not
have a route locally back to the sender, it send its response to the Default
> Gateway Configured on Client 1 Domain 2 (192.168.100.254). ****THIS IS
NOT THE WINDOWS ROUTER.
>
> You are probably getting a request timed out error message as the packets
are just flying off into space at this point. There are several things that
can
> be done to fix this.
>
> 1. On the Client 1 Domain 2 system (the system that you are pinging from
Client 1 Domain 1), you can add a static route to that systems routing table
> using the following command:
>
> route add 192.168.200.0 MASK 255.255.255.0 192.168.100.1
>
> This is just a test route that will be lost at the next reboot because we
did not use the "p" switch to make the route persistent across boots.
>
> Try to ping this client now. This client should respond.
>
> 2. A recommended solution to this would be to add a route to the
192.168.100.254 router for the 192.168.200.x network. This way you make a
single
> change on one system that allows all communication to work. This way when
the Client 1 Domain 2 client responds to the ICMP ECHO REQUEST and
> passes that data to it Default Gateway, the gateway knows how to get to
the 192.168.200.x network!
>
> 3. Point both Client 1 Domain 1 and Client 1 Domain 2 to the Windows
System for Default Gateway. The Windows Server has a default gateway of
> 192.168.100.254 which is the router that probably controls access to the
internet for your clients. This should work as well.
>
> Additional resources
> ================================================== =============
> 178993 How to Use Static Routes with Routing and Remote Access Service
> http://support.microsoft.com/?id=178993
>
> For more information you can type Route add /? At the command prompt for
switch and usage data.
>
>
> T.J. Campana [MSFT]
> Microsoft EPS Networking
> --
> This posting is provided "AS IS" with no warranties, and confers no
rights. Use of included script samples are subject to the terms specified at
> http://www.microsoft.com/info/cpyright.htm
>
> Note: For the benefit of the community-at-large, all responses to this
message are best directed to the newsgroup/thread from which they
originated.
>

Kim,

It was my pleasure! Best luck!!!!

TJ

>Thank you so much TJ! That fixed our problem! We will add a route on our
>internet gateway.
>
>Kim
>
>"TJ Campana [MSFT]" <(E-Mail Removed)> wrote in message
>news:(E-Mail Removed)...
>> >My problem is as follows: I have 2 domains on the same physical segment.
>> >Domain 1 is 192.168.100.x and Domain 2 is 192.168.200.x. I have a
>> >multihomed PC (running Windows Server 2003) and am trying to have each
>> >domain be able to access the other. Right Now the multi-homed PC can
>ping
>> >either network. However the clients can't ping the other domain. My
>> >configuration is as follows. Can anyone tell me what my problem is? Do
>I
>> >need to set up a static route? If so how would I do that? What is the
>> >exact configuration of the static route? I do have ip forwarding
>enabled.
>> >
>> > Client 1 on Domain 1
>> > IP Address 192.168.200.100
>> > Subnet Mask 255.255.255.0
>> > Gateway 192.168.200.1
>> >
>> > Multihomed Domain Controller
>> > Nic 1 Nic 2
>> >IP Address 192.168.200.1 IP Address 192.168.100.1
>> >Subnet Mask 255.255.255.0 Subnet Mask 255.255.255.0
>> >Gateway None Gateway 192.168.100.254
>> >(outside)
>> >
>> > Client 1 on Domain 2
>> > IP Address 192.168.100.100
>> > Subnet Mask 255.255.255.0
>> > Gateway 192.168.100.254
>> >
>> >Thanks for you help!!!
>> >
>> >Kim
>> >
>> >
>> >
>> >
>> Kim,
>>
>> What it looks like is that the Client 1 Domain 2 is pointing to
>192.168.100.254 (not the Windows Router for Default Gateway). In this
>configuration the Client
>> 1 on Domain 1 machine will send an ICMP ECHO REQUEST to its Gateway
>(192.168.200.1) because it does not know of a route in its local routing
>table
>> for the destination 192.168.100.x.
>>
>> This frame is passed to the Windows router who knows how to get to the
>192.168.100.x network because it has a leg on that network. The router than
>> forwards to the request to the host.
>>
>> ***THE NEXT STEP IS PROBABLY THE ISSUE:
>>
>> The client then receives the ECHO REQUEST frame and because it does not
>have a route locally back to the sender, it send its response to the Default
>> Gateway Configured on Client 1 Domain 2 (192.168.100.254). ****THIS IS
>NOT THE WINDOWS ROUTER.
>>
>> You are probably getting a request timed out error message as the packets
>are just flying off into space at this point. There are several things that
>can
>> be done to fix this.
>>
>> 1. On the Client 1 Domain 2 system (the system that you are pinging from
>Client 1 Domain 1), you can add a static route to that systems routing table
>> using the following command:
>>
>> route add 192.168.200.0 MASK 255.255.255.0 192.168.100.1
>>
>> This is just a test route that will be lost at the next reboot because we
>did not use the "p" switch to make the route persistent across boots.
>>
>> Try to ping this client now. This client should respond.
>>
>> 2. A recommended solution to this would be to add a route to the
>192.168.100.254 router for the 192.168.200.x network. This way you make a
>single
>> change on one system that allows all communication to work. This way when
>the Client 1 Domain 2 client responds to the ICMP ECHO REQUEST and
>> passes that data to it Default Gateway, the gateway knows how to get to
>the 192.168.200.x network!
>>
>> 3. Point both Client 1 Domain 1 and Client 1 Domain 2 to the Windows
>System for Default Gateway. The Windows Server has a default gateway of
>> 192.168.100.254 which is the router that probably controls access to the
>internet for your clients. This should work as well.
>>
>> Additional resources
>> ================================================== =============
>> 178993 How to Use Static Routes with Routing and Remote Access Service
>> http://support.microsoft.com/?id=178993
>>
>> For more information you can type Route add /? At the command prompt for
>switch and usage data.
>>
>>
>> T.J. Campana [MSFT]
>> Microsoft EPS Networking
>> --
>> This posting is provided "AS IS" with no warranties, and confers no
>rights. Use of included script samples are subject to the terms specified at
>> http://www.microsoft.com/info/cpyright.htm
>>
>> Note: For the benefit of the community-at-large, all responses to this
>message are best directed to the newsgroup/thread from which they
>originated.
>>
>
>
>

T.J. Campana [MSFT]
Microsoft EPS Networking
--
This posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this message are best directed to the newsgroup/thread from which they originated.