Tech Support Guy banner
Status
Not open for further replies.
1 - 7 of 7 Posts

·
Registered
Joined
·
3 Posts
Discussion Starter · #1 ·
i'm managing a small network who's DNS doesn't seem to be working properly. it consists of a firewall connected to a cable modem, two routers connecting to the firewall (with about 5 systems on each router) and a computer attached to the router.

the reason for the routers is a split in the company, the only thing the two halfs share is the user on the lone computer attached to the firewall. right now she is VPNing into each router to access the shares behind each. she also hosts a server copy of symantec AV that hasn't been behaving poperly. none of the clients are getting updates, and i need them to be getting updates. even when the lone system is VPN'd in the systems still can't see her. she can however ping them.

now lets make up some IPs
firewall 10.0.0.1
dns 4.2.2.2 and 4.2.2.3

lone puter 10.0.0.100 (10.0.2/3.110 on VPN) static
dns 10.0.0.1 and 4.2.2.2

router 1 10.0.0.2 (wan) and 10.0.2.1 (lan)
dns 10.0.0.1 and 4.2.2.2

router 2 10.0.0.3 (wan) and 10.0.3.1 (lan)
dns 10.0.0.1 and 4.2.2.2

systems behind the routers have dhcp enabled and pull IPs similar to 10.0.X.100. Systems behind the router with shares have static IPs reflecting settings on their DHCP counterparts. is this the proper setup here? it seems to me that everything should be able to resolve every other things IP with this configuration but that's not how it's happening in the real world. finally two questions. Gateway or router for the routers? i have them set to gateway atm. and finally static routes? should i need them here at all or should the routing protocol take care of things?

thank you in advance.
 

·
Super Moderator
Joined
·
43,961 Posts
If the firewall has 2 routers going into it, as well as the outgoing to the internet, it should have 3 IP addresses.

What firewall do you have?

What routers do you have?

Where is DHCP located? On both routers or at the firewall?
 

·
Registered
Joined
·
3 Posts
Discussion Starter · #3 ·
DHCP is coming down from all three devices although it can probably be done away with there are occational users that log onto the network. sonic wall tz150 and two linksys rv042's if memory serves.
 

·
Super Moderator
Joined
·
43,961 Posts
The firewall should be having static IP addresses that correspond to the LAN side.

If she can ping to but cannot be seen from, then she has a firewall in place, or ethier a router or the firewall is blocking the traffic outwards.

It looks like your network needs to be rethought out. Why on earth does she have the server version of Symantec? You should tell her that you should put that on a machine, like an Application machine, so that way the clients can get the updates from there instead of waiting for her to be VPNed.
 

·
Registered
Joined
·
3 Posts
Discussion Starter · #5 ·
right now what i'm trying to accomplish is putting the standalone client on each system on the network. as it stands each current client version is locked and can't be removed because they don't have access to the server (which governs what they can and cannot do). this system was disignated the AV host a few months back when the companies were on better terms and all under one firewall. now that they are seperate the AV is the last thing to go.

the reason for the post is first and formost to remove the AV from the clients but i'm also rethinking the network (i have a feeling that there is an easier way to handle this but it's escaping me atm).
 

·
Super Moderator
Joined
·
43,961 Posts
Well, I would have probably did a VLAN, being a CISCO fan, though I doubt the two companies will shell out for a router and switches just for that, especially for CISCO hardware :D

As for the main problem, the AV, is the person that is VPN'ing on a laptop? if so then couldn't he/she come in and hook up to the network so that way the machine can talk to the other machines?
 

·
Retired Moderator
Joined
·
106,726 Posts
I'm still curious about the comment.
now lets make up some IPs
How about we use the real ones so we know what's going on?
 
1 - 7 of 7 Posts
Status
Not open for further replies.
Top