Routing problem, proprietary equipment

[Guest]

I have a network with 2 sites and a Cisco router at each site. The network
at the main site is 192.168.1.x & the network at the second site is
192.168.2.x. All existing routing is working correctly.

My problem is that I have a proprietary piece of equipment at the
192.168.2.x site that needs to run with the IP address 192.168.1.35. It is
connected to a PC that controls the equipment. I also need to get this PC
connected to the network and make it remote controllable to the workstations
on the 192.168.1.x net.

It was suggested to me by the manufacturer that I might be able to run 2
NIC's in the PC that controls this equipment. I did drop a 2nd NIC in the PC
but cannot figure out if there is any way to force the routing to deal to
with the same network number located in two different places.

Does anyone know of a way to make this work?

Am I going to be hosed until I change my networking scheme so that it allows
this piece of equipment to run on its own network subnet so that routing
works?

Any thoughts would be appreciated. I can also provide more information on
how this PC is currently configured.

Thanks,

Gary Drost

 

[Phillip Windell]

Am I going to be hosed until I change my networking scheme so that it allows
this piece of equipment to run on its own network subnet so that routing
works?

You will always be "hosed" there because you can never rework your
networking scheme to accomidate that since the other remote network is
already using that Subnet.

It was suggested to me by the manufacturer that I might be able to run 2
NIC's in the PC that controls this equipment. I did drop a 2nd NIC in the PC
but cannot figure out if there is any way to force the routing to deal to
with the same network number located in two different places.

Does anyone know of a way to make this work?

Depends on if just the one PC needs to work with it or it the whole network
needs to work with it,...that is not the same thing.

[If only the one PC uses the device]
1. Let's say the Device is 192.168.1.1
2. Lets say the PC's nic you added is 192.168.1.2
3. The route in the routing table would be this

"route add -p 192.168.1.2 mask-255.255.255.255 int-192.168.1.1"

This tells it that anything destined for the *specific* address of
192.168.1.1 (the Device) is supposed to use Outbound Interface 192.168.1.2.
This will not bother your normal routing to the remote Subnet of 192.168.1.*
except for the one address of 192.168.1.1 which would never be reachable on
that path for that one PC.

----------------------------------------------------------------------------
------

[If the whole network uses the device]
1. Setup a NAT Device between the LAN and this "Device".
2. Use Static NAT to "publish" the Device to your LAN.
3. The IP# of the NAT device will be used to access the Device instead of it
"true" IP#.

You can use a Hardware NAT Device or build a NAT Server using windows Server
with RRAS (http://support.microsoft.com/default.aspx?scid=kb;en-us;816581).

 

[BobC]

You will always be "hosed" there because you can never rework your
networking scheme to accomidate that since the other remote network is
already using that Subnet.

Point to point vpn routers such as the ...318 can handle the same subnet at
both ends. Each end is uniquely identified so that when routing to
192.168.0.50 for example, and it exists on both networks, the router knows
which end it should use.

Sorry I can't remember the model number of the router referred to above.

 

[BobC]

Point to point vpn routers such as the ...318 can handle the same subnet at
both ends. Each end is uniquely identified so that when routing to
192.168.0.50 for example, and it exists on both networks, the router knows
which end it should use.

Sorry I can't remember the model number of the router referred to above.

I think its a the netgear fvs318

 

[Guest]

Phillip:

I think that that is way I need to go. Remote users in the 192.168.1.x
subnet need to access the PC but not the device beyond it.

So the device is 192.168.1.35 & the corresponding NIC in the PC is
192.168.1.36. The second NIC in the PC will be 192.168.2.151 and this NIC
will be connected to the local network at the second site with the
192.168.2.x subnet. I will then add the route command to its' table so that
it knows that the device is connected to its one NIC and ALL other
192.168.1.x traffic will go out the 192.168.2.151 NIC and get handled by the
router (as I understand it).

I will test this tomorrow and let you know what transpires.

Thanks,

Gary Drost

Am I going to be hosed until I change my networking scheme so that it allows
this piece of equipment to run on its own network subnet so that routing
works?

You will always be "hosed" there because you can never rework your
networking scheme to accomidate that since the other remote network is
already using that Subnet.

It was suggested to me by the manufacturer that I might be able to run 2
NIC's in the PC that controls this equipment. I did drop a 2nd NIC in the PC
but cannot figure out if there is any way to force the routing to deal to
with the same network number located in two different places.

Does anyone know of a way to make this work?

Depends on if just the one PC needs to work with it or it the whole network
needs to work with it,...that is not the same thing.

[If only the one PC uses the device]
1. Let's say the Device is 192.168.1.1
2. Lets say the PC's nic you added is 192.168.1.2
3. The route in the routing table would be this

"route add -p 192.168.1.2 mask-255.255.255.255 int-192.168.1.1"

This tells it that anything destined for the *specific* address of
192.168.1.1 (the Device) is supposed to use Outbound Interface 192.168.1.2.
This will not bother your normal routing to the remote Subnet of 192.168.1.*
except for the one address of 192.168.1.1 which would never be reachable on
that path for that one PC.

----------------------------------------------------------------------------
------

[If the whole network uses the device]
1. Setup a NAT Device between the LAN and this "Device".
2. Use Static NAT to "publish" the Device to your LAN.
3. The IP# of the NAT device will be used to access the Device instead of it
"true" IP#.

You can use a Hardware NAT Device or build a NAT Server using windows Server
with RRAS (http://support.microsoft.com/default.aspx?scid=kb;en-us;816581).

 

[Neteng]

Put a NAT device in front of the proprietary piece of equipment. You can
then make the network appear as 192.168.255.0 or whatever you like.

 

[Guest]

Phillip:

The changes have been working great. The proprietary equipment did not need
to have the IP address changed and it appears that all routing is working
correctly.

Thank you for your excellent advice. I knew that that was where I needed to
make some tweaks but could not figure out exactly how to do it.

Gary

Am I going to be hosed until I change my networking scheme so that it allows
this piece of equipment to run on its own network subnet so that routing
works?

You will always be "hosed" there because you can never rework your
networking scheme to accomidate that since the other remote network is
already using that Subnet.

It was suggested to me by the manufacturer that I might be able to run 2
NIC's in the PC that controls this equipment. I did drop a 2nd NIC in the PC
but cannot figure out if there is any way to force the routing to deal to
with the same network number located in two different places.

Does anyone know of a way to make this work?

Depends on if just the one PC needs to work with it or it the whole network
needs to work with it,...that is not the same thing.

[If only the one PC uses the device]
1. Let's say the Device is 192.168.1.1
2. Lets say the PC's nic you added is 192.168.1.2
3. The route in the routing table would be this

"route add -p 192.168.1.2 mask-255.255.255.255 int-192.168.1.1"

This tells it that anything destined for the *specific* address of
192.168.1.1 (the Device) is supposed to use Outbound Interface 192.168.1.2.
This will not bother your normal routing to the remote Subnet of 192.168.1.*
except for the one address of 192.168.1.1 which would never be reachable on
that path for that one PC.

----------------------------------------------------------------------------
------

[If the whole network uses the device]
1. Setup a NAT Device between the LAN and this "Device".
2. Use Static NAT to "publish" the Device to your LAN.
3. The IP# of the NAT device will be used to access the Device instead of it
"true" IP#.

You can use a Hardware NAT Device or build a NAT Server using windows Server
with RRAS (http://support.microsoft.com/default.aspx?scid=kb;en-us;816581).

 

[Phillip Windell]

Very good sir!

Good luck with it.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp
-----------------------------------------------------

Phillip:

The changes have been working great. The proprietary equipment did not need
to have the IP address changed and it appears that all routing is working
correctly.

Thank you for your excellent advice. I knew that that was where I needed to
make some tweaks but could not figure out exactly how to do it.

Gary

Am I going to be hosed until I change my networking scheme so that it allows
this piece of equipment to run on its own network subnet so that routing
works?

You will always be "hosed" there because you can never rework your
networking scheme to accomidate that since the other remote network is
already using that Subnet.

It was suggested to me by the manufacturer that I might be able to run 2
NIC's in the PC that controls this equipment. I did drop a 2nd NIC in

the
PC

but cannot figure out if there is any way to force the routing to deal to
with the same network number located in two different places.

Does anyone know of a way to make this work?

Depends on if just the one PC needs to work with it or it the whole network
needs to work with it,...that is not the same thing.

[If only the one PC uses the device]
1. Let's say the Device is 192.168.1.1
2. Lets say the PC's nic you added is 192.168.1.2
3. The route in the routing table would be this

"route add -p 192.168.1.2 mask-255.255.255.255 int-192.168.1.1"

This tells it that anything destined for the *specific* address of
192.168.1.1 (the Device) is supposed to use Outbound Interface 192.168.1.2.
This will not bother your normal routing to the remote Subnet of 192.168.1.*
except for the one address of 192.168.1.1 which would never be reachable on
that path for that one PC.

--------------------------------------------------------------------------

--

------

[If the whole network uses the device]
1. Setup a NAT Device between the LAN and this "Device".
2. Use Static NAT to "publish" the Device to your LAN.
3. The IP# of the NAT device will be used to access the Device instead of it
"true" IP#.

You can use a Hardware NAT Device or build a NAT Server using windows Server
with RRAS (http://support.microsoft.com/default.aspx?scid=kb;en-us;816581).