In article
,
leebridgewater@gmail.com wrote:

> Hi Group
>
> I'm really new to subnets and TCP in general, I have a question which
> one of you experts will probably be able to answer clearer than any
> explanations out on the internet via google.
>
> I have an ADSL router which has an internal IP addresss of 192.168.1.1
> this then connects to my small business server's first nic which has
> an IP address of 192.168.1.2. The second nic on the small business
> server connects to our internal network (our switch) and has an IP
> address of 192.168.10.1
>
> This works well at the moment, and all the above have a mask of
> 255.255.255.0
>
> I have installed a VMWARE virtual appliance to combat Spam hitting my
> exchange server on the small business server and assigned the virtual
> appliance the following IP address (the VMWARE virtual appliance's
> network interface is set to BRIDGED mode)
>
> IP Address: 192.168.1.3
> Default Gateway: 192.168.1.2
> Subnet Mask: 255.255.255.0
>
> Whatever the reason, it doesnt work.
>
> If I set the appliance IP address to 192.168.10.3 / Gateway
> 192.168.10.1 / 255.255.255.0 it works!
>
> With that in mind, here is my question regarding subnetting.
>
> If I would like to forward all external connections to port 25 of the
> virtual appliance (192.168.10.3) what rule do I need to setup in the
> router to allow the router to route to the different subnet
> (192.168.10.x) as it's own subnet is in the 192.168.1.x range)?
>
> Do I need to setup a static route with a mask of 255.255.255.255 ?

You need to configure port forwarding on the router: Forward SMTP port
25 to 192.168.10.3.

You also need to configure a static route for 192.168.10.0 mask
255.255.255.0 via 192.168.1.2.

--
Barry Margolin, barmar@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***

On 17 Jul, 02:43, Barry Margolin wrote:
> In article
> ,
>
>
>
>
>
> *leebridgewa...@gmail.com wrote:
> > Hi Group
>
> > I'm really new to subnets and TCP in general, I have a question which
> > one of you experts will probably be able to answer clearer than any
> > explanations out on the internet via google.
>
> > I have an ADSL router which has an internal IP addresss of 192.168.1.1
> > this then connects to my small business server's first nic which has
> > an IP address of 192.168.1.2. The second nic on the small business
> > server connects to our internal network (our switch) and has an IP
> > address of 192.168.10.1
>
> > This works well at the moment, and all the above have a mask of
> > 255.255.255.0
>
> > I have installed a VMWARE virtual appliance to combat Spam hitting my
> > exchange server on the small business server and assigned the virtual
> > appliance the following IP address (the VMWARE virtual appliance's
> > network interface is set to BRIDGED mode)
>
> > IP Address: 192.168.1.3
> > Default Gateway: 192.168.1.2
> > Subnet Mask: 255.255.255.0
>
> > Whatever the reason, it doesnt work.
>
> > If I set the appliance IP address to 192.168.10.3 / Gateway
> > 192.168.10.1 / 255.255.255.0 it works!
>
> > With that in mind, here is my question regarding subnetting.
>
> > If I would like to forward all external connections to port 25 of the
> > virtual appliance (192.168.10.3) what rule do I need to setup in the
> > router to allow the router to route to the different subnet
> > (192.168.10.x) as it's own subnet is in the 192.168.1.x range)?
>
> > Do I need to setup a static route with a mask of 255.255.255.255 ?
>
> You need to configure port forwarding on the router: Forward SMTP port
> 25 to 192.168.10.3.
>
> You also need to configure a static route for 192.168.10.0 mask
> 255.255.255.0 via 192.168.1.2.
>
> --
> Barry Margolin, bar...@alum.mit.edu
> Arlington, MA
> *** PLEASE don't copy me on replies, I'll read them in the group ***- Hide quoted text -
>
> - Show quoted text -

Thanks for the heads up Barry, I'll give this a go and come back to
you if I get stuck!

Lee

I think I'm a little confused.

Within my router's control panel under "IP Routes" I can add the
following information:

Destination IP =
Gateway IP =
Netmask =
Cost = (Default 1)

I'm unsure what to enter above?

Thanks in advance

Lee

In article
<18496f9c-e9ec-43a6-bd3a-689b6cdf6768@m45g2000hsb.googlegroups.com>,
leebridgewater@gmail.com wrote:

> I think I'm a little confused.
>
> Within my router's control panel under "IP Routes" I can add the
> following information:
>
> Destination IP =
> Gateway IP =
> Netmask =
> Cost = (Default 1)
>
> I'm unsure what to enter above?
>
> Thanks in advance
>
> Lee

Destination = 192.168.10.0
Gateway = 192.168.1.2
Netmask = 255.255.255.0

--
Barry Margolin, barmar@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***

On Thu, 17 Jul 2008 23:32:10 -0400, Barry Margolin wrote:

> In article
> <18496f9c-e9ec-43a6-bd3a-689b6cdf6768@m45g2000hsb.googlegroups.com>,
> leebridgewater@gmail.com wrote:
>
>> I think I'm a little confused.
>>
>> Within my router's control panel under "IP Routes" I can add the
>> following information:
>>
>> Destination IP =
>> Gateway IP =
>> Netmask =
>> Cost = (Default 1)
>>
>> I'm unsure what to enter above?
>>
>> Thanks in advance
>>
>> Lee
>
> Destination = 192.168.10.0
> Gateway = 192.168.1.2
> Netmask = 255.255.255.0

Note that in the original setup, there already is communication, so the
route probably already is there.

M4

In article ,
Martijn Lievaart wrote:

> On Thu, 17 Jul 2008 23:32:10 -0400, Barry Margolin wrote:
>
> > In article
> > <18496f9c-e9ec-43a6-bd3a-689b6cdf6768@m45g2000hsb.googlegroups.com>,
> > leebridgewater@gmail.com wrote:
> >
> >> I think I'm a little confused.
> >>
> >> Within my router's control panel under "IP Routes" I can add the
> >> following information:
> >>
> >> Destination IP =
> >> Gateway IP =
> >> Netmask =
> >> Cost = (Default 1)
> >>
> >> I'm unsure what to enter above?
> >>
> >> Thanks in advance
> >>
> >> Lee
> >
> > Destination = 192.168.10.0
> > Gateway = 192.168.1.2
> > Netmask = 255.255.255.0
>
> Note that in the original setup, there already is communication, so the
> route probably already is there.
>
> M4

I didn't get that impression from the first post, since he asked how to
get the router to communicate with the 192.168.10.0/24 subnet.

If this subnet is able to get out to the Internet, the server might be
doing NAT (e.g. if it has Internet Connection Sharing enabled).

--
Barry Margolin, barmar@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***

Hi Barry/Martjin

Thank you both for your comments.

I (slowly) figured out that the IP route would need to be as
suggested, however, I still do not any connection to that device
(192.168.10.3) from the internet.

I will mention that the NAT is being done via Small Business Server,
so the 192.168.10.3 machine can use the internet, I just cant seem to
route any external port to the machine.

When configuring static routes, the subnet is addressed by the 0? for
example 192.168.10.X subnet is configured as 192.168.10.0 is this
correct?

Thanks

Lee

On Fri, 18 Jul 2008 09:12:42 -0700, leebridgewater wrote:

> Hi Barry/Martjin
>
> Thank you both for your comments.
>
> I (slowly) figured out that the IP route would need to be as suggested,
> however, I still do not any connection to that device (192.168.10.3)
> from the internet.
>
> I will mention that the NAT is being done via Small Business Server, so
> the 192.168.10.3 machine can use the internet, I just cant seem to route
> any external port to the machine.

Yes, I should have thought of NAT, so my comment was incorrect. You need
the route. And if you have the route, you could turn of the NAT on that
machine (but not on the Internet router!).

> When configuring static routes, the subnet is addressed by the 0? for
> example 192.168.10.X subnet is configured as 192.168.10.0 is this
> correct?

In this setup, yes. In general, it depends. It's always the all-zero host
address, but f.i. is you use a /28 network (netmask 255.255.255.240) you
have subnets ending in .0, .16, .32, etc up to .240. See http://
en.wikipedia.org/wiki/Subnetwork for more info.

M4

In article
,
leebridgewater@gmail.com wrote:

> Hi Barry/Martjin
>
> Thank you both for your comments.
>
> I (slowly) figured out that the IP route would need to be as
> suggested, however, I still do not any connection to that device
> (192.168.10.3) from the internet.
>
> I will mention that the NAT is being done via Small Business Server,
> so the 192.168.10.3 machine can use the internet, I just cant seem to
> route any external port to the machine.

If the SBS is doing NAT, but not full-blown routing, then the static
route won't work. You may need to configure port forwarding on the SBS,
if it offers this.

Things would be much easier if you used a real router.

--
Barry Margolin, barmar@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***

On Fri, 18 Jul 2008 21:42:10 -0400, Barry Margolin wrote:

> In article
> ,
> leebridgewater@gmail.com wrote:
>
>> Hi Barry/Martjin
>>
>> Thank you both for your comments.
>>
>> I (slowly) figured out that the IP route would need to be as suggested,
>> however, I still do not any connection to that device (192.168.10.3)
>> from the internet.
>>
>> I will mention that the NAT is being done via Small Business Server, so
>> the 192.168.10.3 machine can use the internet, I just cant seem to
>> route any external port to the machine.
>
> If the SBS is doing NAT, but not full-blown routing, then the static
> route won't work. You may need to configure port forwarding on the SBS,
> if it offers this.

True (should have thought of that as well, but Windows is the only OS I
know that can NAT without routing). But isn't it easier to just turn on
routing at the SBS?

> Things would be much easier if you used a real router.

Easier for us. For the OP, get someone qualified to set it up or be
prepared to spend some time on setting it up. (And instead of a "real"
router, a small linux or *DBS box is also a good solution). If you hit a
brick wall with SBS, this is indeed the way to go.

M4

Thanks both of you for such clear explanations.

The only reason Small Business Server is doing the routing is it is
an old setup and back in the early days of small business server the
setup insisted on 2 network cards.

What kind of router would you recomend?

Thanks

Lee

On Sun, 20 Jul 2008 10:49:05 -0700, leebridgewater wrote:

> Thanks both of you for such clear explanations.
>
> The only reason Small Business Server is doing the routing is it is an
> old setup and back in the early days of small business server the setup
> insisted on 2 network cards.
>
> What kind of router would you recomend?

For now, just see if you can get by by enabling routing on the SBS.
Modern Windows is not that horrible on simple routing setups.

So:
1) Add the route on the modem
2) Disable Internet Connection sharing
3) Enable routing on the SBS

That should do the trick.

HTH,
M4

On 2008-07-18 21:42:10 -0400, Barry Margolin said:

> Things would be much easier if you used a real router.


This is an interesting point, Barry, pretty cool one. The more I've
traveled across the high-end router market through Wall St. and other
supercomputing users, and at the consumer product level, I find myself
more and more turning to small hosts based on *BSD (just a personal
preference, not advocacy) to get replicable, no-BS routing and packet
functions.

The small SOHO products seem designed to break something from the
get-go, and the high-end router products have too many damn features
that step on each other.

We are so losing talent in the marketplace to people who think Java is
the end-all of computer programming, and these folks are creeping into
RTOS development - yuck.

/dmfh

--
_ __ _
__| |_ __ / _| |_ 01100100 01101101
/ _` | ' \| _| ' \ 01100110 01101000
\__,_|_|_|_|_| |_||_| dmfh(-2)dmfh.cx