Test Networks Can't See Internet

  • Thread starter Thread starter Nordic
  • Start date Start date
N

Nordic

Hello:

I could use some assistance diagnosing a routing problem. I have two test
environments that cannot connect to the Internet. Here is the setup (sorry, not
so good at ASCII diagrams):


LAN_A -- (e0) RRAS_A (e1) <----
| |
VPN --> (e0) LinksysRouter (e1) <----> Internet
| |
LAN_B -- (e0) RRAS_B (e1) <----
|
|
ProductionLAN

ProductionLAN: 192.168.90.0/24
RRAS_A e0: 192.168.200.1/24
RRAS_A e1: 192.168.90.6/24
RRAS_B e0: 192.168.210.1/24
RRAS_B e1: 192.168.90.5/24
LinksysRouter e0: 192.168.90.1/24
LinksystRouter e1: <public IP address>
Demand-dial PPTP VPN exists between RRAS_A and RRAS_B
All RRAS is Windows Server 2003
A static route on RRAS_A force packets destined for LAN_B over the VPN; and
vice-versa.

LAN_A can ping anything on B and ProductionLAN but NOT the Internet.
LAN_B can ping anything on A and ProductionLAN but NOT the Internet.
ProductionLAN can ping the Internet but NOT A or B.
Neither RRAS machine can ping the Internet.
Any ping that fails does so with "Request Timed Out"

Any thoughts on how to go about diagnosing this problem? Thanks.
 
To get to the A and B sites from the production LAN (and the
Internet) you will need extra static routes on the Linksys router. Its
default route is out to the Internet, so it will not automatically route
traffic for the 192.168.20x subnets to the RRAS routers. You will need to do
that yourself. eg

192.168.200.0 255.255.255.0 192.168.90.6
192.168.210.0 255.255.255.0 192.168.90.5

That should get it working. Traffic to the Internet from A and B will go
first to the RRAS routers then to the Linksys (both by default routing). On
the return journey, the Linksys will forward traffic for the 192.168.20x
subnets to the appropriate RRAS router, which can deliver directly.
 
Thanks, Bill. That is what I thought too. But, I added a static route for
192.168.200.0 and it still fails. The route table from the Linksys is below:

Destination LAN IP Subnet Mask Gateway Interface
<publicIP> 255.255.255.248 0.0.0.0 WAN
(Internet)
192.168.200.0 255.255.255.0 192.168.90.6 LAN & Wireless
192.168.90.0 255.255.255.0 0.0.0.0 LAN & Wireless
0.0.0.0 0.0.0.0 <publicIP> WAN
(Internet)

Do I have that right? Any other thoughts?
 
That looks OK. What is the default gateway setting on the RRAS router?
The "public" NIC should be 192.168.90.1 and the "private" NIC should be
blank.

Where does the routing fail? Have you done a tracert to a public IP from
a 192.168.200 workstation?
 
Thanks, Bill. That was it: the private network Default GW needed to be blank.

Thanks again.

Nordic
 
Back
Top