Need to route among 3 subnets

Similar Messages

• AD authentication for routed local subnet

  Good day,
  I'm testing the addition of a routed local subnet to existing network and seem to be experiencing trouble with AD authentication.
  Primary network:
  Subnet: 192.168.0.0/24
  Default GW: 192.168.0.1
  PDC/DHCP/DNS1: 192.168.0.2
  BDC/DNS2: 192.168.0.3
  Routed network:
  Subnet: 192.168.17.0/24
  Default GW: 192.168.17.1
  DNS1/2: 192.168.0.2/192.168.0.3
  DHCP relay is configured and functioning.
  Primary network gateway has persistent route for subnet 192.168.17.0/24 hopping via router IP 192.168.0.122.
  Ping tests OK both ways and internet is browsable from clients in routed network.
  Problem occurs when clients in routed network attempt to access domain resources in primary network. Using
  net view //test-host results in 5 minute pause and then "Access Denied". Unable to view //test-domain/netlogon
  I have added routed subnet to existing default-first-site in AD Sites and Services.
  I'm certain I'm missing something simple here and will appreciate any advice.

  Hi Christoffer, thanks for your reply.
  There are no firewall rules active between the two subnets, however our primary network gateway is a Forefront TMG MBE firewall. To my knowledge this should not interfere with the inter-subnet routing however there could be access/policy rules that determine
  how TMG (localhost) responds to traffic from routed subnet. Will need to look closely at this if AD authentication is not at fault.
  The nltest queries also seem return successful responses:
  nltest /dsgetdc:[DOMAIN]
  DC: \\[PDC]
  Address: \\192.168.0.2
  Dom Guid: [GUID]
  Dom Name: [DOMAIN]
  Forest Name: [FOREST]
  Dc Site Name: Default-First-Site-Name
  Our Site Name: Default-First-Site-Name
  Flags: PDC GC DS LDAP KDC TIMESERV GTIMESERV WRITABLE DNS_FOREST CLOSE_SITE FULL_SECRET
  nltest /dsgetsite
  Default-First-Site-Name

• Route to subnet not to host

  I am installing a Cisco RV042G router that will handle Internet access at  one location.  There is another location connected to the first location with a T1 . What I want to do is created a route to the remote subnet (across the t1) inside the RVO42G. I understand how to create a route to an individual IP address (host), but I need the entire subnet at the other end of the T1 accessible. By the way, the Internet is reached through a cable modem, and the remote network through the T1. I am installing the RVO42G behind the cable modem so the gateway for this network will be the inside IP of the RVO42G.  I want to advertise that the route to the remote network is through another router attached to the T1.  I want the entire subnet at the other end of the T1 accessible.

  Hey Kevin,
  In addition to what Chris has said,
  You can create a static route in the RV042G router that points to the other end, which will give you access to the entire subnet.
  Lets say the subnet is 172.31.10.0 and your next hop ip address is 10.10.10.2.
  -> Setup
  -> Advanced routing page
  -> click ipv4 tab
  -> static route
  -> Add to List
  -> Destination IP - 172.31.10.0
  -> Subnet mask - 255.255.255.0
  -> Default Gateway - 10.10.10.2
  -> Hop count - X
  -> Interface - Select the interface to use for this route.
  The other end needs the route pointing back to the RV042G's network.
  Here is a link that points the administration guide for the RV042G.
  http://www.cisco.com/c/dam/en/us/td/docs/routers/csbr/rv0xx/administration/guide/rv0xx_AG_78-19576_310513.pdf
  Hope this helps,
  if so, please rate.

• Do I need a router or access point / bridge?

  Hi.  We have a MS small bus server with a software firewall.  It does dhcp and routes traffic so we don't need the router part of the router.
  Wireless  N access is needed.  Will a DAP 1522 (Wireless N access point / switch) offer the same wireless performance as a Linksys wireless N router?
  I just bought the DAP access point and am getting 100-130 mb/s with a strong signal.  Would the router work better with its giant antennae?
  Nick

  DAP 1522 is a good acess point. It  lets you connect up to 4 Ethernet-enabled devices such as set top boxes, game consoles, or computers to an existing Wi-Fi network for on-demand broadcast, online gaming, or media streaming throughout the home.
  With dual-band wireless capabilities, the DAP-1522 is ideal for wireless HD video streaming and gaming applications because entertainment content can be sent over the less crowded 5GHz band.
  The DAP-1522 can also be used to create a new 802.11n wireless network using its Access Point feature. Simply connect it to an existing wired or wireless router, and you'll enjoy greater range and data speeds in seconds.

• Do I need a router to interface with my wireless laptop and printer, or can booth tooth.

  Im having a problem interfacing the HP B210 all in one wireless printer to my ASUS wireless Laptop. Do I need a router or can I some hoe make the wireless connection using my blue tooth on my laptop. Please help.

  Well, the printer does not have bluetooth so that will not work.
  However, you can connect to it directly via wi-fi on your laptop.  From the front of the printer go to: Setup > Network > Restore Network Defaults.
  Now, on your PC, look for a wireless network beginning with "HP".  Join it.  There is no password.
  Now, go to Control Panel > Printers and Add a Printer.
  Say thanks by clicking "Kudos" "thumbs up" in the post that helped you.
  I am employed by HP

• Do I need a router when I have time capsule

  I'm so new with iMac. Thinking getting a time capsule for movies and music so if I get a time capsule do I need a rout with it

  Time capsule is a backup device not a media server.. it will not work at all well as a place to store your itunes or iphoto libraries..
  Read around carefully for what people use but TC has no internal method to automatically backup.. anything stored on the TC even if you only use it for file storage is lost. if the TC dies.. which they do.
  If you still want to use it. a TC is basically an airport extreme.. ie wireless router with built in hard disk drive.

• Need a router to conect ipad to a telstra 4G usb Sierra wireless "AirCard 320U

  need a router to conect ipad to a telstra 4G usb Sierra wireless "AirCard 320U

  You need a MiFi. Talk to your cell provider.

• Is a modem enough?  Or do I need a router?

  No, really, that's my question.  Bear with me; I'm ignorant of how this is supposed to work, though I think I understand the very basic principles.
  I have an old zoom modem that for six years has wirelessly connected my iMac to the internet.  The network is sometimes very unreliable and I have to restart the modem and fool with settings to get it working again; that sometimes fixes it for several months, but sometimes I get dropped freqently for weeks before something fixes itself.  However, the network always shows up in the drop-down list.  I'm in an 800 squ. ft. apartment in a large building and surrounded by 15 or so home networks, but I'd like to add a wireless printer and connect remote speakers with an Airport Express, so I want it solid before I start playing with more devices.
  Given the number of wireless setups around me, I recently I decided to make my network more secure because the modem was not encrypted and I had no wireless security set up in my network preferences.  But as soon as I started playing with encryption on the modem and/or adding WPA2 security on the network preferences, everything became unstable.  The network still shows up in the drop-down list (the one that comes up when I click on the network icon in the menu bar), but it usually wants me to enter a WEP password and doesn't let me connect, etc.  If I reboot the modem and restart the computer (I think the latter helps) I get a connection; that might work for several days or for only hours.  Sometimes rebooting the computer helps too.  But, like I said, the only time I have anything that stays stable for any length of time is with no security.
  So I've got to do something.  People are always talking about routers connected to modems, but the guy at my ISP said that for my purposes a modem alone would be enough.  He suggested connecting an ethernet cable and creating a new network to see if that alone will help, and if the wireless setup still doesn't work I should replace the modem.
  So, considering my modest demands on the network, do I need a router?  Shouldn't a wireless dsl modem be enough, even if I need to replace this one?
  Edited to add: my understanding is that everything on the network is connected to the modem, which is why he said the modem is all I need.  Is this wrong?  I just got an iPod touch and all I had to do was sign in to the network.  Right now I've had a few days of stability, so I haven't gotten so see if it loses the network when the iMac does.

  A potential problem with a non-Apple router is compatibility.  Some brands tend to be better than others.  Also there is the question of support.  Few if any mfgrs. provide support for Macs.  That said I would give a qualified thumbs-up to D-Link routers.  They do work well with Macs and can be easily configured with a browser.  Mac support is available although minimal.  D-Link also sells access points that can be used much like an Airport Express.
  Any problems with WPA on your Zoom is likely because it's very old.  The modem may not even be DOCSIS 2 compatible given its age.
  Consult with your ISP to determine what they recommend for a replacement modem or what they currently provide in new installations.  Whatever you do a new modem may require provisiioning with the ISP.
  I don't believe Tesserax or I made conflicting statements about needing a router to connect multiple devices.  If there's any question here, then the answer is, "Yes.  You need some type of router to connect multiple devices.  It could be separate from the modem or it could be built-in to the modem like what you now have.

• Need firewall/ router / nat / vpn recommendation

  As the title states, I'm looking for an all-in-one hardware solution (not software) that will work seemlessly with our xserve. Right now we are using a consumer grade Linksys vpn/router as a temporary solution. We also have a business series linksys 24-port switch, so I don't need the router to handle any of that.
  We have about 15 users in the office. The vpn will need to support about 3-5 users at any one time, both Mac and Windows clients. We would like to utilize PPTP since it is easier to setup. The internet is provided via Cox cable and sits around 5MB of bandwidth.
  Any recommendations would be greatly appreciated. I would prefer to base this purchase on those who use a solution in a production environment as opposed to hearsay.
  Thanks in advance.

  We use a SonicWALL TZ 170 for that, and it works fine. The current product is the TZ 180, its replacement, which is a bit faster. The TZ 180 can handle 5 MB bandwidth with Intrusion Prevention Services on (signature watching on packet inspection); about 6 MB is the real limit for the TZ 170 with IPS (don't believe the marketing sheets that say faster). With 15 users in your office, you might want the PRO 2040 rather than the TZ 180 for increased processor power. Avoid the 1260, which is essentially just a TZ 170 with a switch on the back end.
  Supports the major VPN protocols. If you want to use IKE, you will need the Equinux VPN Tracker client for the Macs (SonicWALL doesn't have a Mac VPN client). Note that their Vista VPN client is now in beta, people are having mixed results with it. No Vista 64 bit VPN client is even announced.
  We have used it for several years with Mac VPN (VPN Tracker) from iMacs at our homes to our Xserve G5 and LAN, works fine. SonicWALL support is Mac hostile, they claim it doesn't work with Macs. Hogwash. Be prepared for Bob from Bangalor for the Level 1 and Level 2 support people, who seem untrained on the product line. The Level 3 support people are good, except when you get the anti-Macintosh bigots.
  If you need to do NAPT (NAT with port translation), you will have to get the SonicOS Enhanced OS. SonicOS Standard can do NAT but not port translation. The learning curve on SonicOS Standard is not that bad; SonicOS Enhanced is a very different animal - more powerful and featured but more difficult to set up.
  Sonic's business model is to pretty much give the hardware away and make it up on support contracts/licenses for firmware/hardware support, IPS, Anti-Spyware, Anti-Virus licensing, etc. The hardware is reliable.
  Hope that helps,
  Russ
  Xserve G5 2.0 GHz 2 GB RAM   Mac OS X (10.4.8)   Apple Hardware RAID, ATTO UL4D, Exabyte VXA-2 1x10 1u

• I´m doing a design for presale, where I will need a router what support PAT for 500 or a little more of users, it not need any more features only static routing and dhcp pool for 500 users, can you help me for know what router recommend?

  I´m doing a design for presale, where  I will  need a router what support PAT for 500 or a little more of users, it  not need any more features only static routing and dhcp pool for 500 users, can you help me for know what router recommend?

  What is your WAN speed currently and projected WAN speed in the next 3 years?

• I need my router password - I do not remember what it is

  I need my router password- do not remember what it is. How do I retrieve it

  Easiest way is probably to do a hard reset (how ya do that differs with modem brand) so it reverts to the default password (and login) and then you can reset it to the password to what you WANT it to be. The defaults should be on a label on or under the modem, unless it's been removed, and I suppose, alternatly, you can contact the manufacturer support if you can't find it that way.

• Issue with HP 3600n, NetGear Wireless Router and SUBNETS!!

  Hello All,
  I want to say (admit) first off that I am a PC person. The school I work for has recently acquired some new iMacs and I have to say I am very impressed with the design, ease of use and reliability. I can't believe I am saying these things out loud! Here, however, is my dilemma and I am hoping a community with a little more experience than me can help out. I searched through these discussions already and found some useful info, but nothing to really nail it on the head. My situation may be unique, but I am not sure. Here goes:
  The school building we occupy is very old. Each classroom has only ONE data drop in it. Each classroom has a few PCs and a few Macs (mostly the newer iMacs). In one classroom in particular, I am unable to print wireless-ly to a networked HP LaserJet 3600n I have setup elsewhere on the network. Here is the network breakdown:
  Main network (FIOS modem to SonicPro 2040 Firewall)= 192.168.168.xx. The HP Printer has an IP address on this scope. The classrooms have a NetGear WGR16 setup to act as a switch and wireless access point. The WGR16 also distributes IPs on it's own subnet, 192.168.1.xx. The iMac connects wireless-ly to this NetGear and receives an IP of 192.168.1.xx.
  The PCs in the classrooms connect directly to the NetGear Router via an Ethernet cable. The PCs can see the printer, the firewall and get out to the internet with no problems. They can print with no issues. The iMac, however, can get out to the internet but cannot see the HP printer on the other scope. I know how to add a printer in Windows directly via an IP address, but trying that with the Mac doesn't get me anywhere, probably because I am not doing something correctly. I can get the Mac to print to the HP printer's IP directly but it just sends garbled text to the printer and then shoots out 100 blank pages (lol).
  The Mac, HOWEVER, can print with no problem wireless-ly to another networked printer I have elsewhere on another scope (it's a Lexmark C532n).
  I am thinking the issue has more to do with the HP printer than anything else but my questions are:
  1. What is the best way to have Macs recognize printers that are on different subnets if the built in features of Mac OSX aren't "seeing" the printer?
  2. Are there any specific issues with the NetGear Router or HP Printer that I should know about and address to solve this issue?
  3. We are a school on a limited budget so purchasing any additional hardware is not likely.
  I appreciate anyone who has read this entire rambling discussion and certainly appreciate any help in moving things in the right direction. Please let me know if I need to clarify anything I have said here.
  Thanks much!!

  I just had the same problem with my MacBook Pro using 10.5.5 After trying a number of things, the following worked. (not sure what specifically ... just did this combination)
  1. Had the Apple store Genius Bar folks install the latest HP drivers.
  2. Restart computer
  3. Restart the HP Color LaserJet 3600
  4. Connected the HP printer and MacBook Pro directly into a switch, so the wireless was not an issue (both machines had IP addresses set and computer's was set to DHCP with manual IP).
  5. Instead of using the System Preference printing and fax tool, I started Text Edit, typed something and said "print".
  Print window came up and said "no printer selected"
  6. I clicked on the drop down so it would look for printers.
  7. It found the HP Color LaserJet 3600.
  8. I clicked on the name of the printer and the computer went out and found the driver
  9. I clicked on "Add" and it added the printer.
  10. I tried a couple of test prints in different programs.
  11. I disconnected the hard wired ethernet cables and set the computer to be on the wireless.
  12. I printed a few more test prints in various programs.
  I had previously tried selecting the printer and drivers through the System Preferences to no avail, but doing it this way worked.
  Blessings

• As a Verizon FIOS client, can we just use Ethernet cable to connect to time capsule, or do we need their router to connect to the time capsule?

  As a Verizon FIOS client, can we just use Ethernet cable to connect to time capsule or do we need the Verizon router to connect to time capsule?

  The Time Capsule is indeed a wireless router with simultaneous dual band capability...and a hard drive for backup purposes. You can use that to your advantage if you configure the Time Capsule as I suggested in Bridge Mode.
  The Time Capsule will provide a 802.11n 5 GHz band and a 802.11n/g/b compatible 2.4 GHz band to allow virtually any device to connect to the network.
  I suppose that you could also use the "g" wireless network provided by the Verizon router as a "guest" network or something similar if you really do need another wireless network.
  It might be possible to configure the Time Capsule as the main router on the network....that's a question for Verizon. But even if you might be able to do this, I'm sure it is not supported by Verizon, so you would be on your own in the event of any Internet connection difficulties on your service.
  And, since the Time Capsule does not have a built in modem....you would still need to add a separate modem to the installation anyway.
  That's why my suggestion is to use the Verizon device as the "modem" and let the Time Capsule provide the dual band wireless network and of course, handle the Time Machine backups.

• Need to route traffic based on destination to 2 different routers

  I have a 4451X that has a default route of 10.10.48.1. I have 2 other internet routers at 10.10.48.15, and 172.31.1.3.
  The router at 172.31.1.3 is a VPN firewall and has a VPN to 3 specific IP networks. 172.31.252.0/24, 192.168.252.0/24, and 192.168.163.0/24.
  I need the traffic headed to the 3 VPN'd networks to route to 172.31.1.3, and the remaining traffic to route to 10.10.48.15.
  The source network is 172.31.0.0/23 and the gateway of the machines is 172.31.0.1.
  I tried creating a PBR but the internet traffic seems to go outbound through the router's default route of 10.10.48.1 and not 10.10.48.15.
  I am sure I am just missing something silly.
  Here are the relevant portions of the config:
  interface GigabitEthernet0/0/1
   ip address 172.31.0.20 255.255.254.0
   ip nat inside
   ip policy route-map Test
   negotiation auto
   vrrp 1 ip 172.31.0.1
   vrrp 1 priority 105
  interface GigabitEthernet0/0/1.2
   encapsulation dot1Q 2
   ip address 10.10.48.12 255.255.255.224
   ip nat inside
   ip access-group 199 in
   vrrp 1 ip 10.10.48.3
   vrrp 1 priority 105
   vrrp 2 priority 105
   no cdp enable
  ip route 0.0.0.0 0.0.0.0 10.10.48.1
  ip route 0.0.0.0 0.0.0.0 172.31.1.3 2
  access-list 116 permit ip 172.31.0.0 0.0.1.255 172.31.254.0 0.0.0.255
  access-list 116 permit ip 172.31.0.0 0.0.1.255 192.168.252.0 0.0.0.255
  access-list 116 permit ip 172.31.0.0 0.0.1.255 192.168.163.0 0.0.0.255
  route-map Test permit 19
   match ip address 116
   continue 20
   set ip next-hop 172.31.1.3
  route-map Test1 permit 20
   set ip next-hop 10.10.48.15
  Thanks in advance.
  Burton Hallman

  Firstly I'm not sure why you have two default routes if everything is meant go via 10.10.48.1 ?
  That aside in terms of your PBR -
  1) remove the continue statement. I don't know what it is meant to be doing but as far as i know it has no effect with PBR
  2) more importantly your second statement is using a different route map name ie Test1 which makes it a completely different route map so the one applied to the interface only has the first statement in it which is the one for VPN traffic.
  Jon

• Do I need a router or a switch

  I have an adsl (UK) modem and it is linked to an Airport extreme giving a wireless network all works fine. I now need to take a fixed wire internet connection to a separate component of the electrical system for web based security monitoring. Clearly I could take the connection from the AE lan connection BUT the positioning and wiring in the house does not really allow this easily - so I wondering could I insert a router or is it a switch afetr the modem with one connection to the AE feeding the wireless network and a second wire to the security system?
  Any thoughts ?

  A router would be the best bet as it could run both at once. If you only need to monitor the connection once in a while a switch would be OK but a cheap router would be a better investment.