Routin with 2 routers...

  • Thread starter Thread starter Teo\(I\)
  • Start date Start date
T

Teo\(I\)

Hi all,
I've this problem, I hope someone can solve the situation...

I've 1 server with 1 NIC with this setting:
IP 10.0.0.10
Subnet 255.0.0.0

Now I've 2 Gateways
Router A 10.0.0.251
Firewall B 10.0.0.253

I need to delivery all internet traffic on Router A so I've set as default
gateway 10.0.0.251

Now THE PROBLEM!!! the Firewall B is a Firwall with LAN interface on
10.0.0.253 and WAN interface on a pubblic IP.
I've setting SUA on this firewall to redire all the traffica incomin on WAN
interface (port 80) to the internal NATTING server 10.0.0.10:80... where
I've IIS installed...

The problem is to set as gateway on the server the Firewall B but only for
the traffic of Firewall B.
the actual route table ave a default route:
0.0.0.0 0.0.0.0 10.0.0.251 METRIC 1

If I add this route:
[my remote office pubblic IP] 255.255.255.255 10.0.0.253 METRIC 1
I can from my remote office reach the IIS, buot from other pubblic IP no!!!

How can I solve this situation???

thank!!
Teo
 
You cannot do that. The default route will point to one gateway or the
other. It can't point to both! If you specify two, the machine will pick one
of them and ignore the other. So either your Internet access works or your
web server works.

You will need to modify your network config so that all traffic goes to
one gateway (either the router or the firewall) first. There is no way that
your machine can know where a packet came from and sent it back the same
way. You cannot use static routing, because you do not know what source IP
address the HTTP request came from.
 
OK but If I set as default Gateway The Firewall instead of the router and I
create in the firewall a default route:

0.0.0.0 0.0.0.0 ==>> Go to ROUTER

I don't solve the problem...

the Packets reach the WAN firewall... will be delivery to the internal
Server... the internal server reply to default gateway (firewall) but
now????? the firewall route to the ROUTER and not to the WAN Firewall!!!!

I can solve the problem installing a second NIC on the server so the
firewall may be route to second nic, anche the second nic may have as
gateway the firewall....
 
No, you can't solve it by putting a second NIC in the machine. A machine
can only have one default gateway, not one for each NIC. You will only make
things worse.
 
Why can't you get to the Internet via the firewall? What is on the other
side of it?

Where do the requests to your IIS server come from? Do they come from
the Internet of from a company LAN?
 
Mmmmm no Bill!!! Are you sure????

I've just installed a second NIC with a differente subnet and a different
gataway... It work properly!!!

Bye
 
Back
Top