im having some Trouble connecting or even pinging an Internal Server on my Network. Firstly However ill give you an out lay. wisp provider Comes in with a Public IP to which they NAT into a
192.168.2.x Subnet Providing a GW of 192.168.2.1 . The Cable goes from that into my RB2011iL on Eth 10 which is Bridged to Eth 9. The WAN Bridge has the IP of 192.168.2.10 assigned.
Eth 1-8 have a LAN bridge with the IP 192.168.0.10 assigned. The DHCP server run on this RB2011iL as well as FW rules to block access to some social media sites.
on Eth 1 and Eth 2 i have my "backbone" of the network on(A Netgear GS724TP on Eth 1 and a Cisco 2960-X on Eth 2). Eth 5 Is my internal NVR server to which i can see the DHCP
Server had assigned an address to it and i can see it under my ARP entries. but i cannot ping it and it can ping out to internal network. On Eth 6/7 i have 2 internal computers needing
to be behind the router/FW. on Eth9 i have another Server which needs to be exposed to the WISP on the WAN Bridge. Please can someone advise me on correctly configuring this Router
or perhaps point me to where i have made a mistake or could improve. Please see below my configuration. I also have an issue where Cell phones can still access youtube.
-
-
D4RKHORSE95
just joined
- Posts: 13
- Joined:
- Location: South Africa
Cant Ping Internal Server but can see an ARP entry and the server can ping out
You do not have the required permissions to view the files attached to this post.
-
-
bramwittendorp
Member Candidate
- Posts: 101
- Joined:
- Location: The Netherlands
- Contact:
Re: Cant Ping Internal Server but can see an ARP entry and the server can ping out [SOLVED]
It's nicer to post your export in a forum post using the brackets. I've downloaded and looked through your configuration:
You have an DHCP-server running on the LAN S Bridge. This DHCP-server sends the clients the gateway 192.168.0.10, but that gateway is only bound to the Ether2 interface, you'll probably need to change that IP-configuration, so the default gateway is applied to the LAN S Bridge interface instead of ether2.
Also:
You're masquerading traffic that leaves the router on the Ether1 interface as well. Might be a good idea to change this so that only traffic exiting ether10 (the actual WAN-interface) is being masqueraded.
Code: Select all
Code: Select all
/ip dhcp-server
add address-pool=dhcp disabled=no interface="LAN S Bridge" name="DHCP Office Lan"
/ip address
add address=192.168.2.10/24 interface="Ether10 (BreedeNet Antenna)" network=192.168.2.0
add address=192.168.0.10/24 interface="Ether2 (Resa Managed 2)" network=192.168.0.0
/ip dhcp-server network
add address=192.168.0.0/24 gateway=192.168.0.10 netmask=24
Also:
Code: Select all
/interface list member
add interface="WAN S Bridge" list=WAN
add interface="Ether1 (Resa Managed 1)" list=WAN
/ip firewall nat
add action=masquerade chain=srcnat out-interface-list=WAN
-
-
D4RKHORSE95
just joined
- Posts: 13
- Joined:
- Location: South Africa
Re: Cant Ping Internal Server but can see an ARP entry and the server can ping out
Ill remember this for next time when posting in the forum. Thanks for your help on this.
That i believe i can do ( The change of where the DHCP server is bound to Distribute settings)
I'm unsure of how to go about changing the ports to which the WAN is listed. I'm sure i did this through Winbox
but it seems i did something wrong somewhere. As for the rest of the configuration is it look okay or what could i
possibly improve upon/add to "bolster" my environment?
That i believe i can do ( The change of where the DHCP server is bound to Distribute settings)
I'm unsure of how to go about changing the ports to which the WAN is listed. I'm sure i did this through Winbox
but it seems i did something wrong somewhere. As for the rest of the configuration is it look okay or what could i
possibly improve upon/add to "bolster" my environment?
Who is online
Users browsing this forum: Bing [Bot] and 122 guests