multiple lans, subnets, dsl connections on the same cables

15 pts.
Tags:
DSL
HP ProCurve
LAN
LAN configuration
Routing and switching
Subnets
Switches
Windows 2000 Server
well this is my first post and its a doosie. At lewast for me. Looking for an all wise network guru!! =] we had an existing network consisting of 10pc's, a win2k server and a dsl connection. all was fine... dsl router:192.168.0.1 server: 192.168.0.10, 192.168.0.50 easy as pie... now we are partners with a spanish company and they have installed thier own lan with 2 servers and another dsl along with a fiber backbone using 2 hp procurve switches. ( gets me all happy just lookin at them ) so now we are all on the same topology. but they have a lan using... dsl:192.168.224.1 lan:192.168.224.x and they have installed a vpn device to connect to spain. on our cards in all the pc's we have divied out 2 ips the 224.x being the primary and the 0.x being the added ip. but in order for it to work with thier vpn the default gateway needs to be 192.168.224.1. and all this is happy i guess except they only want spanish trafic going that way not any local internet trafic. they want this to go out 192.168.0.1. ive tried a few things but cant seem to get it working. our win 2k server is all messed up configuration wise. been making it linp along because of a db program. dont want to try and reinstall. but i dont think a win2k standard server can bridge either. i have never setup a proxy server and was thinking about that as well. but would rather just find a simple routing solution if there is one. and thanks ahead of time for even reading this let alone responding =]
Asked: Last updated:
Related Questions
1

Answer Wiki

Thanks. We'll let you know when a new response is added.

I think your confusion is catching as I don’t understand why you created the 192.168.224.x subnet on your site when you already had the 192.168.0.x subnet. The VPN would work better if both sites had different subnets and sent traffic between the hosts on the subnets across the VPN tunnel. Traffic not destined for the other site would then go out a non-VPN route to the ISP’s network.

So, let’s say that the Spain network is the 192.168.224.x network and your network is the 192.168.0.x network. Traffic going to a device on 192.168.224.x network would go to the default gateway on your LAN and then get routed across the VPN tunnel. Any traffic not destined for a 192.168.224.x device would go to the internet. Devices on each network would be able to talk to each other without going to the gateway if the subnet masks are correctly set at each end. In this case a 24-bit subnet mask (255.255.255.0) would be recommended.

Hope this helps and if not maybe you can provide more details on the reasoning for the current double IP address configuration.

===============================

Since you have two IPs per device, all devices want to only use the primary IP which would be the 192.168.224.x subnet. That means everything is routing to the Spain DSL gateway. To make sure only traffic meant for Spain is sent through the Spain gateway, you need to change the default IP route on the 192.168.224.x gateway or switch to point to your local gateway. Then set a static route for traffic going to the Spain IP address to point to the Spain gateway.

Say Spain’s internal network uses 10.0.0.x. You need to set a static route for all traffic going to 10.0.0.x to 192.168.224.1. And set the default route (all other traffic) to use 192.168.0.1.

Adding just two static routes will prevent you from changing anything else.

Discuss This Question: 3  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Jason S. Erickson
    I would VLAN them off! You willstillshare the switches but have 2 networks that cant see each other unless you want them to. They also would each have their own gateway address. If they have newer managed procureves this should be easy to set up. Cheers!
    0 pointsBadges:
    report
  • Jabooma
    ok i tried this again and i thought i did it right before but it worked this time. must be i had something wrong or they have changed something on thier server/gateway/vpn. i setup the cards with... pri ip :192.168.0.x :192.168.224.x mask :255.255.255.0 gateway :192.168.0.1 then i added the... route -p add 192.168.5.0 mask 255.255.255.0 192.168.224.1 now it all works. the only thing i can think of if it was on my end would be i tried to add the interface on the route command. and i also tried to use to cards. i must have missed something. thanks for the help and confirming i was on the right track.
    15 pointsBadges:
    report
  • mshen
    Thanks for the update. That was a good idea, I didn't think to create the route on the windows machines.
    27,385 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.

Following

Share this item with your network: