ICS NAT problem

  • Thread starter Thread starter landau351
  • Start date Start date
L

landau351

I have a Win2k ICS Host and several Win98 clients.

The ICS Host is multihomed. A cable modem connects to my
ISP, a 10/100 MB Lan card connects to a switch (where the
clients also connect).

If i attempt to "ping www.yahoo.com" from a client I see
the incoming DNS request arrive on the ICS HOST, the DNS
Proxy then forwards it to the external ISP's DNS but I
never get a response !

I can type the exact same query on the ICS Host itself
(from a "cmd" window) and the external DNS responds as
expected.

How do i diagnose what is going wrong ?

I checked the external cable modem link
with the TCP Packet Monitor on the ICS Host whilst sending
the 'ping' from the Win98 client. I am surprised to see
that the packet header (when sent to the external DNS)
contains, as a source TCP address;
192.168.0.1

This is the internal IP address of the ICS Host. The
destination address is correctly setup, so the packet
appears to be sent to my ISP's DNS server. Of course that
server will dump my packet as it has no way of identifying
a machine from internal addresses. How do I diagnose why
the ICS DNS/NAT didn't fully modify the packet to contain
my proper external IP address as the 'source' IP ?

In the past I have used various hardware and NICS to
connect to the internet, including external and internal
dial-up modems. Is it possible that somehow ICS assumes
that this is a 'real' IP address ?

Does anyone know what registry settings apply here ? Could
this be a broken routing table issue ?
-cheers landau
 
Have you tried disabling ICS, restarting and then enabling it again? Make
sure you restart each client to enable it to get the corerct settings from
the ICS machine.
 
Yes I have, many times. The clients clearly sees the mini-
DHCP server as they always succesfully "renew" when I
press the Renew button on the Win98 clients, "winipcfg".

The clients also succssfully send the DNS request when I
attempt to ping the Yahoo domain name. I assume that a
DNS request is the first step needed before the ICMP
request is sent to the IP address. The ICS process on the
Host seems to be at fault here. It doesn't forward on a
properly formed packet. The internal IP address of my
local Lan NIC should never be sent outside the local LAN.
Internet hosts wont be able to process any 192.168.x.x
address as this range has been set aside for use by
internal lans only. The external DNS simply ignores the
DNS requests from my ICS host, UNLESS I attempt the same
ping from the Host itself, in which case the correct
External IP address is set as the 'source' ip address.
This always elicits a DNS response that is then processed
as I expect. As I say, this only ever works on the ICS
host.
The other reason I believe the ICS process is broken is
that I can run a third-party HTTP Proxy on the same Host.
When I point the client web browsers to the proxy port on
the Host they DO work as expected. This tells me that the
network links are all working. Its just ICS that fails.

I prefer not to continue using the third-party proxy as I
wish to enable the AVG auto-update (not supported by the
proxy) and other programs . I have no (simple) way of
enabling non-HTTP access across my LAN without ICS.

-cheers Landau
 
Back
Top