Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4225
Views
10
Helpful
33
Replies

Application not working when Switch/router as Gateway

Go to solution
faamin011
Level 1
Level 1

‎11-13-2012 05:21 AM - edited ‎03-07-2019 10:00 AM

In change network topology, we are going to assign PC's Gateway as Switch (3750X) IP Address rather than server IP Address. Currently we have configured all Sytems's Gateway is Internet Server IP Address which we are going to replace with Switch IP as Gateway.


See the result when I have Server as Gateway

C:\Users\fahadamin>ping www.teamviewer.com

Pinging www.teamviewer.com [46.163.100.220] with 32 bytes of data:
Reply from 46.163.100.220: bytes=32 time=190ms TTL=110
Reply from 46.163.100.220: bytes=32 time=188ms TTL=110

Ping statistics for 46.163.100.220:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 188ms, Maximum = 190ms, Average = 189ms

See when I change Switch/router IP as gateway

C:\Users\fahadamin>ping www.teamviewer.com

Pinging www.teamviewer.com [46.163.100.220] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 46.163.100.220:
    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Issue is while connecting specific application like team viewer in which application tried to send keepalive message to the live server and in case of switch/router IP as gateway. Connection doesn't established. However it is working fine when Internet Server IP treated as gateway.

Please advice, no ACL or blockage implemented on Switch

Labels:
0 Helpful
33 Replies 33

Go to solution
Abzal
Level 7
Level 7
In response to faamin011

‎11-24-2012 07:17 AM

Hi Fahad,

Try this one, ACL need to be changed as per your requierement. I need to add your users and managers IP addresses.

time-range Users

periodic weekdays 09:00 to 10:00

periodic weekdays 19:00 to 21:00

ip access-list extended Users

permit ip host 10.10.50.10 any time-range Users

permit ip host 10.10.50.20 any time-range Users

ip access-list extended Managers

permit ip host 10.10.50.30 any

permit ip host 10.10.50.40 any

route-map PBR permit 10

match ip address Users

set ip next-hop 10.10.10.59

route-map PBR permit 20

match ip address Managers

set ip next-hop 10.10.10.61

int vlan 1

ip add 10.10.50.1 255.255.0.0

ip policy route-map PBR

Hope it will help.

Best regards,
Abzal
0 Helpful

Go to solution
faamin011
Level 1
Level 1
In response to Abzal

‎11-24-2012 12:32 PM

Good approach but in presence of application firewal I don't think we need to configure timebase acl on router,this

work can better manage by TMG firewall and another main issue will be that we have to permit every host to both servers which we r"couldn't able to do with this approach. Also we can't rely host base acls specially in dhcp environment. Yes, subnets we can restrict or permit.

I have two main concerns only,

Every host should have both server access on network level, yes we apply permissions on application level.

Once I shifted both public networks to L3 then how traffic will route towards both.one default route will only route traffic to one service provider.

Pls advice, also tell me any other idea if u have to solve this delimea

0 Helpful

Go to solution
faamin011
Level 1
Level 1
In response to faamin011

‎11-25-2012 03:54 AM

Please respond

0 Helpful

Go to solution
Abzal
Level 7
Level 7
In response to faamin011

‎11-25-2012 08:45 AM

You can put servers on different VLAN and put hosts on those VLANs. Then just change PBR. If you want you can delete time-range.

Abzal

Best regards,
Abzal
0 Helpful
Customers Also Viewed These Support Documents