WAN > LAN > VLAN (Application)

Create Share · ‎11-28-2015

Hi!

1. Server with two NICs.

2. WAN (Public IP), connected directly to ISP Router.

3. LAN (192.168.1.2) Default Gateway (192.168.1.1 Cisco Swtich), connected to a cisco switch.

4. The application client installed on the server connects to a Database server at (192.168.2.2) Default Gateway (192.168.2.1 Cisco Switch).

5. The vlans are configured on a cisco switch.

6. If we use default gateways on both of the interfaces then only on network can be accessed. Adding a static route did not work.

Any Solution?

Thanks.

Masoud Pourshabanian · ‎11-28-2015

Hello,

On server use only one gateway on WAN(public IP)

for internal access, set a route on server toward your client.

Open CMD on your server and type

route add [your clients] mask 255.255.255.0 192.168.1.1

use -p for permanant route

route add -p 192.168.2.0 mask 255.255.255.0 192.168.1.1

Masoud

Create Share · ‎11-28-2015

I think i added the wrong route.

route add 192.168.2.0 mask 255.255.255.0 192.168.2.1

it should be

route add 192.168.2.0 mask 255.255.255.0 192.168.1.1

Right?

Masoud Pourshabanian · ‎11-28-2015

That is right. add option -p to make it permanent.

route add -p 192.168.2.0 mask 255.255.255.0 192.168.1.1

Masoud

Create Share · ‎11-28-2015

will try. Thanks.

Masoud Pourshabanian · ‎11-28-2015

Please give me feedback after trying,

Masoud

Create Share · ‎11-30-2015

Didn't work.

After adding the static route i ran

tracert 192.168.2.2 and it tried to reach it through the WAN interface.

There is a default route shown in route print

0.0.0.0 0.0.0.0 wan ip Default

Can it cause this problem?

Masoud Pourshabanian · ‎11-30-2015

No, default route is not a problem

Can you ping 192.168.1.1 on server?

Try to see windows routing table with this command and post the output on CMD

Route print

Masoud

Create Share · ‎11-30-2015

This is without adding static route

Active Routes:
Network Destination        Netmask          Gateway       Interface Metric
          0.0.0.0          0.0.0.0    WAN Router IP           Wan IP    276
      wan subnet     255.255.255.0         On-link            Wan IP    276
           Wan IP 255.255.255.255         On-link            Wan IP    276
        wanip.255 255.255.255.255         On-link            Wan IP    276
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1 255.255.255.255         On-link         127.0.0.1    306
127.255.255.255 255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link       192.168.1.2     21
    192.168.0.255 255.255.255.255         On-link       192.168.1.2    276
      192.168.1.0    255.255.255.0         On-link       192.168.1.2    276
      192.168.1.2 255.255.255.255         On-link       192.168.1.2    276
    192.168.1.255 255.255.255.255         On-link       192.168.1.2    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link            Wan IP    276
        224.0.0.0        240.0.0.0         On-link       192.168.1.2    276
255.255.255.255 255.255.255.255         On-link         127.0.0.1    306
255.255.255.255 255.255.255.255         On-link            Wan IP    276
255.255.255.255 255.255.255.255         On-link       192.168.1.2    276
===========================================================================
Persistent Routes:
Network Address          Netmask Gateway Address Metric
          0.0.0.0          0.0.0.0    wan Route ip   Default

This is after adding gateway also on lan interface

Active Routes:
Network Destination        Netmask          Gateway       Interface Metric
          0.0.0.0          0.0.0.0    WAN Router IP           Wan IP    276
   0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.2    276
      wan subnet     255.255.255.0         On-link            Wan IP    276
           Wan IP 255.255.255.255         On-link            Wan IP    276
        wanip.255 255.255.255.255         On-link            Wan IP    276
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1 255.255.255.255         On-link         127.0.0.1    306
127.255.255.255 255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link       192.168.1.2     21
    192.168.0.255 255.255.255.255         On-link       192.168.1.2    276
      192.168.1.0    255.255.255.0         On-link       192.168.1.2    276
      192.168.1.2 255.255.255.255         On-link       192.168.1.2    276
    192.168.1.255 255.255.255.255         On-link       192.168.1.2    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link            Wan IP    276
        224.0.0.0        240.0.0.0         On-link       192.168.1.2    276
255.255.255.255 255.255.255.255         On-link         127.0.0.1    306
255.255.255.255 255.255.255.255         On-link            Wan IP    276
255.255.255.255 255.255.255.255         On-link       192.168.1.2    276
===========================================================================
Persistent Routes:
Network Address          Netmask Gateway Address Metric
          0.0.0.0          0.0.0.0    wan Route ip   Default
          0.0.0.0          0.0.0.0     192.168.1.1    Default

Masoud Pourshabanian · ‎11-30-2015

Remove the LAN gateway. It does not work. I do not see route for 192.168.2.0 in the routing table. Do you get any error when you add it?

route add -p 192.168.2.0 mask 255.255.255.0 192.168.1.1

Create Share · ‎11-30-2015

After disabling Gateway on Lan i was unable to ping 192.168.2.2.

Then i tried to ping 192.168.2.1 and it worked.

Then i tried to ping another pc on the same network 192.168.2.101 and it worked.

Lastly, i tried 192.168.2.2 again and it also worked without adding static route.

Strange?

Can it be due to the router config?

Masoud Pourshabanian · ‎11-30-2015

It might be.

But my suggestion is trying to fix the static route. If it sits inside the routing table, your problem would be solved. It is really easy to add static route. Try that static route one more time and let me know if you get any error.

Masoud

Create Share · ‎11-30-2015

route add -p 192.168.2.0 mask 255.255.255.0 192.168.1.1

Masoud Pourshabanian · ‎11-28-2015

Adding to my previous command.

How did you add static route? Please post your command.

Ganesh Hariharan · ‎12-01-2015

Hello ,

You cannot use default gateway for both NIC's, There would be only on default gateway in NIC for production traffic and the other NIC would be having ip address and subnet mask but without gateway.

You need to decide what route shoudl go via second NIC so that the server is maintaing symmterry in traffic communications.

Hope it Helps..

-GI