Multiple Gateways

[Guest]

I have a Nortel 1100 contivity box connected to my network with an IP address
of 10.10.40.5/24 that's in one of my vlans. It connected to vlan 40. The IP
address/router of vlan 40 is 10.10.40.1/24. Now, if I manually enter an IP
address and Subnet mask and default gateway; ex: 10.10.40.15/24 GW
10.10.40.5, I can see and ping the remote network on the other end of the
Nortel box. However, I can't see or ping anything other than devices on the
10.10.40.0 network. If I try and add another GW < 10.10.40.1 >in the Advanced
TCP/IP properties on the nic I still can't see outside the 10.10.40.0
network. If I put the 10.10.40.1 GW as first then I can see beyond the
10.10.40.0 network but not anything on the remote network behind the Nortel
box. So, having both GW's on the nic doesn't work out. Is there anyway I can
make a change on the PC?

 

[Phillip Windell]

There can only be one Default Gateway. It will always point to the internet
direction. The other Nic(s) will always have blank default gateways.

With all the IP#s scattered around in your post it just makes me dizzy.
Never heard of a Nortel 1100 conectivity box,..that could be a router?, a
nat device?, heck I wouldn't know.

Let's simplify this. You have a 10.10.40.x network. Since you have others
(you have VLANs?) then lets say you have at least one other one called
10.10.50.x.

It does not mean anything if it is VLANs or Physcial LANs, nothing changes,
the principles are the same,...you just have to think accoriding to the
"logical" world rather than "physical".

You then have something acting as a LAN Router and something acting as an
Internet Sharing Device. So you have this:

<10.10.50.x>
|
[LAN Router]
|
<10.10.40.>
|
[Inet Sharing Device]
|
<Internet-land>

It goes like this:

1. All hosts on the network use the LAN Router as the Default Gateway. They
use the respective LAN Router IP# according to the Subnet they are in.

2. The LAN Router uses the Inet Sharing Device as its Default Gateway.

3. The Internet Sharing Device uses the ISP's Router as its Default Gateway.
It then has a Static Route for LAN 10.10.50.x. Assuming the LAN Router IP#
on that side was 10.10.40.2, the command would be similar to this:

net 10.10.50.0 mask 255.255.255.0 gateway 10.10.40.2

the Internet Sharing Device would also have a LAT (Local Address Table) and
it would contain *all* the LAN IP Ranges,...such as:

10.10.40.0 - 10.10.40.255
10.10.50.0 - 10.10.50.255

Or you could cover the whole range in one shot by doing one of these two
choices:

10.0.0.0 -- 10.255.255.255
10.0.0.0 -- 10.0.255.255

There are a couple other possiblities, but this should suffice.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp

 

[Guest]

The Nortel box is a type of router, so the 10.10.40.5 ip is a Gateway. to a
remote network. Also, I have 10.10.40.1 as the GW fto the rest of my
internal network. Basically, can I have two GW's defined so I can access both
networks?
Dave

There can only be one Default Gateway. It will always point to the internet
direction. The other Nic(s) will always have blank default gateways.

With all the IP#s scattered around in your post it just makes me dizzy.
Never heard of a Nortel 1100 conectivity box,..that could be a router?, a
nat device?, heck I wouldn't know.

Let's simplify this. You have a 10.10.40.x network. Since you have others
(you have VLANs?) then lets say you have at least one other one called
10.10.50.x.

It does not mean anything if it is VLANs or Physcial LANs, nothing changes,
the principles are the same,...you just have to think accoriding to the
"logical" world rather than "physical".

You then have something acting as a LAN Router and something acting as an
Internet Sharing Device. So you have this:

<10.10.50.x>
|
[LAN Router]
|
<10.10.40.>
|
[Inet Sharing Device]
|
<Internet-land>

It goes like this:

1. All hosts on the network use the LAN Router as the Default Gateway. They
use the respective LAN Router IP# according to the Subnet they are in.

2. The LAN Router uses the Inet Sharing Device as its Default Gateway.

3. The Internet Sharing Device uses the ISP's Router as its Default Gateway.
It then has a Static Route for LAN 10.10.50.x. Assuming the LAN Router IP#
on that side was 10.10.40.2, the command would be similar to this:

net 10.10.50.0 mask 255.255.255.0 gateway 10.10.40.2

the Internet Sharing Device would also have a LAT (Local Address Table) and
it would contain *all* the LAN IP Ranges,...such as:

10.10.40.0 - 10.10.40.255
10.10.50.0 - 10.10.50.255

Or you could cover the whole range in one shot by doing one of these two
choices:

10.0.0.0 -- 10.255.255.255
10.0.0.0 -- 10.0.255.255

There are a couple other possiblities, but this should suffice.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp
-----------------------------------------------------

I have a Nortel 1100 contivity box connected to my network with an IP address
of 10.10.40.5/24 that's in one of my vlans. It connected to vlan 40. The IP
address/router of vlan 40 is 10.10.40.1/24. Now, if I manually enter an IP
address and Subnet mask and default gateway; ex: 10.10.40.15/24 GW
10.10.40.5, I can see and ping the remote network on the other end of the
Nortel box. However, I can't see or ping anything other than devices on the
10.10.40.0 network. If I try and add another GW < 10.10.40.1 >in the Advanced
TCP/IP properties on the nic I still can't see outside the 10.10.40.0
network. If I put the 10.10.40.1 GW as first then I can see beyond the
10.10.40.0 network but not anything on the remote network behind the Nortel
box. So, having both GW's on the nic doesn't work out. Is there anyway I can
make a change on the PC?

 

[Guest]

No, you can only define 1 gateway. You will need to setup a route to the
second network.

The Nortel box is a type of router, so the 10.10.40.5 ip is a Gateway. to a
remote network. Also, I have 10.10.40.1 as the GW fto the rest of my
internal network. Basically, can I have two GW's defined so I can access both
networks?
Dave

There can only be one Default Gateway. It will always point to the internet
direction. The other Nic(s) will always have blank default gateways.

With all the IP#s scattered around in your post it just makes me dizzy.
Never heard of a Nortel 1100 conectivity box,..that could be a router?, a
nat device?, heck I wouldn't know.

Let's simplify this. You have a 10.10.40.x network. Since you have others
(you have VLANs?) then lets say you have at least one other one called
10.10.50.x.

It does not mean anything if it is VLANs or Physcial LANs, nothing changes,
the principles are the same,...you just have to think accoriding to the
"logical" world rather than "physical".

You then have something acting as a LAN Router and something acting as an
Internet Sharing Device. So you have this:

<10.10.50.x>
|
[LAN Router]
|
<10.10.40.>
|
[Inet Sharing Device]
|
<Internet-land>

It goes like this:

1. All hosts on the network use the LAN Router as the Default Gateway. They
use the respective LAN Router IP# according to the Subnet they are in.

2. The LAN Router uses the Inet Sharing Device as its Default Gateway.

3. The Internet Sharing Device uses the ISP's Router as its Default Gateway.
It then has a Static Route for LAN 10.10.50.x. Assuming the LAN Router IP#
on that side was 10.10.40.2, the command would be similar to this:

net 10.10.50.0 mask 255.255.255.0 gateway 10.10.40.2

the Internet Sharing Device would also have a LAT (Local Address Table) and
it would contain *all* the LAN IP Ranges,...such as:

10.10.40.0 - 10.10.40.255
10.10.50.0 - 10.10.50.255

Or you could cover the whole range in one shot by doing one of these two
choices:

10.0.0.0 -- 10.255.255.255
10.0.0.0 -- 10.0.255.255

There are a couple other possiblities, but this should suffice.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp
-----------------------------------------------------

I have a Nortel 1100 contivity box connected to my network with an IP address
of 10.10.40.5/24 that's in one of my vlans. It connected to vlan 40. The IP
address/router of vlan 40 is 10.10.40.1/24. Now, if I manually enter an IP
address and Subnet mask and default gateway; ex: 10.10.40.15/24 GW
10.10.40.5, I can see and ping the remote network on the other end of the
Nortel box. However, I can't see or ping anything other than devices on the
10.10.40.0 network. If I try and add another GW < 10.10.40.1 >in the Advanced
TCP/IP properties on the nic I still can't see outside the 10.10.40.0
network. If I put the 10.10.40.1 GW as first then I can see beyond the
10.10.40.0 network but not anything on the remote network behind the Nortel
box. So, having both GW's on the nic doesn't work out. Is there anyway I can
make a change on the PC?

 

[Phillip Windell]

The Nortel box is a type of router, so the 10.10.40.5 ip is a Gateway. to a
remote network. Also, I have 10.10.40.1 as the GW fto the rest of my
internal network.

"Gateway to a remote network" is too vague. That still does not indicate
whether it doubles as a NAT-based Firewall or if it is just a LAN
Router,...the Internet is a "remote network" as well. However a "remote
network" can still be a "local private network" or it can be a "non-local
non-private public network", so geography is almost meaningless. I have
only seen one network in this entire discussion (10.10.40.x).

Basically, can I have two GW's defined so I can access both
networks?

No you can't. Unless you mean a GW that is based on a Specific Static Route
or a Route determined by Dynamic Routing Protocols (RIP, IGRP, EIGRP, etc.

My last post gives the exact outline of the prinicples for most average
situations. There isn't a prayer of me doing any more with that with such a
vague description of the network design.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp
-----------------------------------------------------

 

[Guest]

Thanks, I setup a route to the other network and all is working well.

Thanks!
Dave

No, you can only define 1 gateway. You will need to setup a route to the
second network.

The Nortel box is a type of router, so the 10.10.40.5 ip is a Gateway. to a
remote network. Also, I have 10.10.40.1 as the GW fto the rest of my
internal network. Basically, can I have two GW's defined so I can access both
networks?
Dave

There can only be one Default Gateway. It will always point to the internet
direction. The other Nic(s) will always have blank default gateways.

With all the IP#s scattered around in your post it just makes me dizzy.
Never heard of a Nortel 1100 conectivity box,..that could be a router?, a
nat device?, heck I wouldn't know.

Let's simplify this. You have a 10.10.40.x network. Since you have others
(you have VLANs?) then lets say you have at least one other one called
10.10.50.x.

It does not mean anything if it is VLANs or Physcial LANs, nothing changes,
the principles are the same,...you just have to think accoriding to the
"logical" world rather than "physical".

You then have something acting as a LAN Router and something acting as an
Internet Sharing Device. So you have this:

<10.10.50.x>
|
[LAN Router]
|
<10.10.40.>
|
[Inet Sharing Device]
|
<Internet-land>

It goes like this:

1. All hosts on the network use the LAN Router as the Default Gateway. They
use the respective LAN Router IP# according to the Subnet they are in.

2. The LAN Router uses the Inet Sharing Device as its Default Gateway.

3. The Internet Sharing Device uses the ISP's Router as its Default Gateway.
It then has a Static Route for LAN 10.10.50.x. Assuming the LAN Router IP#
on that side was 10.10.40.2, the command would be similar to this:

net 10.10.50.0 mask 255.255.255.0 gateway 10.10.40.2

the Internet Sharing Device would also have a LAT (Local Address Table) and
it would contain *all* the LAN IP Ranges,...such as:

10.10.40.0 - 10.10.40.255
10.10.50.0 - 10.10.50.255

Or you could cover the whole range in one shot by doing one of these two
choices:

10.0.0.0 -- 10.255.255.255
10.0.0.0 -- 10.0.255.255

There are a couple other possiblities, but this should suffice.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp
-----------------------------------------------------




I have a Nortel 1100 contivity box connected to my network with an IP
address
of 10.10.40.5/24 that's in one of my vlans. It connected to vlan 40. The
IP
address/router of vlan 40 is 10.10.40.1/24. Now, if I manually enter an IP
address and Subnet mask and default gateway; ex: 10.10.40.15/24 GW
10.10.40.5, I can see and ping the remote network on the other end of the
Nortel box. However, I can't see or ping anything other than devices on
the
10.10.40.0 network. If I try and add another GW < 10.10.40.1 >in the
Advanced
TCP/IP properties on the nic I still can't see outside the 10.10.40.0
network. If I put the 10.10.40.1 GW as first then I can see beyond the
10.10.40.0 network but not anything on the remote network behind the
Nortel
box. So, having both GW's on the nic doesn't work out. Is there anyway I
can
make a change on the PC?