Announcement

Collapse
No announcement yet.

Wireless Connection to Internal Network

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Wireless Connection to Internal Network

    Hi,

    I have 2 Linksys Routers(1 WRT54G and 1 BEFSR41) and ISA Server 2004.
    The BEFSR41(connected to DSLModem) is connected to the External Nic on the ISA Server and with the configuration below:

    BEFSR41
    DHCP = NO
    IP: 192.168.1.1
    SUBnet 255.255.255.0
    Gateway = NO

    ISASERVER
    External NIC:
    DHCP = NO
    IP: 192.1681.2
    Subnet: 255.255.255.0
    Gateway: 192.168.1.1

    Internal NIC:
    DHCP = NO
    IP: 192.168.20.1
    Subnet: 255.255.255.0
    Gateway: NO

    WRT54G
    DHCP = NO
    IP: 192.168.10.1
    Subnet: 255.255.255.0
    Gateway: 192.168.1.1

    The Wireless clients are getting IP Address from my Internal DHCP Server.
    The Problem that i'm having is that my Wireless Clients cannot access my internal Network through VPN, get an error 800. They can recieve emails from my internal Exchange Server, thye can browse the internet, and they can access shared directories internally. They cannot use Remoted Desktop or Terminal server into the internal server. Any help would be appreciated.

  • #2
    Re: Wireless Connection to Internal Network

    Originally posted by Fash
    Hi,

    I have 2 Linksys Routers(1 WRT54G and 1 BEFSR41) and ISA Server 2004.
    The BEFSR41(connected to DSLModem) is connected to the External Nic on the ISA Server and with the configuration below:

    BEFSR41
    DHCP = NO
    IP: 192.168.1.1
    SUBnet 255.255.255.0
    Gateway = NO

    ISASERVER
    External NIC:
    DHCP = NO
    IP: 192.1681.2
    Subnet: 255.255.255.0
    Gateway: 192.168.1.1
    I assume 192.1681.2 = 192.168.1.2

    Originally posted by Fash
    Internal NIC:
    DHCP = NO
    IP: 192.168.20.1
    Subnet: 255.255.255.0
    Gateway: NO

    WRT54G
    DHCP = NO
    IP: 192.168.10.1
    Subnet: 255.255.255.0
    Gateway: 192.168.1.1
    The default gateway 192.168.1.1 is not on the 192.168.10.1 subnet. This will cause problems.

    Originally posted by Fash
    The Wireless clients are getting IP Address from my Internal DHCP Server.
    The Problem that i'm having is that my Wireless Clients cannot access my internal Network through VPN, get an error 800. They can recieve emails from my internal Exchange Server, thye can browse the internet, and they can access shared directories internally. They cannot use Remoted Desktop or Terminal server into the internal server. Any help would be appreciated.
    [/QUOTE]
    VCDX3 #34, VCDX4, VCDX5, VCAP4-DCA #14, VCAP4-DCD #35, VCAP5-DCD, VCPx4, vEXPERTx4, MCSEx3, MCSAx2, MCP, CCAx2, A+
    boche.net - VMware Virtualization Evangelist
    My advice has no warranties. Follow at your own risk.

    Comment


    • #3
      Re: Wireless Connection to Internal Network

      Yes it is 192.168.1.2....oooppppsssss
      Since i have 2 different subnets, where would i put in the gateway 192.168.1.1 and 192.168.10.1 on? on the isa or the wired linksys router?

      Comment


      • #4
        Re: Wireless Connection to Internal Network

        So your network looks like the attached diagram.

        What is the WRG54T connected to?

        What device is responsible for DHCP?

        What are the VPN endpoints?

        The WRG54T specifies that its default gateway is the external interface of the ISA server.

        The WRG54T is on the wrong subnet. I'm guessing it's supposed to be on the 192.168.1.0 subnet.
        Attached Files
        Last edited by jasonboche; 28th May 2006, 05:15.
        VCDX3 #34, VCDX4, VCDX5, VCAP4-DCA #14, VCAP4-DCD #35, VCAP5-DCD, VCPx4, vEXPERTx4, MCSEx3, MCSAx2, MCP, CCAx2, A+
        boche.net - VMware Virtualization Evangelist
        My advice has no warranties. Follow at your own risk.

        Comment


        • #5
          Re: Wireless Connection to Internal Network

          How do i view attachments? i will be making some modification to setup. I will update you on the outcome. Thanks

          Comment


          • #6
            Re: Wireless Connection to Internal Network

            How do you open the attachment? Use your left mouse button to click on the attached diagram.
            VCDX3 #34, VCDX4, VCDX5, VCAP4-DCA #14, VCAP4-DCD #35, VCAP5-DCD, VCPx4, vEXPERTx4, MCSEx3, MCSAx2, MCP, CCAx2, A+
            boche.net - VMware Virtualization Evangelist
            My advice has no warranties. Follow at your own risk.

            Comment


            • #7
              Re: Wireless Connection to Internal Network

              it just says attached Thumbnails but i cannot do anything with it. This is the first time i posted something

              Comment


              • #8
                Re: Wireless Connection to Internal Network

                There is a large image right below where it says "attached thumbnails".

                I don't know why you can't see it. If you see it, you should click on it to see the larger version.

                Try clicking on the link below to view it:
                http://forums.petri.com/attachment.p...6&d=1148789526
                VCDX3 #34, VCDX4, VCDX5, VCAP4-DCA #14, VCAP4-DCD #35, VCAP5-DCD, VCPx4, vEXPERTx4, MCSEx3, MCSAx2, MCP, CCAx2, A+
                boche.net - VMware Virtualization Evangelist
                My advice has no warranties. Follow at your own risk.

                Comment


                • #9
                  Re: Wireless Connection to Internal Network

                  Thanks for the Link, that worked. The WRT54G is connected to a HUB and the Internal NIC on ISA server is on the HUB. I think the Default gateway should be 192.168.1.2 instead of 192.168.1.1 on WRT54G, correct me if i'm wrong.

                  Comment


                  • #10
                    Re: Wireless Connection to Internal Network

                    First a question of curiousity:
                    Why 192.168.10.1 for the Wi-Fi AP?

                    Quick network diag:

                    DSL -> Router -> ISA Server -> Hub

                    Hub -> Internal Exchange Server
                    Hub -> Wired Clients
                    Hub -> Wi-Fi AP


                    Where is your DHCP server located within the network? Is it on the ISA or Exchange servers, or on a different server entirely?


                    P.S. A co-worker said your problem is that there's a big thunderstorm going DIRECTLY into your DSL modem, which will inevitably cause problems
                    ** Remember to give credit where credit is due and leave reputation points where appropriate **

                    Comment


                    • #11
                      Re: Wireless Connection to Internal Network

                      Yeah it looks like one i wanted 192.168.10.1 on the Wi-Fi because i didn't want anyone to get into the Internal Network. The DHCP Server is on another server which is the DC, on this server, there's also DNS and WINS. Your Quick Diag is correct.

                      Comment


                      • #12
                        Re: Wireless Connection to Internal Network

                        I take it the DC is also in the internal network, attached to the hub?

                        Ok, since the Wi-Fi AP is behind the HUB and not handing out DHCP, it's basically acting as a Wi-Fi hub, correct? I'm a bit hazy on network analysis lol, please excuse anything REALLY stupid that I say / ask, mind's not completely in gear, but I swear, I used to know what I'm talking about a long time ago, LMAO!


                        How is the Wi-Fi AP on 192.168.10.1 when it's not doing DHCP? Or did you mean that it's not getting DHCP from the DC, that it's handing out its own DHCP for the wireless devices? If so, what is its "external" IP, that is to say, the one it is getting from the DC to mediate thr routing between the two subnets?
                        ** Remember to give credit where credit is due and leave reputation points where appropriate **

                        Comment


                        • #13
                          Re: Wireless Connection to Internal Network

                          No problem. DC is on internal network and DHCP is giving out to internal clients. Wi-Fi is configured as a DHCP as well and it's giving IP to wireless clients, that's why i put it in a different subnet. In order for the wireless client to access the internal network, they have to go through VPN, which i'm getting a error 721:server not responding. It's something similar to the following link http://www.isaserver.org/tutorials/2...sdmzpart1.html

                          Comment


                          • #14
                            Re: Wireless Connection to Internal Network

                            Ok, that makes a lot more sense. The VPN part in the first post didn't make a whole lot of sense until now. So here's an updated network diagram:

                            DSL -> Router ---192.168.1.x---> ISA Server ---192.168.20.x---> Hub

                            Hub ---192.168.20.x---> Internal Exchange Server
                            Hub ---192.168.20.x---> Domain Controller (DHCP / DNS / WINS / Active Directory)
                            Hub ---192.168.20.x---> Wired Clients
                            Hub ---192.168.20.x---> Wi-Fi AP

                            Wi-Fi AP ---192.168.10.x---> Wi-Fi Devices

                            Ok, so the Wi-Fi AP has an external IP on the 192.168.20.x network, and hands out 192.168.10.x IPs for the Wi-Fi devices.

                            Originally posted by Fash
                            The Problem that i'm having is that my Wireless Clients cannot access my internal Network through VPN, get an error 800. They can recieve emails from my internal Exchange Server, thye can browse the internet, and they can access shared directories internally. They cannot use Remoted Desktop or Terminal server into the internal server. Any help would be appreciated.
                            Based on the above quote, we can safely assume that a PC on Wi-Fi:

                            can:
                            get internet access
                            get email
                            access shared internal directories

                            cannot:
                            access the internal server via remote desktop / terminal server
                            send mail
                            VPN to ISA server


                            Question 1:
                            Is there a way for people outside of the internal network to access that internal exchange server?

                            Question 2:
                            Are your Outlook settings set up so that they will only access Exchange while inside the network, or are they configured for exchange over https (in otherwords, if someone had a laptop and was checking their email over an external wi-fi network, could they still get their email)? Yes, this question is similar to # 1, but there is a subtle difference that may be important.

                            Question 3:
                            You mentioned they can get email. Can they send email?

                            Question 4:
                            What's at the other end of the VPN, the ISA server I take it? Assuming so, is it configured to only allow VPN access via a particular subnet (in otherwords, through 192.16.10.x and not through 192.168.1.x)? Checked to see if the ports the VPN is using is blocked or not?


                            Hope I didn't ask something truly stupid lol! Asking questions based upon basic network / firewall logic. Come to think of it, I don't think we even have an ISA server at work lol! Got multiple ones of almost every other type though. BTW, thanks for the ISA link.


                            I'm assuming that this setup is new / has never worked as of yet, correct? That is, it wasn't working and then broke?
                            Last edited by Wired; 31st May 2006, 04:08.
                            ** Remember to give credit where credit is due and leave reputation points where appropriate **

                            Comment


                            • #15
                              Re: Wireless Connection to Internal Network

                              everything you have mentioned above is correct; i can recieve emails but cannot send (the messaging interface has returned an unknown error), i can access a shared directory but cannot Terminal into anything. No one can access the Internal Exchange server except through recieving emails. Question 2, are you referring to OWA?Question 3, on the other end of the VPN is ISA, i don't think the ports are blocked because i do have IPSEC, PPTP and L2TP open on the Wired Linksys router. This is a new setup. Just a Fyi, i just updated my firm on the WRT54G figuring that would help the VPN

                              Comment

                              Working...
                              X