URGENT PROBLEM – ENABLING INTERNET ACESS THRU VARIOUS SUBNETS IN A WAN CONFIGURATION

0 pts.
Tags:
Cabling
Cisco
DataCenter
DHCP
DNS
Hardware
Hubs
Interoperability
Network management software
Networking services
Routers
Software
Switches
Tech support
Hello All, I have a problem currently with my current WAN setup accessing the internet.Pls help! Configuration: 4 locations connected via ADSL Leased Circuits in a WAN Setup Internet Access via cable modem connected to Netgear wireless router in 10.10.10.0 subnet NO DHCP Server running in WAN HQ config- Subnet:10.10.10.0/255.255.255.0 SQl Applicaton Svr(Win2003svr): 10.10.10.1/255.255.255.0 Cisco ADSL 837 w/4-port switch Router:10.10.10.100/255.255.255.0 Firewall disabled DHCP/NAT disabled (downlinked connection to Netgear router) Netgear WGR614 Wireless Router w/4-port switch:10.10.10.50/255.255.255.0 Firewall Disabled DHCP/NAT Disabled (cable modem connected to WAN port and uplinked connection to Cisco router) *** All PCs/Clients work perfectly fine connecting to SQl Svr, Cisco/Netgear routers. In short, NO Problems on this network and can ping all routers/clients in the WAN. Internet access is also ok in this network. Added route on all clients in this network and it worked perfectly thereafter for this HQ Subnet. route -p add 10.10.1.0 mask 255.255.255.0 10.10.10.100 route -p add 10.10.2.0 mask 255.255.255.0 10.10.10.100 route -p add 10.10.3.0 mask 255.255.255.0 10.10.10.100 route -p add 10.10.10.0 mask 255.255.255.0 10.10.10.100 Site A config: subnet:10.10.1.0/255.255.255.0 Siemens Speedstream ADSL Router w/4-port switch Router:10.10.1.100/255.255.255.0 Firewall disabled DHCP/NAT disabled Added route on all clients in this subnet. route -p add 10.10.10.0 mask 255.255.255.0 10.10.1.100 route -p add 10.10.1.0 mask 255.255.255.0 10.10.1.100 route -p add 10.10.2.0 mask 255.255.255.0 10.10.1.100 route -p add 10.10.3.0 mask 255.255.255.0 10.10.1.100 *** All PCs/Clients work perfectly fine connecting to HQ's SQl Svr. Can Ping all routers(including Netgear) in the WAN. BUT CANNOT ACCESS THE INTERNET!!!!! **** SAME PROBLEM ON BOTH SITE B & C WITH THEIR DETAILS BELOW IDENTICAL TO SITE A. ALL REMOTE SITES CANNOT ACCESS INTERNET CONNECTED IN THE HQ SUBNET THRU CABLE TO THE NETGEAR ROUTE. Site B config: subnet:10.10.2.0/255.255.255.0 Siemens Speedstream ADSL Router w/4-port switch Router:10.10.2.100/255.255.255.0 Firewall disabled DHCP/NAT disabled Site C config: subnet:10.10.3.0/255.255.255.0 Siemens Speedstream ADSL Router w/4-port switch Router:10.10.3.100/255.255.255.0 Firewall disabled DHCP/NAT disabled *** ALL REMOTE SITES CAN ACCESS SQL SERVER AND CAN PING/REMOTE MANAGE THE NETGEAR ROUTER AT 10.10.10.50.
ASKED: May 29, 2006  12:06 AM
UPDATED: May 30, 2006  12:05 PM

Answer Wiki

Thanks. We'll let you know when a new response is added.

Hi YNWAJLEE,

You can’t access Internet having private IPs and disabling NAT – these IPs are not routable :o((

So, enable NAT on both sites, and don’t forget to set default routes (according to the syntax of your router OS).

BR and good luck

Petko

Discuss This Question: 3  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Tracybs
    First of all, I didn?t see a default route on the remote side. It may be there but? You?ll need two. One for the clients pointing to the remote Netgear and one on the Netgear pointing to HQ. Since the remote clients can get to the SQL server the routes at HQ back to the remote client subnets must be okay. If you have the default routes on the remote side ? or if you put them there and things still don?t work ? try a traceroute to an Internet address and see where you are getting to and where you are being dropped. I?m not real familiar with the Netgear?s but there may be an issue with NAT?ing traffic that is not coming from it?s own internal side. On a PIX you would need to configure either to allow everything to be NAT?d or each individual network/host that you want NAT?d. The Netgear may be the same way. Good Luck!
    0 pointsBadges:
    report
  • TNGeorge
    Your write up is insufficient to completely diagnose but, it looks like the subnet settings are messed up. You are suggesting that you have four physical nets with one logical setup. You need to include the default gateway information for each device. If you are going to configure each machine by hand OK, but it would be easier to use DHCP with NAT enabled at your gateway to control what IPs get assigned down to the individual systems. Customarily, a default gateway is set at the first usable IP, (Example. Net 10.10.10.0/24 (this is CYDER notation)) Gateway 10.10.10.1 and zero is not used Subnet mask 255.255.255.0 Other devices 10.10.10.10-254 This arrangement will not route in most cases across a formal router running any exterior oriented protocols, i.e., BGP, OSPF, etc. and to get the physical segments to propagate you may need to set up logical subnets, i.e., (Example. Net 10.10.10.0/26 Gateway 10.10.10.1 Gateway out of your control to ISP Other devices 10.10.10.2 - 62 Subnet mask 255.255.255.192 Gateway to subnet above 10.10.10.65 Other devices 10.10.10.65 - 126 Subnet mask 255.255.255.192 Gateway to subnet above 10.10.10.65 Other devices 10.10.10.129 - 190 Subnet mask 255.255.255.192 Gateway to subnet above 10.10.10.65 Other devices 10.10.10.193 Subnet mask 255.255.255.192 That gets four subnets that are aware of each other. The missing IP number as for proper subnet communication on their segments. Also you need to check your hosts files for entries which can cause problems George
    0 pointsBadges:
    report
  • Astronomer
    I agree with the first response. Since you are using private addresses you will have to use NAT somewhere to access the internet. Do you want each remote location to access the internet directly? If so you will have to NAT at every location. I also noticed you have the firewall turned off at each location. This is fine as long as the systems don't communicate with the internet. As soon as you fix the internet access problem you should turn on firewalling and configure rules to only allow the traffic you want. rt
    15 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following