02-07-2006 02:55 AM - edited 02-21-2020 12:41 AM
I just make a VPN site-to-site (two cisco series 800) using GRE Tunneling
The first network A is 192.168.1.0/24 with windows 2003 domain server, and second network B is 192.168.34.0/24 with only client connected to internet and throught vpn site-to-site to network A.
Now in network A i have also an as400 and i can use it without problem in network B, also i can ping in network B windows 2003 server, but of course i can not use share folder on windows 2003.
They are unfindable. On network B i use also as DNS server Windows 2003 server on network A and it works perfect, but when i try to do \\namewin2003\sharefoldername it says me that is unfindable. So i activate Wins server on Windows 2003 and on client of network B but nothing.
Please I now I'm a newbie, but good advice could help me
thanks a lot!
02-07-2006 06:34 AM
I believe the issue is that you are trying to use Windows functions between subnets. The devices in network B are using broadcasts to try to find the server, but the broadcasts are not forwarded between subnets. The way to fix this is to configure on the interface for network B this command:
This will do forwarding of the Windows broadcasts and should allow the devices in network B to use the server in network A.
02-07-2006 09:24 AM
Thanks a lot Rick, for your fast reply, tomorrow it will be the first thing i'll try do! :)
Anyway i have other problem i would like to explain to you, if you can and have time to give me some advice :)
The network A have a different gw instead of router A it has a linux firewall box. Network B instead has rotuer B as gw.
I put a route table on linux gw (route add -net 192.168.34.0 netmask 255.255.255.0 gw 192.168.1.72) where gw is the router A.
Indeed if i ping from net A a client of net B i see linux routing packet throught router A->Tunneling->Router B at the end reach the right computer on net B.
That's perfect! But if i try to do the same from a computer of Net B it is unable to ping any host of net A. But if I set as default gw router A instead of linux fw all works fine! But i can't change all default gw on network A!
thanks again for all your time you waste reading my stupid question.
02-07-2006 01:28 PM
I am slightly confused. I believe that your original post said that clients in network B could access devices in network A (as400, DNS, etc) but now you seem to be saying that they can not.
In spite of my being confused I will take a guess at the solution. I believe you said that when you add a route to the Linux for network B things work better. I am guessing that you may need to add a route for network A on the router that is the gateway for network B.
If that does not help then perhaps you could explain a bit more about the problem.
02-08-2006 01:02 AM
Rick, first of all thank you very much with ip helper-address everythings works perfect!!
My last question now is not so importat cause any services that i need to use now works!
But anyway i try to explain you in a few words, my secondary problem:
network A 192.168.1.0/24 default gw 192.168.1.254
network B 192.168.34.0/24 default gw 192.168.34.254
network A gw is linux box firewall
network B gw is cisco 800 series
Network A cisco series VPN is 192.168.1.72
Network A linux fw has a route table for net 192.168.34.0/24 to route to 192.168.1.72 cisco vpn
in this configuration if i'm in net A and ping a client in net B it works.
If i'm in net B and ping a client in net A it desn't work, but if i put a route table to the host A i'm trying to ping then it replies.
But i can't change default gw of any clients in net A, i suppose that with routing table on linux everything should work, but i'm wrong :/
thanks again for your help!
02-08-2006 06:18 AM
I am glad that the helper address configuration solved your major problem.
I am still a bit puzzled about parts of the remaining problem. I understand that network A clients have their default gateway as the Linux firewall and that the Linux firewall has been configured with a route to network B with router A as the next hop. I understand that there is a VPN connection between router A and router B. I understand that clients in network B are configured with router B as their default gateway. You say that machines in network A can successfully ping clients in network B but clients in network B can not ping machines in network A. I do not quite understand your statement about what makes it work: "but if i put a route table to the host A i'm trying to ping then it replies". Which route table are you adding it to?
02-08-2006 06:50 AM
hi rick, sorry probably it's my bad english!
i mean that if i add other route table to a host in network A:
route add 192.168.34.0 gw 192.168.1.72
(there is also the default that is 0.0.0.0 gw 192.168.1.254)
then this host replies to ping done by host in network B.
hope this time my english is better :)
and thanks a lot again rick
02-08-2006 08:06 AM
I understand that some of us have difficulty with English and hope that does not get in the way of solving problems and sharing knowledge. I appreciate your effort to communicate in English.
I think that I understand better now. I find it quite strange that a machine in network A can ping to clients in network B based on the Linux firewall having a route defined to network B but that machines in network A can not respond to ping from B unless they define a local route to B. This makes me think that there may be something on the firewall that is causing the behavior. Is there a rule on the firewall that will allow a client in A to initiate a ping but will prevent a ping response from a machine in A going to B?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: