simple lan routing

hi there. i'm trying to some very simple (i would have thought) lan to lan
routing using a win2k3 box. this is how it looks:

internet -> adsl modem/switch -> win2k3 box 1 -> switch -> win2k3 box 2

win2k3 box 1 has 2 nic's - 10.1.1.100/8 connected to adsl switch AND
192.168.0.11/24 connected to switch

win2k3 box 2 has 1 nic - 192.168.0.10/24

enabled rras on box 01 for lan routing. just followed steps in ms
documentation and all looked fine. from box 01 i can ping 10.0.0.0 network
and Internet, as well as 192.168.0.10.

however i cannot ping internet or 10.0.0.0 network from box 2.

i'm really confused about this as the documentation seems very straight
forward and "easy" and the setup of rras was simple. just doesnt work.

anyone out there see what i may be doing wrong here?

thanks.

Troubleshoot it this way:

1: From box 2 ping near address of box 1 (192.168.0.11) - confirms local
connectivity
2: From box 2 ping far address of box 1 (10.1.1.100) - This confirms the
routing in RRAS.
3: From box 2 ping address of adsl modem/router/switch (10.1.1.x) - This box
needs to know how to get back to the 192.168.0.0 network. I'd say this is
where you problem is.

Cheers,
Jeremy.

"BW" <(E-Mail Removed)> wrote in message
news:E76299D3-FB2B-4B71-8089-(E-Mail Removed)...
> hi there. i'm trying to some very simple (i would have thought) lan to
> lan
> routing using a win2k3 box. this is how it looks:
>
> internet -> adsl modem/switch -> win2k3 box 1 -> switch -> win2k3 box 2
>
> win2k3 box 1 has 2 nic's - 10.1.1.100/8 connected to adsl switch AND
> 192.168.0.11/24 connected to switch
>
> win2k3 box 2 has 1 nic - 192.168.0.10/24
>
> enabled rras on box 01 for lan routing. just followed steps in ms
> documentation and all looked fine. from box 01 i can ping 10.0.0.0
> network
> and Internet, as well as 192.168.0.10.
>
> however i cannot ping internet or 10.0.0.0 network from box 2.
>
> i'm really confused about this as the documentation seems very straight
> forward and "easy" and the setup of rras was simple. just doesnt work.
>
> anyone out there see what i may be doing wrong here?
>
> thanks.

hi thanks for reply, here's my results from your suggestions:

test 1 - works so confirms 192.168.0.0 network connectivity
test 2 - fails
test 3 - fails

the win2k3 router does not seem to be passing packets between the
interfaces. all i have do on the router is enabled rras as lan routing which
is all the directions from MS said to do.

the only thing i can see that "may" be an issue is under IP routing -
general (in rras console) I can see the interfaces loopback, internal
network, internal and external network. however "internal" states "not
available" under IP address field and "non-operational" under operational
status field. Both the internal network and external network have in and out
bytes listes. so like i said just seems to be not forwarding packets between
interfaces. is there anything else that needs to be "turned on" for this to
occur?

thanks again.

"Jeremy" wrote:

> Troubleshoot it this way:
>
> 1: From box 2 ping near address of box 1 (192.168.0.11) - confirms local
> connectivity
> 2: From box 2 ping far address of box 1 (10.1.1.100) - This confirms the
> routing in RRAS.
> 3: From box 2 ping address of adsl modem/router/switch (10.1.1.x) - This box
> needs to know how to get back to the 192.168.0.0 network. I'd say this is
> where you problem is.
>
> Cheers,
> Jeremy.
>
> "BW" <(E-Mail Removed)> wrote in message
> news:E76299D3-FB2B-4B71-8089-(E-Mail Removed)...
> > hi there. i'm trying to some very simple (i would have thought) lan to
> > lan
> > routing using a win2k3 box. this is how it looks:
> >
> > internet -> adsl modem/switch -> win2k3 box 1 -> switch -> win2k3 box 2
> >
> > win2k3 box 1 has 2 nic's - 10.1.1.100/8 connected to adsl switch AND
> > 192.168.0.11/24 connected to switch
> >
> > win2k3 box 2 has 1 nic - 192.168.0.10/24
> >
> > enabled rras on box 01 for lan routing. just followed steps in ms
> > documentation and all looked fine. from box 01 i can ping 10.0.0.0
> > network
> > and Internet, as well as 192.168.0.10.
> >
> > however i cannot ping internet or 10.0.0.0 network from box 2.
> >
> > i'm really confused about this as the documentation seems very straight
> > forward and "easy" and the setup of rras was simple. just doesnt work.
> >
> > anyone out there see what i may be doing wrong here?
> >
> > thanks.
>

I've only done this once, and from memory it was as simple as you say it
should be.

It should know about the directly connected networks. Anything in the event
log? The "not operational" error looks like the culprit.
"BW" <(E-Mail Removed)> wrote in message
news:91EC4B68-51E3-4AFD-869A-(E-Mail Removed)...
> hi thanks for reply, here's my results from your suggestions:
>
> test 1 - works so confirms 192.168.0.0 network connectivity
> test 2 - fails
> test 3 - fails
>
> the win2k3 router does not seem to be passing packets between the
> interfaces. all i have do on the router is enabled rras as lan routing
> which
> is all the directions from MS said to do.
>
> the only thing i can see that "may" be an issue is under IP routing -
> general (in rras console) I can see the interfaces loopback, internal
> network, internal and external network. however "internal" states "not
> available" under IP address field and "non-operational" under operational
> status field. Both the internal network and external network have in and
> out
> bytes listes. so like i said just seems to be not forwarding packets
> between
> interfaces. is there anything else that needs to be "turned on" for this
> to
> occur?
>
> thanks again.
>
> "Jeremy" wrote:
>
>> Troubleshoot it this way:
>>
>> 1: From box 2 ping near address of box 1 (192.168.0.11) - confirms local
>> connectivity
>> 2: From box 2 ping far address of box 1 (10.1.1.100) - This confirms the
>> routing in RRAS.
>> 3: From box 2 ping address of adsl modem/router/switch (10.1.1.x) - This
>> box
>> needs to know how to get back to the 192.168.0.0 network. I'd say this
>> is
>> where you problem is.
>>
>> Cheers,
>> Jeremy.
>>
>> "BW" <(E-Mail Removed)> wrote in message
>> news:E76299D3-FB2B-4B71-8089-(E-Mail Removed)...
>> > hi there. i'm trying to some very simple (i would have thought) lan to
>> > lan
>> > routing using a win2k3 box. this is how it looks:
>> >
>> > internet -> adsl modem/switch -> win2k3 box 1 -> switch -> win2k3 box 2
>> >
>> > win2k3 box 1 has 2 nic's - 10.1.1.100/8 connected to adsl switch AND
>> > 192.168.0.11/24 connected to switch
>> >
>> > win2k3 box 2 has 1 nic - 192.168.0.10/24
>> >
>> > enabled rras on box 01 for lan routing. just followed steps in ms
>> > documentation and all looked fine. from box 01 i can ping 10.0.0.0
>> > network
>> > and Internet, as well as 192.168.0.10.
>> >
>> > however i cannot ping internet or 10.0.0.0 network from box 2.
>> >
>> > i'm really confused about this as the documentation seems very straight
>> > forward and "easy" and the setup of rras was simple. just doesnt work.
>> >
>> > anyone out there see what i may be doing wrong here?
>> >
>> > thanks.
>>

no nothing in the event log. the route table looks ok, basically default
route points to router ip of 10.1.1.1, route to 10.0.0.0 network points to
external interface and route to 192.168.0.0 network points to internal
interface so that all seems right.

on the router, what should the default gateway be for the internal
interface, at the moment it is blank?

thanks.

"Jeremy" wrote:

> I've only done this once, and from memory it was as simple as you say it
> should be.
>
> It should know about the directly connected networks. Anything in the event
> log? The "not operational" error looks like the culprit.
> "BW" <(E-Mail Removed)> wrote in message
> news:91EC4B68-51E3-4AFD-869A-(E-Mail Removed)...
> > hi thanks for reply, here's my results from your suggestions:
> >
> > test 1 - works so confirms 192.168.0.0 network connectivity
> > test 2 - fails
> > test 3 - fails
> >
> > the win2k3 router does not seem to be passing packets between the
> > interfaces. all i have do on the router is enabled rras as lan routing
> > which
> > is all the directions from MS said to do.
> >
> > the only thing i can see that "may" be an issue is under IP routing -
> > general (in rras console) I can see the interfaces loopback, internal
> > network, internal and external network. however "internal" states "not
> > available" under IP address field and "non-operational" under operational
> > status field. Both the internal network and external network have in and
> > out
> > bytes listes. so like i said just seems to be not forwarding packets
> > between
> > interfaces. is there anything else that needs to be "turned on" for this
> > to
> > occur?
> >
> > thanks again.
> >
> > "Jeremy" wrote:
> >
> >> Troubleshoot it this way:
> >>
> >> 1: From box 2 ping near address of box 1 (192.168.0.11) - confirms local
> >> connectivity
> >> 2: From box 2 ping far address of box 1 (10.1.1.100) - This confirms the
> >> routing in RRAS.
> >> 3: From box 2 ping address of adsl modem/router/switch (10.1.1.x) - This
> >> box
> >> needs to know how to get back to the 192.168.0.0 network. I'd say this
> >> is
> >> where you problem is.
> >>
> >> Cheers,
> >> Jeremy.
> >>
> >> "BW" <(E-Mail Removed)> wrote in message
> >> news:E76299D3-FB2B-4B71-8089-(E-Mail Removed)...
> >> > hi there. i'm trying to some very simple (i would have thought) lan to
> >> > lan
> >> > routing using a win2k3 box. this is how it looks:
> >> >
> >> > internet -> adsl modem/switch -> win2k3 box 1 -> switch -> win2k3 box 2
> >> >
> >> > win2k3 box 1 has 2 nic's - 10.1.1.100/8 connected to adsl switch AND
> >> > 192.168.0.11/24 connected to switch
> >> >
> >> > win2k3 box 2 has 1 nic - 192.168.0.10/24
> >> >
> >> > enabled rras on box 01 for lan routing. just followed steps in ms
> >> > documentation and all looked fine. from box 01 i can ping 10.0.0.0
> >> > network
> >> > and Internet, as well as 192.168.0.10.
> >> >
> >> > however i cannot ping internet or 10.0.0.0 network from box 2.
> >> >
> >> > i'm really confused about this as the documentation seems very straight
> >> > forward and "easy" and the setup of rras was simple. just doesnt work.
> >> >
> >> > anyone out there see what i may be doing wrong here?
> >> >
> >> > thanks.
> >>
>

Yes, the default gateway on the internal NIC should be blank.

The internal interface in RRAS is used for remote access. It will not
become active until a remote access client connects. It has nothing to do
with LAN routing.

LAN routing only works properly by default if the LAN router is the
default gateway for both subnets. If one segment is using another router as
its default gateway, you get the problem that you see. The reason for this
is that the traffic for the internal subnet never gets to the LAN router.
The Internet router knows nothing about the internal subnet. It's default
route is out to the Internet, so the 192.168 private IP traffic is discarded
as not deliverable. It would work if you configured it as a NAT router, but
then you would be doing NAT twice.

You need extra routing on the Internet router so that it knows how to
reach the 192.168 subnet. The simplest method is to add a static route to
the Internet router to forward traffic for 192.168.0.0 to the LAN router.
eg

Internet
|
public IP
ADSL router {static route 192.168.0.0 255.255.255.0 10.1.1.100 }
10.1.1.1
|
10.1.1.100 dg 10.1.1.1
LAN router
192.168.0.1 dg blank
|
LAN machines
192.168.0.x dg 192.168.0.1


"BW" <(E-Mail Removed)> wrote in message
news:2A77B84D-AA99-42D1-88C8-(E-Mail Removed)...
> no nothing in the event log. the route table looks ok, basically default
> route points to router ip of 10.1.1.1, route to 10.0.0.0 network points to
> external interface and route to 192.168.0.0 network points to internal
> interface so that all seems right.
>
> on the router, what should the default gateway be for the internal
> interface, at the moment it is blank?
>
> thanks.
>
> "Jeremy" wrote:
>
>> I've only done this once, and from memory it was as simple as you say it
>> should be.
>>
>> It should know about the directly connected networks. Anything in the
>> event
>> log? The "not operational" error looks like the culprit.
>> "BW" <(E-Mail Removed)> wrote in message
>> news:91EC4B68-51E3-4AFD-869A-(E-Mail Removed)...
>> > hi thanks for reply, here's my results from your suggestions:
>> >
>> > test 1 - works so confirms 192.168.0.0 network connectivity
>> > test 2 - fails
>> > test 3 - fails
>> >
>> > the win2k3 router does not seem to be passing packets between the
>> > interfaces. all i have do on the router is enabled rras as lan routing
>> > which
>> > is all the directions from MS said to do.
>> >
>> > the only thing i can see that "may" be an issue is under IP routing -
>> > general (in rras console) I can see the interfaces loopback, internal
>> > network, internal and external network. however "internal" states "not
>> > available" under IP address field and "non-operational" under
>> > operational
>> > status field. Both the internal network and external network have in
>> > and
>> > out
>> > bytes listes. so like i said just seems to be not forwarding packets
>> > between
>> > interfaces. is there anything else that needs to be "turned on" for
>> > this
>> > to
>> > occur?
>> >
>> > thanks again.
>> >
>> > "Jeremy" wrote:
>> >
>> >> Troubleshoot it this way:
>> >>
>> >> 1: From box 2 ping near address of box 1 (192.168.0.11) - confirms
>> >> local
>> >> connectivity
>> >> 2: From box 2 ping far address of box 1 (10.1.1.100) - This confirms
>> >> the
>> >> routing in RRAS.
>> >> 3: From box 2 ping address of adsl modem/router/switch (10.1.1.x) -
>> >> This
>> >> box
>> >> needs to know how to get back to the 192.168.0.0 network. I'd say
>> >> this
>> >> is
>> >> where you problem is.
>> >>
>> >> Cheers,
>> >> Jeremy.
>> >>
>> >> "BW" <(E-Mail Removed)> wrote in message
>> >> news:E76299D3-FB2B-4B71-8089-(E-Mail Removed)...
>> >> > hi there. i'm trying to some very simple (i would have thought) lan
>> >> > to
>> >> > lan
>> >> > routing using a win2k3 box. this is how it looks:
>> >> >
>> >> > internet -> adsl modem/switch -> win2k3 box 1 -> switch -> win2k3
>> >> > box 2
>> >> >
>> >> > win2k3 box 1 has 2 nic's - 10.1.1.100/8 connected to adsl switch AND
>> >> > 192.168.0.11/24 connected to switch
>> >> >
>> >> > win2k3 box 2 has 1 nic - 192.168.0.10/24
>> >> >
>> >> > enabled rras on box 01 for lan routing. just followed steps in ms
>> >> > documentation and all looked fine. from box 01 i can ping 10.0.0.0
>> >> > network
>> >> > and Internet, as well as 192.168.0.10.
>> >> >
>> >> > however i cannot ping internet or 10.0.0.0 network from box 2.
>> >> >
>> >> > i'm really confused about this as the documentation seems very
>> >> > straight
>> >> > forward and "easy" and the setup of rras was simple. just doesnt
>> >> > work.
>> >> >
>> >> > anyone out there see what i may be doing wrong here?
>> >> >
>> >> > thanks.
>> >>
>>

Thanks for you help. Found the solution in the thread "mulithomed routing
rras" and the post by Bill Grant. i needed a static route back to the
internal network on the adsl router otherwise it just dropped packets as it
didnt know what to do with them.

"BW" wrote:

> no nothing in the event log. the route table looks ok, basically default
> route points to router ip of 10.1.1.1, route to 10.0.0.0 network points to
> external interface and route to 192.168.0.0 network points to internal
> interface so that all seems right.
>
> on the router, what should the default gateway be for the internal
> interface, at the moment it is blank?
>
> thanks.
>
> "Jeremy" wrote:
>
> > I've only done this once, and from memory it was as simple as you say it
> > should be.
> >
> > It should know about the directly connected networks. Anything in the event
> > log? The "not operational" error looks like the culprit.
> > "BW" <(E-Mail Removed)> wrote in message
> > news:91EC4B68-51E3-4AFD-869A-(E-Mail Removed)...
> > > hi thanks for reply, here's my results from your suggestions:
> > >
> > > test 1 - works so confirms 192.168.0.0 network connectivity
> > > test 2 - fails
> > > test 3 - fails
> > >
> > > the win2k3 router does not seem to be passing packets between the
> > > interfaces. all i have do on the router is enabled rras as lan routing
> > > which
> > > is all the directions from MS said to do.
> > >
> > > the only thing i can see that "may" be an issue is under IP routing -
> > > general (in rras console) I can see the interfaces loopback, internal
> > > network, internal and external network. however "internal" states "not
> > > available" under IP address field and "non-operational" under operational
> > > status field. Both the internal network and external network have in and
> > > out
> > > bytes listes. so like i said just seems to be not forwarding packets
> > > between
> > > interfaces. is there anything else that needs to be "turned on" for this
> > > to
> > > occur?
> > >
> > > thanks again.
> > >
> > > "Jeremy" wrote:
> > >
> > >> Troubleshoot it this way:
> > >>
> > >> 1: From box 2 ping near address of box 1 (192.168.0.11) - confirms local
> > >> connectivity
> > >> 2: From box 2 ping far address of box 1 (10.1.1.100) - This confirms the
> > >> routing in RRAS.
> > >> 3: From box 2 ping address of adsl modem/router/switch (10.1.1.x) - This
> > >> box
> > >> needs to know how to get back to the 192.168.0.0 network. I'd say this
> > >> is
> > >> where you problem is.
> > >>
> > >> Cheers,
> > >> Jeremy.
> > >>
> > >> "BW" <(E-Mail Removed)> wrote in message
> > >> news:E76299D3-FB2B-4B71-8089-(E-Mail Removed)...
> > >> > hi there. i'm trying to some very simple (i would have thought) lan to
> > >> > lan
> > >> > routing using a win2k3 box. this is how it looks:
> > >> >
> > >> > internet -> adsl modem/switch -> win2k3 box 1 -> switch -> win2k3 box 2
> > >> >
> > >> > win2k3 box 1 has 2 nic's - 10.1.1.100/8 connected to adsl switch AND
> > >> > 192.168.0.11/24 connected to switch
> > >> >
> > >> > win2k3 box 2 has 1 nic - 192.168.0.10/24
> > >> >
> > >> > enabled rras on box 01 for lan routing. just followed steps in ms
> > >> > documentation and all looked fine. from box 01 i can ping 10.0.0.0
> > >> > network
> > >> > and Internet, as well as 192.168.0.10.
> > >> >
> > >> > however i cannot ping internet or 10.0.0.0 network from box 2.
> > >> >
> > >> > i'm really confused about this as the documentation seems very straight
> > >> > forward and "easy" and the setup of rras was simple. just doesnt work.
> > >> >
> > >> > anyone out there see what i may be doing wrong here?
> > >> >
> > >> > thanks.
> > >>
> >

Thanks Bill. Sorry didnt see your post before i posted my last reply which
is why i referenced your post in another thread. Thanks again guys for your
help, not only does it work but i understand the process much better now.

"BW" wrote:

> Thanks for you help. Found the solution in the thread "mulithomed routing
> rras" and the post by Bill Grant. i needed a static route back to the
> internal network on the adsl router otherwise it just dropped packets as it
> didnt know what to do with them.
>
> "BW" wrote:
>
> > no nothing in the event log. the route table looks ok, basically default
> > route points to router ip of 10.1.1.1, route to 10.0.0.0 network points to
> > external interface and route to 192.168.0.0 network points to internal
> > interface so that all seems right.
> >
> > on the router, what should the default gateway be for the internal
> > interface, at the moment it is blank?
> >
> > thanks.
> >
> > "Jeremy" wrote:
> >
> > > I've only done this once, and from memory it was as simple as you say it
> > > should be.
> > >
> > > It should know about the directly connected networks. Anything in the event
> > > log? The "not operational" error looks like the culprit.
> > > "BW" <(E-Mail Removed)> wrote in message
> > > news:91EC4B68-51E3-4AFD-869A-(E-Mail Removed)...
> > > > hi thanks for reply, here's my results from your suggestions:
> > > >
> > > > test 1 - works so confirms 192.168.0.0 network connectivity
> > > > test 2 - fails
> > > > test 3 - fails
> > > >
> > > > the win2k3 router does not seem to be passing packets between the
> > > > interfaces. all i have do on the router is enabled rras as lan routing
> > > > which
> > > > is all the directions from MS said to do.
> > > >
> > > > the only thing i can see that "may" be an issue is under IP routing -
> > > > general (in rras console) I can see the interfaces loopback, internal
> > > > network, internal and external network. however "internal" states "not
> > > > available" under IP address field and "non-operational" under operational
> > > > status field. Both the internal network and external network have in and
> > > > out
> > > > bytes listes. so like i said just seems to be not forwarding packets
> > > > between
> > > > interfaces. is there anything else that needs to be "turned on" for this
> > > > to
> > > > occur?
> > > >
> > > > thanks again.
> > > >
> > > > "Jeremy" wrote:
> > > >
> > > >> Troubleshoot it this way:
> > > >>
> > > >> 1: From box 2 ping near address of box 1 (192.168.0.11) - confirms local
> > > >> connectivity
> > > >> 2: From box 2 ping far address of box 1 (10.1.1.100) - This confirms the
> > > >> routing in RRAS.
> > > >> 3: From box 2 ping address of adsl modem/router/switch (10.1.1.x) - This
> > > >> box
> > > >> needs to know how to get back to the 192.168.0.0 network. I'd say this
> > > >> is
> > > >> where you problem is.
> > > >>
> > > >> Cheers,
> > > >> Jeremy.
> > > >>
> > > >> "BW" <(E-Mail Removed)> wrote in message
> > > >> news:E76299D3-FB2B-4B71-8089-(E-Mail Removed)...
> > > >> > hi there. i'm trying to some very simple (i would have thought) lan to
> > > >> > lan
> > > >> > routing using a win2k3 box. this is how it looks:
> > > >> >
> > > >> > internet -> adsl modem/switch -> win2k3 box 1 -> switch -> win2k3 box 2
> > > >> >
> > > >> > win2k3 box 1 has 2 nic's - 10.1.1.100/8 connected to adsl switch AND
> > > >> > 192.168.0.11/24 connected to switch
> > > >> >
> > > >> > win2k3 box 2 has 1 nic - 192.168.0.10/24
> > > >> >
> > > >> > enabled rras on box 01 for lan routing. just followed steps in ms
> > > >> > documentation and all looked fine. from box 01 i can ping 10.0.0.0
> > > >> > network
> > > >> > and Internet, as well as 192.168.0.10.
> > > >> >
> > > >> > however i cannot ping internet or 10.0.0.0 network from box 2.
> > > >> >
> > > >> > i'm really confused about this as the documentation seems very straight
> > > >> > forward and "easy" and the setup of rras was simple. just doesnt work.
> > > >> >
> > > >> > anyone out there see what i may be doing wrong here?
> > > >> >
> > > >> > thanks.
> > > >>
> > >